Reply To: VoodooShield 5.70

Forums VoodooShield Support Forum VoodooShield Releases VoodooShield 5.70 Reply To: VoodooShield 5.70

    Dan
    Keymaster
    US

    Tarnak:

    Dan:

    Yeah, dismhost can be very tricky to handle properly.  Do you remember the developer named Vlad that worked on VS for 6-8 months or so several years ago?  He came up with a unique way to deal with dismhost properly and safely, then a year or so after I took his idea one step further.  But to make a long story short, VS should handle dismhost properly and safely, but if you guys ever see anything odd, please let me know, thank you!

    So, tricky that the author of this article – https://www.itechguides.com/dism-host-servicing-process-dismhost-exe-malware/ , i.e. takes the view that it is most likely to be malware.
    <h2>”Introduction”</h2>
    “There are conflicting information about Dism Host Servicing Process (DismHost.exe). Some say it is a genuine Windows process, others say it is a malware.”

    “There are some claims that DismHost.exe is related to cleanmgr.exe. Others say, it is related to DISM (Deployment Image Servicing and Management). From my experience and research, there is not evidence to support these claims.”

    I knew that from my search/research that it wasn’t a case of [a] malware process going on with my system.

     

     

    There is definitely a legitimate clean Windows process known as DismHost.exe, and there are both 32 and 64 bit versions.  The problem is they really do look very much malware like, are almost always in common malware locations, can be exploited to launch malware, and a lot of times malware is named DismHost.exe… so it has A LOT of issues ;).  The other issue is that DismHost is updated every 6 or so months, so the hash changes.  But the way VS handles DismHost is pretty cool… I would go into details, but well, you know ;).

    0
    0