Extrange entries in the log

Discussion in 'NOD32 version 2 Forum' started by sir_carew, Dec 21, 2003.

Thread Status:
Not open for further replies.
  1. sir_carew

    sir_carew Registered Member

    Sep 2, 2003
    Santiago, Chile
    Hi guys,
    I've discovered that I've many extrange entries in the NOD32 system log. I've many of them, all are the same, however, I can update my nod perfect.
    The entrie: Module: NOD32 Update, Function: gethostbyname, settings: it gives back value: 11001, User: (Appear in blank in difference of the others events)
    The above entrie es translate by me, because I'm using the NOD spanish version, here are the "original" entrie:
    Hora   Módulo   Suceso   Usuario
    16-12-2003 14:44:12   NOD32 Update   Función: gethostbyname, parámetros: , devuelve valor: 11001   
    Can anybody help me?
    What's happend?, I can update my NOD quickly and without problems.
    Here is my NOD32's info:
    Información sobre el sistema NOD32 instalado
    Versión:   1.584 (20031220)
    Fecha:   Sábado, 20 de Diciembre de 2003
    Revisión de base de virus:   4117

    Información sobre otros componentes de análisis
    Versión módulo de heurística avanzada:   1.004 (2003102:cool:
    Revisión mód. de heurística avanzada:   1037
    Versión filtro de Internet:   1.001 (20031104)
    Revisión filtro de Internet:   1012
    Versión módulo soporte de arch. compr.:   1.008 (20031127)
    Revisión mód. soporte de arch. compr.:   1078

    Información sobre componentes instalados
    NOD32 para Windows NT/2000/XP/2003 - Base
    Versión:   2.000.9
    NOD32 para Windows NT/2000/XP/2003 - Soporte para Internet
    Versión:   2.000.8
    NOD32 para Windows NT/2000/XP/2003 - Componentes comunes
    Versión:   2.000.9

    Información sobre el ordenador
    Sistema operativo:   Windows XP
    Versión:   5.1.2600 Service Pack 1
    Vers. compon. comunes de control:   5.82.2800
    RAM:   120 MB
    Procesador:   AMD Duron(tm) processor (1101 MHz)
  2. Merlin Magician

    Merlin Magician Registered Member

    Dec 11, 2003
    Hi sir_carew:
    Look at this:

    The gethostbyname function retrieves host information corresponding to a host name from a host database.

    Note The gethostbyname function has been deprecated by the introduction of the getaddrinfo function. Developers creating Windows Sockets 2 applications are urged to use the getaddrinfo function instead of gethostbyname.

    struct hostent* FAR gethostbyname(
    const char* name

    [in] Pointer to the null-terminated name of the host to resolve.
    Return Values
    If no error occurs, gethostbyname returns a pointer to the hostent structure described above. Otherwise, it returns a null pointer and a specific error number can be retrieved by calling WSAGetLastError.

    Error code Meaning
    WSANOTINITIALISED A successful WSAStartup call must occur before using this function.
    WSAENETDOWN The network subsystem has failed.
    WSAHOST_NOT_FOUND Authoritative answer host not found.
    WSATRY_AGAIN Nonauthoritative host not found, or server failure.
    WSANO_RECOVERY A nonrecoverable error occurred.
    WSANO_DATA Valid name, no data record of requested type.
    WSAEINPROGRESS A blocking Windows Sockets 1.1 call is in progress, or the service provider is still processing a callback function.
    WSAEFAULT The name parameter is not a valid part of the user address space.
    WSAEINTR A blocking Windows Socket 1.1 call was canceled through WSACancelBlockingCall.

    The gethostbyname function returns a pointer to a hostent structure—a structure allocated by Windows Sockets. The hostent structure contains the results of a successful search for the host specified in the name parameter.

    The application must never attempt to modify this structure or to free any of its components. Furthermore, only one copy of this structure is allocated per thread, so the application should copy any information it needs before issuing any other Windows Sockets function calls.

    The gethostbyname function cannot resolve IP address strings passed to it. Such a request is treated exactly as if an unknown host name were passed. Use inet_addr to convert an IP address string the string to an actual IP address, then use another function, gethostbyaddr, to obtain the contents of the hostent structure.

    If null is provided in the name parameter, the returned string is the same as the string returned by a successful gethostname function call.

    Note The gethostbyname function does not check the size of the name parameter before passing the buffer. In improperly sized name parameters, heap corruption can occur.

    Example Code

    The following examples demonstrates the use of the gethostbyname function.

    // Declare and initialize variables
    hostent* remoteHost;
    char* host_name;
    unsigned int addr;

    // User inputs name of host
    printf("Input name of host: ");
    host_name = (char*) malloc(sizeof(char*)*16);
    fgets(host_name, 16, stdin);

    // If the user input is an alpha name for the host, use gethostbyname()
    // If not, get host by addr (assume IPv4)
    if (isalpha(host_name[0])) { /* host address is a name */
    host_name[strlen(host_name)-1] = '\0'; /* NULL TERMINATED */
    remoteHost = gethostbyname(host_name);
    else {
    addr = inet_addr(host_name);
    remoteHost = gethostbyaddr((char *)&addr, 4, AF_INET);

    if (WSAGetLastError() != 0) {
    if (WSAGetLastError() == 11001)
    printf("Host not found...\nExiting.\n");
    printf("error#:%ld\n", WSAGetLastError());

    // The remoteHost structure can now be used to
    // access information about the host

    Client: Requires Windows XP, Windows 2000 Professional, Windows NT Workstation, Windows Me, Windows 98, or Windows 95.
    Server: Requires Windows Server 2003, Windows 2000 Server, or Windows NT Server.
    Header: Declared in Winsock2.h.
    Library: Use Ws2_32.lib."

    See Also
    Winsock Reference, Winsock Functions, getaddrinfo, gethostbyaddr, WSAAsyncGetHostByName, hostent

    Best regards.
  3. Merlin Magician

    Merlin Magician Registered Member

    Dec 11, 2003
    Amigo sir_carew:
    Dicho con otras palabras:
    Gethostbyname Obtiene la dirección IP correspondiente al nombre de una máquina conectada a Internet.

    Saludos desde México.
Thread Status:
Not open for further replies.