I've just taken the step of reformatting and reinstalling W2K after being infected by the msblast.d worm (nachi) You may think reformatting a bit over the top but it was an excuse to reorganise my drives. In any case I was getting conflicting reports from 3 different anti virus progs. To cut to the chase, my firewall (sygate) keeps asking to allow ntoskrnl.exe to access the net and as the dllhost.exe was the cause of my original problems I was wondering whether to let ntoskrnl.exe thru' as it may be to do with windows update?.. In case anyone gets in a panic reading this, dllhost.exe should only be about 6kb, anything bigger is probably a virus.
Yes to everything, but as you will understand, all these aids were in position before the infection, unfortunately it all fails if you make the decision to allow - stupidly, in my case - something thru' your firewall. My question was, can I safely let ntoskrnl.exe thru'?