| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 65814 | 2006-01-31 22:32:00 | Annoying popup | Sapperbro (6562) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 425907 | 2006-01-31 22:32:00 | Folks, I have a small curly problem. I have a popup window telling me that NT Kernel and System is blocked access to my network. The file is ntoskrnl.exe. It sits in the system32 directory. The popup flicks up every 3 minutes and the "click this box to prevent showing this again" doesn't work. Checked my firewall (Sygate) and can see where it is blocking but can't find where to authorise it if I need to. NT system in the Application is checked to be authorised. My network is only a ADSL passing through an 8 port router switch. My other computer is not connected to the network, but I have a copy centre machine connected through the switch. Everything else works, but this problem has only just occured. My OS is XP Pro Sp2 on NTFS. Where do I check within my system controls? Cheers, Ken |
Sapperbro (6562) | ||
| 425908 | 2006-02-01 00:11:00 | ntoskrnl.exe is a critical process in the boot-up cycle of your computer although should never appear in WinTasks under normal circumstances But ntoskrnl.exe can be altered by w32.bolzano and variants. If this process appears in WinTasks, you will have to remove this virus. For this you need your original install disc of Windows (I am assuming XP here). First, make sure you are logged on as Administrator then..... Follow these steps: # Insert the Microsoft Windows XP CD. (If you only have a recovery CD or a restore CD and not a Microsoft Windows XP CD don't go any further. You and I will then wait to see if anyone has any ideas on fixing this without a full-install WinXP disc!) # Reboot the computer; a message to press any key to boot from the CD will appear; when you see this message press any key. # In the Microsoft Windows XP setup menu press the R key to enter the recovery console. # Select the operating system you wish to fix, and then enter your administrator password. # Type expand d:\i386\ntoskrnl.ex_ c:\windows\system32 # You will then be asked if you wish to overwrite the file type Y and hit enter to overwrite the file. # Type exit to reboot the computer. |
SurferJoe46 (51) | ||
| 425909 | 2006-02-01 00:21:00 | . . . . forgot to add: you might get this resolved by running the chkdsk /r from the recovery part of the Windows XP full install disc . If after trying all of the above steps you are still encountering the same issue it's likely that Windows is severely corrupted and it is recommended you attempt to reinstall Windows . Finally, if during the Windows installation you encounter errors it's likely that your hard drive is bad anyway, and you still need to reinstall XP on a new or known good hdd . . |
SurferJoe46 (51) | ||
| 425910 | 2006-02-01 02:32:00 | Thanks, Joe. I'll post a result to this thread after I've worked through it. Regards, Ken |
Sapperbro (6562) | ||
| 425911 | 2006-02-01 03:32:00 | Joe, First up, I don't have w32.bolzano or anything remotely like it. XP will not let me reinstall from the main disk as it says I have a later version. Refer my first post regards SP2. I could however reinstall SP2 which I've done and that has replaced those files including ntoskrnl.exe. However, it is still popping up. My firewall (Sygate) still allows it but I see it is showing a different network address to my original setting. I think I may have changed a network setting the other day when I was installing a utility, but I can't remember for the life me what it was. Thanks anyway for your help. XP doesn't appear to have the repair facility that 98SE had. Cheers, Ken |
Sapperbro (6562) | ||
| 425912 | 2006-02-01 03:58:00 | If the problem only occurred recently you could try a system restore, or you could reinstall sygate and see if that makes a difference. | Overdrive_5000 (4950) | ||
| 425913 | 2006-02-01 04:20:00 | Have you scanned with a different AV program such as an online one for a second opinion? Your firewall shouldn't be interested in system files unless they are requesting net access. What sort of window does this pop-up belong to? Is it Sygates? What is it titled? |
Jen (38) | ||
| 425914 | 2006-02-01 05:12:00 | Have you scanned with a different AV program such as an online one for a second opinion? Your firewall shouldn't be interested in system files unless they are requesting net access . What sort of window does this pop-up belong to? Is it Sygates? What is it titled? He said that he has this error mesage: ntoskrnl . exe . . . . and from my research, it is not repairable without at least a chkdsk from the repair module of the XP disc, NOT the restore disc and certainly nor SP-2 . Activity of this sort is usually caused by the w32 . bolzano trojan . Unless he has a severly damaged HDD, and that's a moot point; he has a real problem . he said: "I have a popup window telling me that NT Kernel and System is blocked access to my network . The file is ntoskrnl . exe . It sits in the system32 directory . The popup flicks up every 3 minutes and the "click this box to prevent showing this again" doesn't work . Checked my firewall (Sygate) and can see where it is blocking but can't find where to authorise it if I need to . NT system in the Application is checked to be authorised . My network is only a ADSL passing through an 8 port router switch . My other computer is not connected to the network, but I have a copy centre machine connected through the switch . Everything else works, but this problem has only just occured . My OS is XP Pro Sp2 on NTFS . Where do I check within my system controls?" . . . and: "Refer my first post regards SP2 . " . . to which I ask: "what first post and where did it say he reinstalled it there?" Is this a continued post? I don't see here he said he cannot reinstall SP-2 . . do you? . . . and popping up every 3 minutes sure sounds like malware activity or damaged hardware to me . . . and the research I had to do on this last year . The only reason I am standing on this point is that I had the same thing last year . . . and it was w32 . bolzano . I had to burn it down and reinstall XP and SP-2 from scratch . The HDD was ok . I would not give this file permission to phone home by turning off the firewall . . . . . . it is being held in limbo, but every time it tries to get out, it gets blocked by the firewall . . . . bravo for it! |
SurferJoe46 (51) | ||
| 1 | |||||