I was recently using Windows NT backup I installed from the Value_Add folder, and my McAfee product (Firewall, I think, but I have the Internet Security Suite) said that it blocked an exe from accessing the internet at C:\Windows\system32\dllhost.exe. Is this a false alarm, and is this program legitimate? Or is it a threat? Here's some more information: It's listed in McAfee firewall as "COM Surrogate" and a trojan. It had suggested I do a system virus scan, and I did, but there weren't any virus' found (and my VirusScan also searches for Trojans and some Spyware). It was in memory when I ran the scan, but it isn't at startup. If anyone needs the HijackThis log to help me, I can do so. Please respond. Laogeodritt

I forgot to say I also have this "hidden" file (though my settings say to unhide hidden files) called "thumbs.db" or something similar in some of my folders. Also, my AntiVirus Activesheild just detected something in my Temporary internet files about a URL-related Exploit (can't remember name). I'm really worried. Help, please. Laogeodritt

They are probably unrelated but who knows. I have the file dllhost.exe in that folder it was created 8.23.01 with a size of 5.00kB. The date on yours may be slightly different with XP Home, but shouldn't be yesterday's date. That file runs alot of legit stuff and should be fine. Maybe just the fact that it's trying to access the internet flags McAfee. Who knows why half the stoopid MS programz try to get on the net. There are always some BS files in Temporary Internet Files trying to hijack your browser settings, just delete them all and be done with it. Get Adaware SE and Spybot 1.3. -DF

I would like a bit of clarification on your post, and some new questions. 1) So, you're saying that it is a legit program? So how come it's considered malicious with McAfee? 2) Should I leave it blocked in the firewall (so it doesn't have access to 'net?) 3) So the temp internet files issue is common and won't do damage, with my AntiVirus program? 4)What are "BS" files? 5) The "thumbs.db" files thing hasn't been answered. Thank you very much for your help. I agree that many MS/Windows programs try to access the internet (and don't even trigger the password box to use it). Should I allow these programs access to the internet? Laogeodritt

thumbs.db is a valid windows file. What is Thumbs.db?

So its the thumbnail cache! Anyway, here are the questions I still have unanswered that I still wish to know the answer to. 1) So, you're saying that it is a legit program? So how come it's considered malicious with McAfee? (dllhost.exe) 2) Should I leave it blocked in the firewall (so it doesn't have access to 'net?) (see 1) 4)What are "BS" files? Laogeodritt

BS Files are Bull sh*t files... Iligitimi non carborundum est