Forums Últimos mensajes - Powered by IBM
 
Tags Palabras claves

Pregunta URGENTE (dllhost.exe)

01/02/2004 - 02:37 por Daniel | Informe spam
Ayuda Hacer una pregunta
Por primera vez estuve probando hacer copia de seguridad de WinXp con
ntbackup y al empezar el proceso el ZoneAlarm (Firewall) me indicó bloquear
el acceso a Internet del archivo dllhost.exe y me dio el siguiente informe:

A known malicious program is trying to connect to the Internet

ZoneAlarm Pro is asking you whether to allow the connection. Do not
allow this program to connect.
Inside the program alert



Alert property Alert property value Technical explanation
Program Name COM Surrogate A program running on your
computer, which either attempted to send an IP packet over the Internet or
is waiting for an incoming packet.
Filename dllhost.exe The filename of the program that
ZoneAlarm Pro found on your computer.
Program Version 5.1.2600.0 (XPClient.010817-1148) The
version of COM Surrogate running on your computer.
Program Size 4608 The size of the program executable file
in bytes.
Program MD5 915ba63a71f56a7e8f69181801793f17 The MD5 hash,
or number, that uniquely identifies the executable.
Date Modified Aug-24-2001 12:00:00 PM The date when
dllhost.exe was most recently modified.
Connect Type Access This value can be either Access, which
is an Internet connection attempt by COM Surrogate or Server, which
indicates that COM Surrogate is waiting for connections coming in from the
Internet.
Remote Port 53 The port COM Surrogate is using on the
remote computer.
Remote IP Address 200.44.32.12 The IP address of the
remote computer that caused the alert.
Alert Date Jan-31-2004 05:13:44 PM PST The time when
ZoneAlarm Pro detected the alert on your computer.



No obstante averiguando por internet indican que es un archivo de
windows que hago? por que Zonelabs reporta este archivo como malicioso?


begin 666 corner_left_up_tall.gif
M1TE&.#EA$ `/`+,``.OKZ^#@X/GY^ÈV.3DY//S\_;V]M_?W^SL[-75U>?G
MY_O[^_W]_<[.SLS,S/___R'Y! ``````+ `````0``\```0I\,E)J[TXZ\V[
B%L"1-$YI4L 0( :#+410<(32`4$G##.'>P>$)V'P1 ``.P``
`
end

begin 666 spacer.gif
K1TE&.#EA`0`!`( ``````````"'Y! $`````+ `````!``$```("1 $`.P``
`
end

begin 666 corner_right_up_tall.gif
M1TE&.#EA$ `/`+,``.OKZ^#@X/GY^ÈV.3DY//S\_;V]M_?W^SL[-75U>?G
MY_O[^_W]_<[.SLS,S/___R'Y! ``````+ `````0``\```0I\,E)J[TXZ\U[
B=6#8) <@;(R!! /@%0&Q> KA/8';%</9Y1[$P6-(1 ``.P``
`
end
email Siga el debateRespuesta 1 respuestaRespuesta Tengo una respuesta

Preguntas similare

Mostrar todos los temas similares

Leer las respuestas

#1 Alezito [MS MVP]
01/02/2004 - 02:57 | Informe spam
dllhost.exe es un archivo protegido del sistema. no obstante puedes estar
infectado:

W32.Welchia.Worm Removal Tool
http://securityresponse.symantec.co....tool.html

W32.Welchia Trojan
http://securityresponse.symantec.co....worm.html

Alejandro Curquejo
Microsoft MVP
Windows XP - Shell/User


*Este mensaje se proporciona "COMO ESTA" sin garantias y no otorga ningun
derecho*
*This posting is provided "AS IS" with no warranties, and confers no rights*

-Tips y Articulos XP - http://www.multingles.net/tutoriales.htm#ALE
-DTS-L.Org - http://www.dts-l.org/

Que es el Programa MVP (Most Valuable Professional)
http://mvp.support.microsoft.com/de...pr=mvpfaqs



"Daniel" escribió en el mensaje
news:
| Por primera vez estuve probando hacer copia de seguridad de WinXp con
| ntbackup y al empezar el proceso el ZoneAlarm (Firewall) me indicó
bloquear
| el acceso a Internet del archivo dllhost.exe y me dio el siguiente
informe:
|
| A known malicious program is trying to connect to the Internet
|
| ZoneAlarm Pro is asking you whether to allow the connection. Do not
| allow this program to connect.
| Inside the program alert
|
|
|
| Alert property Alert property value Technical explanation
| Program Name COM Surrogate A program running on your
| computer, which either attempted to send an IP packet over the Internet or
| is waiting for an incoming packet.
| Filename dllhost.exe The filename of the program that
| ZoneAlarm Pro found on your computer.
| Program Version 5.1.2600.0 (XPClient.010817-1148) The
| version of COM Surrogate running on your computer.
| Program Size 4608 The size of the program executable
file
| in bytes.
| Program MD5 915ba63a71f56a7e8f69181801793f17 The MD5
hash,
| or number, that uniquely identifies the executable.
| Date Modified Aug-24-2001 12:00:00 PM The date when
| dllhost.exe was most recently modified.
| Connect Type Access This value can be either Access,
which
| is an Internet connection attempt by COM Surrogate or Server, which
| indicates that COM Surrogate is waiting for connections coming in from the
| Internet.
| Remote Port 53 The port COM Surrogate is using on the
| remote computer.
| Remote IP Address 200.44.32.12 The IP address of the
| remote computer that caused the alert.
| Alert Date Jan-31-2004 05:13:44 PM PST The time when
| ZoneAlarm Pro detected the alert on your computer.
|
|
|
| No obstante averiguando por internet indican que es un archivo de
| windows que hago? por que Zonelabs reporta este archivo como
malicioso?
|
|
|
email Siga el debate Respuesta Responder a este mensaje
Ads by Google
Help Hacer una preguntaRespuesta Tengo una respuesta
Search Busqueda sugerida