Contact Forum Editor

Send an email to our Forum Editor:

PLEASE NOTE: Your name is used only to let the Forum Editor know who sent the message. Both your name and email address will not be used for any other purpose.

Tech Helproom

It's free to register, to post a question or to start / join a discussion

View Forum Rules | Contact Forum Editor

 

A driver wants to run HTTP.sys pops up at startup to ask for permission to run?

theDarkness

Likes # 0

Posted December 8, 2011 at 2:00PM

An Online Armor pop up is asking for permission for HTTP.sys to run just after I log in to windows (Windows\system32\Drivers\HTTP.sys) - is this common to happen? Since installing and upgrading I have never had OA pop up to ask if I will allow it permission before. How can I tell if the file is genuine? Im sure its likely to be safe, but random pop ups from windows protocols that usually run by default, not usually needing permission, seems odd, especially when I have not recently updated the system. OA hasnt detected it before either. Perhaps its the latest OA thats detecting it, unlike any previous versions before. thanks for any info if anyone has any ideas as to why this is happening :)

Like this post
Fruit Bat /\0/\

Likes # 0

Posted December 8, 2011 at 2:06PM

It's part of the Windows network protocol stack used to funnel HTTP browser requests

Like this post
theDarkness

Likes # 0

Posted December 8, 2011 at 2:22PM

I have noticed that if I locate the folder myself, the file version when hovering over it with the mouse (18210) is different to the one stated in OA (18136). Thats whats making me wonder if its the same file. The path is identical apart from the change in upper/lower case too-although I didnt think windows would allow seperate files in the same folder with no difference in name aside from this change of case.

http://img594.imageshack.us/img594/6163/80773399.jpg

Thanks

Like this post
Fruit Bat /\0/\

Likes # 0

Posted December 8, 2011 at 2:34PM

On my system XP its 260Kb W7 should be the same according to http://www.file.net/process/http.sys.html

its probably Ok to run

Like this post
theDarkness

Likes # 0

Posted December 8, 2011 at 3:22PM

I dont understand why theres a difference in its version number according to OA compared to the file located in the actual folder. I wonder if this request to 'run' could actually be a request to overwrite the original, if an update has taken place. In OA, I 'open file location' for HTTP.sys, and its definately the same file as 'http.sys', as the latter shows up as highlighted. I uploaded http.sys to virustotal.com - all results from each antivirus program state 'no detection' out of its 42 antivirus programs, so I think it was just me worrying about nothing. Im just not sure as to why a file that was seemingly being used and accepted in OA for months would suddenly be unknown. Odd! :)

Like this post

Reply to this topic

This thread has been locked.



Check out PC Advisor's other tech forums

Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story. Both your name and the recipient's name and address will not be used for any other purpose.