30 outbound connections for ekrn.exe?

Discussion in 'ESET NOD32 Antivirus' started by thewordyes, May 7, 2008.

Thread Status:
Not open for further replies.
  1. thewordyes

    thewordyes Registered Member

    Joined:
    May 7, 2008
    Posts:
    1
    i'm having some problems figuring some things out and i was hoping someone might be able to help me.

    my operating system is windows xp pro, sp2, i am using a trial version of nod32 3.0.650.0, along with comodo firewall pro.

    the comodo firewall said yesterday that ekrn.exe had 30 outbound connections, and that freaked me out because it did not appear that nod32 was attempting to update it's virus definitions. when i checked under "update", it appeared that my definitions were all up to date.

    i thought something was wrong, uninstalled nod32, re-installed it today and got a message from comodo, something along the lines of ekrn.exe is attempting to control egui.exe, if ekrn.exe is a trusted application click yes.

    is all of this normal? when i googled ekrn.exe, it appears that it is a part of nod32 (but when i did a file search for it in windows explorer it appears it's not on my system.. except it has to be) is it normal for there to be 30 outbound connections from ekrn.exe? that seems excessive or strange for something that isn't updating.

    sorry if this is too long and not very concise, i'm just trying to be as thorough as possible and i just don't understand this stuff as well as i would like.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    Any application communicating via HTTP/POP3 will pass the downloaded data via ekrn.exe as long as you have HTTP/POP3 checking enabled. It is possible to specify the "browsers/email clients" whose traffic will be monitored.
     
Thread Status:
Not open for further replies.