kernel32.dll trying to go online all the time

  canard 23:48 14 Nov 2003
Locked

Any resident gurus know why my kernel32.dll has suddenly started constantly trying to get online?
Win98 SE.

  MichelleC 10:05 15 Nov 2003

Assuming you've done an uptodate av scan (it's best to do an online one at click here , plus Spybot and Adaware, try running system file checker to replace any corrupt files.

  canard 16:55 15 Nov 2003

All these have been done without results. Have recently patched IE6, updated AVG, antispyware apps and fiddled with windows media player. But these don't look likely culprits- mystified.

  canard 23:43 16 Nov 2003

The whatever it is that wants to contact kernel32.dll turns out to be local host 255.255.255.255 so must be a baddie.
SFC says that kernel32.dll has not been modified or corrupted.
Who/what ever is doing this is not just taking a poke at my PC. It must be having a go at others. So has anyone else been annoyed by him/it?

This might mean something to the elect. I just dislike the blackhole bit.
OrgName: Internet Assigned Numbers Authority
OrgID: IANA
Address: 4676 Admiralty Way, Suite 330
City: Marina del Rey
StateProv: CA
PostalCode: 90292-6695
Country: US

NetRange: 10.0.0.0 - 10.255.255.255
CIDR: 10.0.0.0/8
NetName: RESERVED-10
NetHandle: NET-10-0-0-0-1
Parent:
NetType: IANA Special Use
NameServer: BLACKHOLE-1.IANA.ORG
NameServer: BLACKHOLE-2.IANA.ORG
Comment: This block is reserved for special purposes.
Comment: Please see RFC 1918 for additional information.
Comment:
RegDate:
Updated: 2002-09-12

OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned



Names and Number
OrgAbusePhone: +1-310-301-5820
OrgAbuseEmail: [email protected]

OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone: +1-310-301-5820
OrgTechEmail: [email protected]

# ARIN WHOIS database, last updated 2003-11-15 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.

  woodchip 23:59 16 Nov 2003

Run this click here

  canard 00:25 17 Nov 2003

I've done the online trojan scan recommended on this forum and it found zilch. But will have a go at swat it and thankyou woodchip.

  canard 00:34 17 Nov 2003

Swatit found nothing- and got it to scan kernel32.dll individualy- still nowt. It was unbelievably quick. Could I be doing it wrong? Mystified!

  MichelleC 08:09 17 Nov 2003

Another thing to try: type in search dial.exe and see what comes up.

  Â ÑÌÇKÑÂMË 10:44 17 Nov 2003

I think Kernel32.dll,looks for netbios browsing,responces/reguests/and sesions so it may be runnibg as part of you firewall blocking procedure for these netbios ports.Just an idea.
I know mine listens for those things same OS.


Regards.

  canard 19:07 17 Nov 2003

MichelleC thankyou- did dial.exe search result nil.
 ÑÌÇKÑÂMË thankyou too. I'm not well informed enough to know what you mean about kernel32.dll checking netbios ports. I don't really know what these are but when I've checked security it comes up as all stealthed- net bios ports are properly protected. Only thing is why should it suddenly start when it didn't bother before?

  woodchip 19:15 17 Nov 2003

Check that you used Swatit correctly

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Moto G6 Play Review: First Look

iPad 9.7in (2018) review

Test : les écouteurs Bluetooth Honor xSport AM61