[RESOLVED] Does anyone know what this is?

[buf]

My signature will tell you I use Sygate firewall--free version but I do not know if this is causing the dialog window to pop up in the Sys Tray. Some of the wording in the window is: "An application named NT Kernel and System(file name NTOSKRNL.exe) has been blocked from accessing the network". Nothing that I can detect is happening but this pop up(just did it) just bugs me cause I don't know what it is. I keep putting a check in the block to stop showing me the message but I guess each occurrence is a different "block".
This happens regardless of what I am doing. As usual, TIA

[poppy4]

From the looks of this, you may have 'malware'
a quote from the link below.

"Note: ntoskrnl.exe can be altered by the w32.bolzano and variants. If this process appears in WinTasks, please update your virus definations immediatly."

I think the key is if it's in wintasks.....check and see.

http://www.liutilities.com/products/...rary/ntoskrnl/

[fink]

It's a windows file related to networking. Some block it without problems and others let it access the internet equally without problems.

There's a very small chance it may be virus related (as with many files it could be a virus masquerading as a legit file) so to be on the safe side submit it here...

http://virusscan.jotti.org/

But I'd bet on it being non-infected since the viruses that use this particular name are uncommon.

more..
http://forums.sygate.com/vb/showthre...threadid=12989

[buf]

Thanks poppy4 but I chose to go with the link fink posted. See the post below.

[poppy4]

That's excellent, buf.
....all that matters is that you are satisfied with the resolution of your issue...

[buf]

fink, I went to the link you gave for jotti. There were several of the scanners that mentioned this, or some variation of it:
Backdoor.IRC. Mimic.a, detected as possibles. I also visited the forum and found someone suggesting that the notice be turned off or hidden. I did that and I haven't seen the popup this A.M.
I then ran every test I have on my machine and nothing was found. Those tests included: Adaware, Spybot, Spyware Blaster, AVG, A Square, ewido and finally Spy Sweeper---nothing was found!!
I think I can be satisfied that there isn't any trouble on this machine. The popup was more of an annoyance than a worry.
Thanks again to poppy4 and you also.
OH, AVG did "find" that the file in question (ntoskrnl.exe) had "changed". I don't rightly know what that truly means and I could not find any meaning of the word on the AVG site.

[HAN]

If memory serves, I'm pretty sure it is ok and it is related to networking. What I can't remember is if it can always be denied or if you need it sometimes. I guess my approach would be to deny it and see if you lose connectivity or a portion of your connectivity. If not, then denying it would be my choice. (I always deny if possible. Just a meany!!! )

[fink]

"changed" can mean different things. It could mean it's been updated during a service pack upgrade to a newer version or via a Microsoft Security/OS patch but it could also mean it's been changed by a virus.

I still think all is ok and I could find no correlation between any of those "possible" viruses and ntoskrnl but if it were my computer I'd err on the side of caution and do a couple of online scans here..

http://housecall.trendmicro.com/

and here...

http://www.pandasoftware.com/products/activescan.htm

[buf]

I couldn't get Housecall to run but Panda says my computer is clean. Thanks everyone.
I think I will just leave that "notice" that gave me the dialog message turned off. I haven't seen it all day since I turned it off this A.M., so that feature works.