|
-
May 17th, 2001, 01:24 PM
#1
 Trojan?
A few days back, my firewall picked up krnl386.exe trying to access the net. I checked this out and the program's version info seems authentic enough, but should my Windows Kernel Core be accessing the net?
Norton Firewall keeps blocking something with the:
"Default block Subseven/Backdoor trojan" rule. I checked the registry, and msconfig.exe but I can't find anything incriminating.
Does anyone have any info?
-
May 17th, 2001, 01:27 PM
#2
Fanatic Member
My computers firewall picks up kernel386 quite often but i don't think that it is doing any harm, programs like messanger or my virus checker when it needs to update send that through first
Some people have told me they don't think a fat penguin really embodies the grace of Linux, which just tells me they have never seen a angry penguin charging at them in excess of 100mph. They'd be a lot more careful about what they say if they had.
-- Linus Torvalds
[ Galahtech.com] | [ My Site] | [ Fishsponge] | [ UnixForum.co.uk]
-
May 17th, 2001, 11:39 PM
#3
Damn l thought this was going to be a thread about condoms
This one time at band camp.....
-
May 18th, 2001, 12:32 PM
#4
-
May 18th, 2001, 04:16 PM
#5
Whatever this thing is my firewall's blocking it's using port:
27374
-
May 18th, 2001, 04:30 PM
#6
PowerPoster
I have Norton too and it also seems the Win Kernal wants t access the internet (sometimes it says Explorer)  . I made a rule telling it to disallow every time with no adverse effects. I occasionally get an app called "@x$%&" or something like that trying to do the same, I always say no to that.
-
May 18th, 2001, 04:33 PM
#7
Fanatic Member
-
May 19th, 2001, 02:31 PM
#8
The port number it uses is the reason it's being blocked. However it is not the krnl386.exe that is causing these alerts, it is another program which I haven't determined yet. (krnl386.exe is about 120KB)
-
May 19th, 2001, 04:22 PM
#9
Instead of potentially deleting something needed by windows, y not just get a virus scanner. They also detect trojans.
-
May 20th, 2001, 06:47 AM
#10
-
May 20th, 2001, 06:51 AM
#11
Thats very odd. Norton is supposed to be one of the best. Did u have all the lattest updates?
-
May 20th, 2001, 07:05 AM
#12
Yeah. I update every month. I'm no fool when it comees to virii. I also enable the detect unknown virii thing as well. AV and Firewall are constantly running on my system, since I've been on certain websites, attacks have increased 2 fold.
-
May 20th, 2001, 09:45 AM
#13
Fanatic Member
Why is it that somebody like me (no firewall, virus scanner or security features of any sort) never gets a virus?
I feel left out. It is as if they don't care about me
-
May 20th, 2001, 09:57 AM
#14
PowerPoster
Nope, you're just VERY lucky never to have been probed. Don't push your luck anymore though.
-
May 20th, 2001, 11:42 AM
#15
Originally posted by V(ery) Basic
Why is it that somebody like me (no firewall, virus scanner or security features of any sort) never gets a virus?
I feel left out. It is as if they don't care about me
A firewall is most important. Viruses can usually be avoided by being careful what you download and by not using outlook or outlook express. I agree with chrisjk. zonealarm is free from www.zonelabs.com.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote
. It didn't get Kak