I keep on getting the following message from my firewall (Sygate 5.6) at startup:
"Ntoskrnl.exe" has changed since the last time you opened it. This could be
because you have updated it recently. Do you want to allow it access to the
network?
Detailed information from the firewall:
The executable has changed since the last time you used: C:\WINDOWS\System32\ntoskrnl.exe
File Version : 5.1.2600.1634
File Description : Jądro i system NT
File Path : C:\WINDOWS\System32\ntoskrnl.exe
Process ID : 0x4 (Heximal) 4 (Decimal)
Connection origin : local initiated
Protocol : UDP
Local Address : 10.0.0.26
Local Port : 138
Remote Name :
Remote Address : 10.0.0.255
Remote Port : 138 (NETBIOS-DGM - Browsing datagram responses of NetBIOS over TCP/IP)
Ethernet packet details:
Ethernet II (Packet Length: 244)
Destination: ff-ff-ff-ff-ff-ff
Source: 00-15-f2-9e-42-0a
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 128
Protocol: 0x11 (UDP - User Datagram Protocol)
Header checksum: 0xd723 (Correct)
Source: 10.0.0.26
Destination: 10.0.0.255
User Datagram Protocol
Source port: 138
Destination port: 138
Length: 8
Checksum: 0xaf57 (Correct)
Data (196 Bytes)
Binary dump of the packet:
0000: FF FF FF FF FF FF 00 15 : F2 9E 42 0A 08 00 45 00 | ..........B...E.
0010: 00 D8 01 26 00 00 80 11 : 23 D7 0A 00 00 1A 0A 00 | ...&....#.......
0020: 00 FF 00 8A 00 8A 00 C4 : 57 AF 11 02 80 0D 0A 00 | ........W.......
0030: 00 1A 00 8A 00 AE 00 00 : 20 45 4E 45 42 46 43 46 | ........ ENEBFCF
0040: 45 45 42 43 41 43 41 43 : 41 43 41 43 41 43 41 43 | EEBCACACACACACAC
0050: 41 43 41 43 41 43 41 41 : 41 00 20 45 4E 46 44 45 | ACACACAAA. ENFDE
0060: 49 45 50 45 4E 45 46 43 : 41 43 41 43 41 43 41 43 | IEPENEFCACACACAC
0070: 41 43 41 43 41 43 41 43 : 41 42 4F 00 FF 53 4D 42 | ACACACACABO..SMB
0080: 25 00 00 00 00 00 00 00 : 00 00 00 00 00 00 00 00 | %...............
0090: 00 00 00 00 00 00 00 00 : 00 00 00 00 11 00 00 14 | ................
00A0: 00 00 00 00 00 00 00 00 : 00 E8 03 00 00 00 00 00 | ................
00B0: 00 00 00 14 00 56 00 03 : 00 01 00 01 00 02 00 25 | .....V.........%
00C0: 00 5C 4D 41 49 4C 53 4C : 4F 54 5C 42 52 4F 57 53 | .\MAILSLOT\BROWS
00D0: 45 00 08 01 20 0F 01 10 : 1A 5C 00 00 00 00 00 00 | E... ....\......
00E0: 4D 41 52 54 41 00 20 4D : 6F 7A 69 6C 6C 61 2F 34 | MARTA. Mozilla/4
00F0: 2E 30 20 28 : | .0 (
I also used to have random BSOD's and restarts and minidump files refer to ntoskrnl.exe as well. I've just done a full reinstalation of Win Xp and I had one restart so far and keep getting this message from the firewall at startup.
Could anyone explain what it means?
"Ntoskrnl.exe" has changed since the last time you opened it. This could be
because you have updated it recently. Do you want to allow it access to the
network?
Detailed information from the firewall:
The executable has changed since the last time you used: C:\WINDOWS\System32\ntoskrnl.exe
File Version : 5.1.2600.1634
File Description : Jądro i system NT
File Path : C:\WINDOWS\System32\ntoskrnl.exe
Process ID : 0x4 (Heximal) 4 (Decimal)
Connection origin : local initiated
Protocol : UDP
Local Address : 10.0.0.26
Local Port : 138
Remote Name :
Remote Address : 10.0.0.255
Remote Port : 138 (NETBIOS-DGM - Browsing datagram responses of NetBIOS over TCP/IP)
Ethernet packet details:
Ethernet II (Packet Length: 244)
Destination: ff-ff-ff-ff-ff-ff
Source: 00-15-f2-9e-42-0a
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 128
Protocol: 0x11 (UDP - User Datagram Protocol)
Header checksum: 0xd723 (Correct)
Source: 10.0.0.26
Destination: 10.0.0.255
User Datagram Protocol
Source port: 138
Destination port: 138
Length: 8
Checksum: 0xaf57 (Correct)
Data (196 Bytes)
Binary dump of the packet:
0000: FF FF FF FF FF FF 00 15 : F2 9E 42 0A 08 00 45 00 | ..........B...E.
0010: 00 D8 01 26 00 00 80 11 : 23 D7 0A 00 00 1A 0A 00 | ...&....#.......
0020: 00 FF 00 8A 00 8A 00 C4 : 57 AF 11 02 80 0D 0A 00 | ........W.......
0030: 00 1A 00 8A 00 AE 00 00 : 20 45 4E 45 42 46 43 46 | ........ ENEBFCF
0040: 45 45 42 43 41 43 41 43 : 41 43 41 43 41 43 41 43 | EEBCACACACACACAC
0050: 41 43 41 43 41 43 41 41 : 41 00 20 45 4E 46 44 45 | ACACACAAA. ENFDE
0060: 49 45 50 45 4E 45 46 43 : 41 43 41 43 41 43 41 43 | IEPENEFCACACACAC
0070: 41 43 41 43 41 43 41 43 : 41 42 4F 00 FF 53 4D 42 | ACACACACABO..SMB
0080: 25 00 00 00 00 00 00 00 : 00 00 00 00 00 00 00 00 | %...............
0090: 00 00 00 00 00 00 00 00 : 00 00 00 00 11 00 00 14 | ................
00A0: 00 00 00 00 00 00 00 00 : 00 E8 03 00 00 00 00 00 | ................
00B0: 00 00 00 14 00 56 00 03 : 00 01 00 01 00 02 00 25 | .....V.........%
00C0: 00 5C 4D 41 49 4C 53 4C : 4F 54 5C 42 52 4F 57 53 | .\MAILSLOT\BROWS
00D0: 45 00 08 01 20 0F 01 10 : 1A 5C 00 00 00 00 00 00 | E... ....\......
00E0: 4D 41 52 54 41 00 20 4D : 6F 7A 69 6C 6C 61 2F 34 | MARTA. Mozilla/4
00F0: 2E 30 20 28 : | .0 (
I also used to have random BSOD's and restarts and minidump files refer to ntoskrnl.exe as well. I've just done a full reinstalation of Win Xp and I had one restart so far and keep getting this message from the firewall at startup.
Could anyone explain what it means?