I have Symantec AntiVirus corporate edition v11, and the Network Threat Protection has been popping up lately with this message:
here is what i copied from the text it shows:
The executable has changed since the last time you used C:\WINDOWS\system32\ntoskrnl.exe
File Version: 5.1.2600.5657
File Description: NT Kernel & System
File Path: C:\WINDOWS\system32\ntoskrnl.exe
Digital Signature:
Process ID: 0x4 (Hexadecimal) 4 (Decimal)
Connection origin: remote initiated
Protocol: UDP
Local Address: 192.168.1.255
Local Port: 137 (NETBIOS-NS - Browsing requests of NetBIOS over TCP/IP)
Remote Name:
Remote Address: 192.168.1.104
Remote Port: 137
Ethernet packet details:
Ethernet II (Packet Length: 110)
Destination: ff-ff-ff-ff-ff-ff
Source: 00-13-ce-d6-97-9e
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.0.. = Don't fragment: Not set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 128
Protocol: 0x11 (UDP - User Datagram Protocol)
Header checksum: 0x30f6 (Correct)
Source: 192.168.1.104
Destination: 192.168.1.255
User Datagram Protocol
Source port: 26118400
Destination port: 35072
Length: 8
Checksum: 0x21bf (Correct)
Data (76 Bytes)
Binary dump of the packet:
0000: FF FF FF FF FF FF 00 13 : CE D6 97 9E 08 00 45 00 | ..............E.
0010: 00 60 BF A4 00 00 80 11 : F6 30 C0 A8 01 68 C0 A8 | .`.......0...h..
0020: 01 FF 00 89 00 89 00 4C : BF 21 81 BD 29 10 00 01 | .......L.!..)...
0030: 00 00 00 00 00 01 20 45 : 4B 45 50 46 44 45 49 46 | ...... EKEPFDEIF
0040: 48 45 49 45 4A 46 45 45 : 46 46 44 45 46 45 4D 45 | HEIEJFEEFFDEFEME
0050: 4D 43 41 43 41 41 41 00 : 00 20 00 01 C0 0C 00 20 | MCACAAA.. .....
0060: 00 01 00 04 93 E0 00 06 : 60 00 C0 A8 01 68 | ........`....h
it asks me if i want to allow it to access the network, and i click No because i have no idea what it is or why it wants to access the network.
it seems like it randomly pops up, or whenever i turn my computer on.
any help as to what this is and how i should go about dealing with it?
thanks everyone.