Over 1 million tech questions and answers.

Getting Http:///?%20www Instead Of Http://www

Q: Getting Http:///?%20www Instead Of Http://www

Hi, A friend of mine gets an error when trying to connect to a website I host. If he types in www.website.com it says that the address is not valid. In the address bar it displays http:///?%20www instead of http://www. This only seems to happen when he tries to connect to my website. Other websites connect fine. I have run Norton, ccleaner and Spy Sweeper with no luck. Anyway, I saw someone else had a similar problem here and posted a HijackThis log. So heres his:Logfile of Trend Micro HijackThis v2.0.2Scan saved at 6:26:29 PM, on 12/28/2007Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16574)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeC:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeC:\Program Files\LogMeIn\x86\RaMaint.exeC:\Program Files\LogMeIn\x86\LogMeIn.exeC:\WINDOWS\System32\nvsvc32.exeC:\WINDOWS\system32\PnkBstrA.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Webroot\Spy Sweeper\SpySweeper.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\LogMeIn\x86\LogMeIn.exeC:\Program Files\Teamspeak2_RC2\TeamSpeak.exeC:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exeC:\Program Files\Webroot\Spy Sweeper\SSU.EXEC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lycos.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dllO2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file)O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dllO4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] "nwiz.exe" /installO4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exeO4 - HKLM\..\Run: [EPSON Stylus CX4800 Series (Copy 1)] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADA.EXE" /P35 "EPSON Stylus CX4800 Series (Copy 1)" /O6 "USB001" /M "Stylus CX4800"O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottimeO4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"O4 - HKLM\..\Run: [EPSON Stylus CX4800 Series] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADA.EXE" /P26 "EPSON Stylus CX4800 Series" /O6 "USB001" /M "Stylus CX4800"O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintrayO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /backgroundO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exeO4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exeO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{A286B23C-A35C-41A8-8C4F-2EC5F53C5B12}: NameServer = 85.255.115.5,85.255.112.20O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.5 85.255.112.20O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.5 85.255.112.20O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.115.5 85.255.112.20O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.5 85.255.112.20O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exeO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exeO23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exeO23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXEO23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exeO23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exeO23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exeO23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exeO23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exeO23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exeO23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exeO23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe--End of file - 8064 bytes

RELEVANCY SCORE 200
Preferred Solution: Getting Http:///?%20www Instead Of Http://www

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Getting Http:///?%20www Instead Of Http://www

Anyone?

Read other 2 answers
RELEVANCY SCORE 103.6

Randomly, everytime I enter in a web address, "/?%20" will be added and not go to the site.

Any ideas?

Windows XP
Internet Explorer 6.0

Logfile of HijackThis v1.97.7
Scan saved at 10:26:38 PM, on 1/16/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\mnmsrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Corel\WordPerfect Office 2000\Register\Remind32.exe
C:\Program Files\Sony Cor... Read more

A:http:///?%20www.google.com

Read other 8 answers
RELEVANCY SCORE 102.4

whenever i try to get to a website, say http://www.website.com, it turns into http:///?%20www.website.com. I've run a few anti-spyware programs, with no luck. I just downloaded and ran HijackThis for the first time, and I have no idea what to remove or keep. Here's the log I got:Logfile of HijackThis v1.99.1Scan saved at 8:18:25 PM, on 7/20/2005Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\userint32.exeC:\WINDOWS\system32\mswkst32.exec:\windows\system32\repyxol.exeC:\WINDOWS\System32\VsTaskMngr.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\WINDOWS\System32\CTSvcCDA.EXEC:\WINDOWS\System32\gearsec.exeC:\WINDOWS\system32\HPConfig.exeC:\Program Files\HPQ\Notebook Utilities\HPWirelessMgr.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\Program Files\Norton Ant... Read more

A:http:///?%20www.whatever appearing in address bar

Hi Max,- Be sure that all files and folders are visible: - Click Start > Control Panel > Tools > Folder Options > View - At Hidden files and folders, select 'Show hidden files and folders' - Unmark 'Hide extentions for known file types' - Click 'Apply'and then 'OK'.- Start HijackThis and click 'Scan'.- Only select the following items:R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blankF2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\userint32.exeO2 - BHO: Bucket Class - {00000001-C003-4A2F-9142-7CB1D78DE6C1} - C:\WINDOWS\tct101.dllO2 - BHO: (no name) - {156D2521-E160-39B8-51DD-16EC67C6A139} - C:\WINDOWS\system32\hocveakq.dllO2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)O2 - BHO: (no name) - {70F70BDF-E66B-C708-D93B-A1571897ECE3} - C:\WINDOWS\system32\xekhqzbh.dll (file missing)O2 - BHO: (no name) - {800D3062-E950-D35B-B79E-221A6960759C} - C:\WINDOWS\system32\cvmdmjmf.dllO2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)O3 - Toolbar: (no name) - {2CDE1A7D-A478-4291-BF31-E1B4C16F92EB} - (no file)O4 - HKLM\..\Run: [Microsoft Updat3] mswkst32.exeO4 - HKLM\..\Run: [blxyjg] c:\windows\system32\repyxol.exe rO4 - HKLM\..\RunServices: [Microsoft Updat3] mswkst32.exeO4 - HKCU\..\Run: [IntelAMD Signal Processor2] C:\WINDOWS\System32\VsTaskMn... Read more

Read other 3 answers
RELEVANCY SCORE 93.2

Hi. I have had this problem for many months now and have tried to remove the infection manually using instructions found on ehow, using Norton Antivirus, malwarebytes and spybot search and destroy. Nothing has been successful at removing it. I have just been using my laptop instead of my desktop because I don't want to use an infected computer. The computer is running Windows XP Professional SP3. I receive notifications from Norton that an intrusion attempt has been blocked. When I go into the log, I found that there were three high risk log entries, one for HTTP Tide Serv Request2, one for HTTP CrimePack Activity 1, and one for HTTP Nukesploit Request. As I mentioned this has been going on for months now. At the beginning it was mostly just HTTP Tide Serv Request2, the other two are new today. I'm hoping you can help me, otherwise I'm going to have to reinstall Windows, which I'd like to avoid doing. I hope I have included enough background. My scans are below and attached. Your help is greatly appreciated!

Thanks,
Mike
DDS Scan Results:

DDS (Ver_10-12-12.02) - NTFSx86
Run by PPSV at 12:53:22.68 on 01/13/2011
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2550.1463 [GMT -5:00]

AV: Bitdefender Antivirus *Disabled/Outdated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
AV: Norton Security Suite *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Bitdefender Firewal... Read more

A:HTTP Tide Serv Request2 / HTTP CrimePack Activity 1 / HTTP Nukesploit Request Problems

Hello mthess, Welcome to Bleeping Computer.
My name is fireman4it and I will be helping you with your Malware problem.

Please take note of some guidelines for this fix:
Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
Finally, please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.1.We need to disable Spybot S&D's "TeaTimer"TeaTimer works by preventing ANY changes to the system. It will attempt to undo any fixes we run, because it blocks these fixes from running.In order to safeguard your system from problems that can be brought on by a half finished fix, we need to disable TeaTimer. We can reenable it when we're done if you like.Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy.If prompted with a legal dialog, accept the warning.Click and then on "Advanced Mode"
You may be presented with a warning dialog. If so, press Click on... Read more

Read other 7 answers
RELEVANCY SCORE 88.8

Hope someone can help with this one.
I can't access paypal or ebay.
When I try to, the address changes to http:///?%20www.paypal.com for paypal.......and http:///?%20www.ebay.com for ebay.

I have run CWShredder, adaware and spybot, but still I get the same results.

Thanks for your time.

A:Can't access ebay or paypal...http:///?%20www.paypal.com

it does sound like malware. try this.
http://www.techsupportforum.com/secu...kthis-log.html

Read other 2 answers
RELEVANCY SCORE 78.4

Yesterday I got this threat HTTP Malicious Toolkit Variant Activity 2 and my Norton Internet Security blocked them. I installed Malwarebytes and SuperAntiSpyware, updated them, restarted in safe mode, disconnected from the internet and did a full system scan for both and didnt detect anything. Today I got this threat HTTP SurfAccuracy Config Request.

So I was wondering if my computer is infected with malawares and if someone could give me a hand here.

Any help would be appreciated!

Here's my Hijackthis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:40:03 AM, on 11/17/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Windows\System32\mobsync.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Windows\s... Read more

A:HTTP Malicious Toolkit Variant Activity 2 & HTTP SurfAccuracy Config Request

Hello, gunnersluver
Welcome to TSF

My name is Billy O'Neal and I will be helping you. (Billy or Bill is fine, if you like.)
Please give me some time to look over your computer's log(s).
Please take note of the following:In the meantime, please refrain from making any changes to your computer.
Also, even if things appear to be running better, there is no guarantee that everything is finished. Please continue to check this forum post in order to ensure we get your system completely clean. We do not want to clean you part-way up, only to have the system re-infect itself. :)
If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
Finally, please reply using the button in the lower left hand corner of your screen.
Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just put a post here so that I know you're still here. We get a lot of people who simply leave, and if there is no contact for that amount of time I will have to assume you have "vanished" .
We need to run a Scan with DDSPlease download DDS, and save it to your desktop, from one of the following mirrors:This is a mirror
This is another mirror

Disable any type of "Script Blockers" or "Script Protection" installed on ... Read more

Read other 2 answers
RELEVANCY SCORE 78.4

I followed the instructions given for those experiencing "Win Min" problems. However, they are different problems, and I was upset to find that this morning everything was as screwed up as before.this http://searchweb2.com hijack reasserts itself as the starting page everytime it's changed, and sometimes crashes new windows. The instructions said something about a scanlong, and I assume that's a HijackThis scan (searching my harddrive for "scanlog" didn't turn up anything). As such, here's what HijackThis turns up.

Logfile of HijackThis v1.98.0
Scan saved at 8:12:15 AM, on 8/1/2004
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\MESSENGER PLUS! 3\MSGPLUS.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\IBMTOOLS\APTEZBTN\APTEZBP.EXE
C:\WINDOWS\SYSTEM\PELMICED.EXE
C:\WINDOWS\LOADQM.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\LEXBCES.EXE
C:\PROGRAM FILES\COMMON FILES\SLMSS\SLMSS.EXE
C:\WINDOWS\MWSVM.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\LEXPPS.EXE
C:\... Read more

A:Hijacked by http://searchweb2.com/passthrough/index.html?http: //www.yahoo.com/

Read other 7 answers
RELEVANCY SCORE 78.4

Once again, the kids have got onto something. My home page keeps being redirected to http://mysearchnow.com/passthrough/index.html?http://www.google.com/. Can someone check my hijackthis log? Thanks in advance.

ogfile of HijackThis v1.97.7
Scan saved at 1:21:38 PM, on 10/07/04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAM FILES\MESSENGER PLUS! 2\MSGPLUS.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\PLAY ANTI SEEK\IDOLDEAD.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\MY DOWNLOAD FILES\HIJACK FILES\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mysearchnow.com/passthrough/index.html?http://www.google.com/
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F... Read more

A:hijacked by http://mysearchnow.com/passthrough/index.html?http ://www.google.com/

Read other 9 answers
RELEVANCY SCORE 78

After putting an usb drive that i use for printing avast started notifyng me of wscript.exe  trying to access this sites: (http://etpsoprc.ru/a/, http://specrtop.org/a/).
 
i dont know what to do and i cant initiate a lot of the cleaning tools mentioned on other sites. any help will be aprecciated.

A:problem URL: Mal Avast warnings - http://etpsoprc.ru/a/, http://specrtop.org/a/

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/500601 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 2 answers
RELEVANCY SCORE 77.6

This is one of the pop-ups that I consistently have. The following is my log file. Every time my internet explorer loads, it pops up. I hardly every use it - I mostly use Mozilla Firefox. I also get a popup from Smashhits, but I don't know the url to that one. Thanks for your help!



Logfile of HijackThis v1.99.1
Scan saved at 5:58:24 PM, on 5/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Alarm\AlarmMonitor.exe
C:\Program Files\Alarm\Alar... Read more

A:http://newads1.com/cmapp/zx-adredirect.php?target=http%3A

Hi and welcome to TSF.

I am currently reviewing your log. Please note that this is under the supervision of an expert analyst, and I will be back with a fix for your problem as soon as possible.

You may wish to Subscribe to this thread (Thread Tools) so that you are notified when you receive a reply.

Please be patient with me during this time.

Read other 2 answers
RELEVANCY SCORE 77.6

Hi, When i am trying to record and web application which is launched on Sharepoint i have below scriptweb_custom_request("ProcessQuery",         "URL=http://vc1cgr01cgi006:9090/_vti_bin/client.svc/ProcessQuery",         "Method=POST",         "Resource=0",         "RecContentType=application/json",         "Referer=http://vc1cgr01cgi006:9090/Lists/DSPortalBase/Home.aspx#",         "Snapshot=t2.inf",         "Mode=HTML",         "EncType=text/xml",         "Body=<Request xmlns=\"http://schemas.microsoft.com/sharepoint/clientquery/2009\" SchemaVersion=\"15.0.0.0\" LibraryVersion=\"15.0.0.0\" ApplicationName=\"Javascript Library\"><Actions><Query Id=\"23\" ObjectPathId=\"2\"><Query SelectAllProperties=\"true\"><Properties /></Query></Query><Query Id=\"24\" ObjectPathId=\"5\"><Query SelectAllProperties=\"true\"><Properties /></Query></Query></Actions><ObjectPaths><Property Id=\"2\" ParentId=\"0\" Name=\"Site\" /><Property Id=\"5\" ParentId=\"... Read more

A:HTTP Status-Code=403 (FORBIDDEN) for "http://vc1cgr01cgi006:...

hi ! Same problem here, have you find a solution?

Read other 6 answers
RELEVANCY SCORE 76

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 11:19:48 PM, on 11/13/2008Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16735)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Lavasoft\Ad-Aware\aawservice.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\McAfee\MSC\mcmscsvc.exec:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exec:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exeC:\Program Files\McAfee\MPF\MPFSrv.exeC:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exeC:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exeC:\Program Files\Intel\Wireless\Bin\RegSrvc.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Canon\CAL\CALMAIN.exeC:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exec:\PROGRA~1\mcafee.com\ag... Read more

A:Getting re-routed to http://alphawipe.com/ and http://destroytracks.com/

Hi,* Please visit this webpage for instructions for downloading and running ComboFix:http://www.bleepingcomputer.com/combofix/how-to-use-combofixPost the log from ComboFix when you've accomplished that, along with a new HijackThis log.

Read other 12 answers
RELEVANCY SCORE 73.2

Hi,

One of my sites had a virus (code injection) but I have managed to remove it.:

http://www.gavindouglasfashion.com/

However, on Google webmaster tools there is a message saying that it is still present on http://gavindouglasfashion.com/ (i.e. without the www. after the two slashes //)

Is anyone able to advise as to how I can resolve this as there is no virus present any more but I can't get a successful review from Google.

Thanks.

Read other answers
RELEVANCY SCORE 73.2

i have a problem call redirect virus in my firefox need help i try everything

A:Need Help Removing Scour (http://63.209.69.107, http://8.26.70.252)

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your computer problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the ... Read more

Read other 26 answers
RELEVANCY SCORE 72.8

HTTP Fake Antivirus Install Request 4Intrusion Attempt - High Risk - BlockedNetwork Traffic - 69.42.67.204 ,80Attack Resulted from \DEVICE\HARDWAREVOLUME1\PROGRAMFILES\INTERNETEXPLORER\IEXPLORE.EXEHTTP Malicious IFrame Image RequestIntrusion Attempt - High Risk - BlockedNetwork Traffic - 89.248.179.94 ,80Attack Resulted from \DEVICE\HARDWAREVOLUME1\PROGRAMFILES\MOZILLA\FIREFOX\FIREFOX.EXEDo these events require investigation. Is my system clean.No unusual behavior to report.(May I run DDS and GMER from any user account)Edit > I was pointed to Bleeping by the Norton Community Forum. The Severity Risk for both Attempts is HIGH. HIGH is very unusual for me and Norton wanted me to investigate further at BC as to maybe Rootkit got in DDS (Ver_10-03-17.01) - NTFSx86 Run by BJMS at 17:18:36.39 on Thu 06/03/2010Internet Explorer: 8.0.6001.18904 BrowserJavaVersion: 1.6.0_20Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.3061.1709 [GMT -5:00]============== Running Processes ===============C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k rpcssC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\... Read more

A:HTTP Fake Antivirus Install Request 4 | HTTP Malicious IFrame Image Request

bjm_ OP edit I hope my post to Norton Community Forum does not violate bleepingcomputer rules. I did not follow any instructions @ Norton Forum...other than "go to bleepingcomputer" to investigate / post Topic re this issue. ThanksEdit > Does bleeping send automated response by email that my Topic has been received .... and to wait for reply ....and what if no reply after X days ? Expected automated response Topic received with what to do if no reply after X days...understand Forum gets swamped ... just don't know if after 100 reviews I should have received automated response or any response or just too soon. Only one day...so may be too soon for even automated response.

Read other 31 answers
RELEVANCY SCORE 67.6

Hello guys,I've gotten numerous alerts from Norton telling me that I have attempted intrusions from HTTP Suspicious Executable Image Download, HTTP Tidserv Request & HTTPS Tidserv Request 2. I have turned off my System Restore, continued to allow Norton to continue blocking the attacks, and have NOT rebooted my computer since first receiving the intrusion alerts.. so far I haven't seen any damage to my computer. I do, however, have sensitive information saved into my browser which I am worried about (I have since wiped out the master password). Here are my logs below:DDS Log:DDS (Ver_10-03-17.01) - NTFSx86 Run by Owner at 15:00:37.71 on 07/06/2010Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_20Microsoft Windows XP Home Edition 5.1.2600.2.1252.2.1033.18.1014.149 [GMT -7:00]AV: Norton AntiVirus 2005 *On-access scanning enabled* (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8}FW: Norton Internet Worm Protection *enabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}============== Running Processes ===============C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupsvchost.exesvchost.exeC:\Program Files\Common Files\Symantec Shared\ccSetMgr.exeC:\Program Files\Common Files\Symantec Shared\SNDSrvc.exeC:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBC... Read more

A:HTTP Suspicious Executable Image Download, HTTP Tidserv Request & HTTPS Tidserv Request 2

GreetingsOne or more of the identified infections is a Backdoor Trojan.This could allow hackers to remotely control your computer, steal critical system information and download and execute files.I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC could be compromised and there is no way to be sure that your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?When Should I Format, How Should I ReinstallWe can still clean this machine but I can't guarantee that it will be 100% secure afterwards. "If you would like to continue, then follow the steps below, otherwise please let me know"I Would like you to do the following.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Run Combofix:Please visit th... Read more

Read other 17 answers
RELEVANCY SCORE 67.6

Guys, Can anyone explain the difference between 'http://www.**.com' and 'http://**.com??

does it make a big difference?
 

A:What is the difference between 'http://www.**.com' and 'http://**.com

lagopi said:

Guys, Can anyone explain the difference between 'http://www.**.com' and 'http://**.com??

does it make a big difference?Click to expand...

What's the point? THey both open Google.
 

Read other 2 answers
RELEVANCY SCORE 67.6

Running XP home and inadvertently typed:

http://http://abc.com or whatever
http://http://forums.techguy.org

In Firefox, I get redirected back to Microsoft (!) while in I/E, Opera, I get an error (as does a Mac system).

Why does Firefox redirect to Microsoft on this obvious error?

Just curious, yet puzzled Ivan
 

A:Double http://http://

For what it is worth, Mozilla also returns an error page. Seems obvious. But Firefox, the browser redirects me to Microsoft when I click on any double http, ie

http://http://google.com

Right back to Uncle Bill's. How come, Ivan
 

Read other 1 answers
RELEVANCY SCORE 66.4

I was hoping I wouldn't have to resort to this, but I guess I've no other choice. I've looked up this thing and from what it sounds like, I'm in deep. Like an abyss.This whole fiasco started about a week ago when my parents found a charge from McAfee on their card. None of us ever purchased anything, and called McAfee and had them remove the charge which (according to my Dad), simply removed the LiveUpdate thing McAfee had.Not long after that, Google Chrome started acting weird and some program called "pbupdate.exe" had to be closed. My computer subsequently froze and I had to manually shut down.I rebooted my computer only to find that Chrome had been completely fried and would not load any web pages at all. Resorting to Firefox, I Googled "pbupdate.exe" and clicked the first link, allowing "Top PC Defender" onto my computer (and maybe some other things).As such, I ran Malwarebytes, SUPERAntiSpyware, McAfee, AVG, and Spybot to rid myself of the problem. When this yielded no results, I ended up using System Restore which seemed to get rid of the problem.Not long after, we switched over to Norton due to Comcast preparing a move, and uninstalled McAfee. Norton ended up having to uninstall AVG in order for it to install.And ever since then I've had these messages popping up repeatedly on my computer from Norton, telling me an attack was blocked but not allowing any action to be taken. The fact that I'm still getting these mess... Read more

A:HTTP Tidserv Request, HTTPS Tidserv Request 2, and HTTP Trojan Sasfis Activity

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Please include a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.We need to create an OTL ReportPlease download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.In the custom scan box paste the following:CODEnetsvcsmsconfigsafebootminimalsafebootnetworkactivexdrivers32%systemroot%�... Read more

Read other 17 answers
RELEVANCY SCORE 66.4

Hello,On July 18th, as I was watching a streaming TV show, my computer apparently picked up Antimalware Doctor, which kept telling me that my computer was infected and that I needed to pay them money to get rid of all these infections. I managed to get rid of that with MalwareBytes. Shortly after though, my Norton Antivirus started regularly informing me (every 20 minutes to half hour) that it had blocked an intrusion attempt from either HTTP Tidserv Request (most common) or HTTPS Tidserv Request 2 (2nd most), and every once in a while some oddball like HTTP Fake Scan Webpage 5 or some Trojan (Vundo or Ad.Clicker). It seems like it's always been blocked, but as these Norton alerts keep coming, even when I don't have a browser open, I am upset and concerned. Also seems as if the attacks are coming from several different computers.I tried running Malwarebytes a few more times. It usually leaves me with 8 or so pieces of malware, identified as Rootkit or Trojan agents, which it tells me will be deleted upon reboot. However, after I reboot and run Malwarebytes immediately thereafter, there are still 8 pieces of Malware. I tried updating my Norton and running a scan, but that didn't fix the problem. I also ran Norman Malware Cleaner, with no real results.Again, though the alerts always classify the threat level as high, it seems like they are being blocked. I haven't entered any passwords into my computer since this came up, and I never save any on a regu... Read more

A:HTTP Tidserv Request; HTTPS Tidserv Request 2; HTTP Fake Scan Webpage 5

Very sorry about the multiple posts. Firefox had gone grey, and I didn't think any had gone through. Sorry.

Read other 21 answers
RELEVANCY SCORE 62.4

Hi.I'd really appreciate some help here.4 days ago, I started to get the following messages from my Norton:Network traffic from 213.163.89.104 matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME2\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXENetwork traffic from 60.12.117.145 matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\SVCHOST.EXENetwork traffic from a57990057.cn matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\SVCHOST.EXENorton identifies the first one as HTTP Tidserv Request and the next two as HTTP Tidserv Request 2 respectively.It blocks those attempts but won't let me take any action to remove (says no action required).I've run DDS and downloaded GMER. Tried running GMER several times but it only gets as far as the devices and then freezes my computer. I have to unplug it just to restart it.Also, I have Firefox, Google Chrome, and Internet Explorer on my Computer. At random times, new tabs in these browsers will automatically open taking me to sites advertising products and Congratulations! You are the 1,000,000th visitor or something like that. Click here to claim your prize.No matter which search engine I use in any of these browsers, when I click on a search result, it does the same thing as stated in the previous pa... Read more

A:Infected with HTTP Tidserv Request and HTTP Tidserv Request 2 and can't run GMER

Hello , And to the Bleeping Computer Malware Removal Forum. My name is Elise and I'll be glad to help you with your computer problems.I will be working on your malware issues, this may or may not solve other issues you may have with your machine.Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.-----------------------------------------------------------If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.If you have already posted a log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.We need to see some information about what is happening in your machine. Please perform the following scan:Please download OTL from one of the following mirrors:This is THE MirrorSave it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Push the button.Two reports will o... Read more

Read other 12 answers
RELEVANCY SCORE 62.4

IssueWhen using Firefox, I keep encountering a pop-up message from Norton informing me that a recent attempt to attack your computer has been blocked. I view details of the attack and it names it either as a HTTP Tidserv Request 2 or HTTP Tidserv Request. The browser also redirects me to different sites when selecting google search results. Firefox sometimes crashes for no reason and the PC sound has disappeared as well. ActionsI have run a Fully System Scan using Norton twice. It is only picking up cookies after the system scan is complete. I also ran BitDefender scanner and nothing was picked up. I was able to find this site and it looks like a lot of members were able to help on issues such as mine so might as well give it a try. I've read the guidelines for requesting help and followed it to the best that I can. The DDS.txt is below and I have also attached the Attach.txt. I tried running the GMER program twice using the links in the guidelines but a blue screen always appear with the following message.PAGE_FAULT_IN_NONPAGED_AREATechnical Information:STOP: 0x00000050 (0x9973AB30, 0x00000001, 0x99478FA6, 0x00000000)I tried a third time by getting GMER directly at its web site and saving it with a different name but it still did not work. A blue screen still appeared.DDS (Ver_10-03-17.01) - NTFSx86 Run by Meyrick Mataac at 21:39:52.82 on Thu 06/24/2010Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17Microsoft Windows XP Professional 5.1.2600.3.... Read more

A:PC infected with malware - HTTP Tidserv Request 2, HTTP Tidserv Request,

Hi parokyano,Welcome to Malware Removal (VTSMR) forum. I am going to assist you with your problem.Please refrain from making any changes to your system (scanning or running other tools, updating Windows, installing applications, removing files, etc.) from now on as it might interfere with our fixes. In case of making changes I shall assume my assistance is not needed any more.If the issue is not resolved please update me on the current condition of your computer.

Read other 28 answers
RELEVANCY SCORE 61.6

Just curious...

when using IE or Netscape, and i type in a URL, for example, amazon.com (without the www. in front of amazon.com), in the address box, the website will come through.

however, when i type in other URLs, for example, paperdirect.com, it requires the extra www.paperdirect.com for the website to come through.

why does this happen?

thanks in advance.

louis
 

A:http://www.domain.com versus http://domain.com

Read other 7 answers
RELEVANCY SCORE 54.4

Scotty alerted on the above, out of the blue, something about† an Active-X wanting to install.†A Google search††points to an update, KB 927977,†which has 3 choices†of varying size. The associated file is C:\Windows\System32\msxml6.dll. I have no idea what XML does or how it works and was wondering if it's OK to allow the install.Message Edited by dalem29 on 09-18-2008 06:58 AM

A:XML HTTP 6.0

dale,†it should be okay.†to be extra sure, use Windows Explorer to navigate to that file. †RIGHT-click on it, select PROPERTIES, and under VERSION, i believe it should be listed as†6.0.3890.0 (for KB 92977)[or 6.10.1129.0 , if that file has been updated to an SP1 version]and the company should be Microsoft.†if that's what you have, let scotty allow it... otherwise, come back and let us know what you have.

Read other 3 answers
RELEVANCY SCORE 54.4

When using Microsoft Office Outlook 2007 remotely on my home desktop PC to connect to my work Microsoft Exchange Server 2003 using RPC over HTTP it stays disconnected. The only way I can connect is by using a VPN.(System=XP64bit & Office Enterprise 2007,all with current updates)
My other home desktop PC using Office Outlook 2003 has no problem connecting.
Both Outlook 2007 & Outlook 2003 have identical account settings configured.
I have not found a specific solution to this problem in Google or Microsoft.

Can anyone help?
 

Read other answers
RELEVANCY SCORE 54.4

Any website I try gives the same error. That is only on my main profile. When signed in as my son, I can reach the internet. I cannot even reach my router by entering 192.168.0.1. Obviously something has been changed in my profile affecting the way I connect to the internet, but none of the advice I have found online has addressed this.
 

A:http 404, but not like the others

Read other 15 answers
RELEVANCY SCORE 54.4

this might sound like a stupid question but can anyone tell me why some sites have www and some just have the http://.

thankx
 

A:www or http

Sure...

I'm going to use company.com for this example.

After registering a domain name, you have to tell a DNS server the IP address of the computer that is hosting your domain. Let's say it 65.56.77.89 (I just made that up).

Now, 'hosting' your domain can mean many different things, but typically at the least, you will host a web server and a mail server at that computer.

If I want to visit your web site, I just have to type in http://company.com and I will get to your page. In most browsers I can also just type in company.com and get there as well. Today's browser's are smart enough to just assume the http part if you don't put it in.

Same with email, I just have to set my Outlook (or whatever program I am using) to use the mail server at company.com.

This works fine if you have all the services you intend to host on a single machine. However, I may wish to run my web server and my mail server on different machines. In that case I would 'name' (only in my head, I don' t have to actually name it this) my web server machine 'www'. I would then go and tell my DNS server that www.company.com is located at whatever IP address that machine is located at (let's say 65.56.77.90). Now when someone puts company.com into their web browser, they will get nothing because the DNS entry will tell their browser to go ask for a web page at 65.56.77.89 (assuming I have shut the web server down on 65.56.77.89). However, wh... Read more

Read other 1 answers
RELEVANCY SCORE 54.4

My OS is Win XP Pro SP3 and Browser Firefox 5

Sometimes when I click on close (Red X top right hand corner) from a page on the FF browser I am getting another page with the domain name http.com.

This is a page of parked domains and I have attached a screenshot of the top half of the page. There is a privacy link at the bottom of the page and when I click on this the url is http://www.gstatic.com/domainads/privacy/ which is Google Adsense for Domains.

I haven?t a clue why this is happening although it is becoming more frequent.

I have run a scans with NOD32 and Spybot which are clean.

Can anyone help please?

A:What is http.doc

Take a look, http://forums.comodo.com/general-discussion-off-topic-anything-and-everything/httpwwwhttpcomcomodocom-t1156.0.html .

Louis

Read other 15 answers
RELEVANCY SCORE 54.4
Q: Http

Hello,

I have windows isa server 2000 and a us robotics usr 9000 router in my office.

Today i have installed WWWFILESHAREPRO on one office pc. All i want is to share files from this pc to my clients, for whom we burn cds for large files. This software is to share large files.
This software says by entering internet ip address internet browser any person can access to the shared directory. Locally i can access the shared directory
by entering 192.168.0.88(which is my pc ip address) but not from the internet ip address.

what should i do on ISA server or usrobotics router to enable access to http?

pls help..
 

Read other answers
RELEVANCY SCORE 54.4

running explorer 8 i just keep getting this message all over the net {This error (HTTP 403 Forbidden) means that Internet Explorer was able to connect to the website, but it does not have permission to view the webpage} can any one help cheers

A:http 403

Hello,

The 403 error is basically the server hosting the website saying that you do not have permission to view the page you requested. This is mainly done for security reasons. What is the address that you are trying to access?

Read other 3 answers
RELEVANCY SCORE 54.4

Hey guys, yesterday I got great assitance in helping me clean up some problems on my computer however one problem seems to pop back up no matter how many times I fix it on Hijack This. Once i fix the lines that contain the "http://4.3.7" my homepage will work for about 20 min and then it will default back to this "http://4.3.7" when i check my hopepage settings in internet options it 4.3.7 doesnt show up at all. If you could help me out I'd appriciate it. Here's my log...

Logfile of HijackThis v1.97.7
Scan saved at 3:30:09 PM, on 7/17/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\LXSUPMON.EXE
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\DELLMMKB.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\PANICW~1\POP-UP~2\PSFree.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\webshots.scr
C:\... Read more

A:http://4.3.7???

Your HJT log shows you have no firewall running. If you're not computing behind a firewall-embedded network router, enable ICF:

To turn on the WinXP Internet Connection Firewall (ICF):

- On the taskbar at the bottom of your screen, click Start, and then click Control Panel.

- Click the Network and Internet Connections category. (If the Network and Internet Connections is not visible, click Switch to Category View under Control Panel on the left side of the Control Panel window.)

- Click Network Connections.

- Right-click the Dial-up, LAN, or High-Speed Internet connection that you use to connect to the Internet, and then click Properties from the shortcut menu.

- On the Advanced tab, under Internet Connection Firewall, select Protect my computer and network, and then click OK. The Windows XP firewall is now enabled.
***

Run HJT, click Scan, put checkmarks by the following a click Fix Checked the restart your computer.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.buccaneers.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = /4.3.7
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = /4.3.7
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = /4.3.7
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = /4.3.7
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
 

Read other 2 answers
RELEVANCY SCORE 54.4

Hi,

I hope someone knows how to help me fix my problem. I cannot look at links, or look at profiles because http://0.0.0.1/ appears in my browser. I have Spybot, Hijack, Bugoff, and CCleaner that cannot detect the problem. I also cannot get on NetMeeting share activate. Here is a copy of my hijackthis scan and the problem I am having is I can't get rid of WarezP2P as it keeps popping up in a Spybot S&D scan.

Here is a copy of my scan... Thank you.

Paige


O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program

files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program

Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program

Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program

Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program

files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [IcoSet] c:\hp\bin\cloaker.exe c:\hp\bin\IcoSet\adjust.bat seticon
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\... Read more

Read other answers
RELEVANCY SCORE 54.4

My OS is Win XP Pro SP3 and Browser Firefox 5

Sometimes when I click on close (Red X top right hand corner) from a page on the FF browser I am getting another page with the domain name http.com.

This is a page of parked domains.. There is a privacy link at the bottom of the page and when I click on this the url is http://www.gstatic.com/domainads/privacy/ which is Google Adsense for Domains.

I havenít a clue why this is happening although it is becoming more frequent.

I have run a scans with NOD32 and Spybot which are clean.

Can anyone help please?
 

Read other answers
RELEVANCY SCORE 54.4

Does anyone know what HTTP is other than (Short for HyperText Transfer Protocol, the underlying protocol used by the World Wide Web. HTTP defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands. For example, when you enter a URL in your browser, this actually sends an HTTP command to the Web server directing it to fetch and transmit the requested Web page.
The other main standard that controls how the World Wide Web works is HTML, which covers how Web pages are formatted and displayed.)
And how can you change the settings or fix a problem, if the HTTP stops working or part of it goes bad?
 

A:How to fix HTTP

Read other 16 answers
RELEVANCY SCORE 54.4

I turn on the internet explorer and there's no problem at first then I start going into sites and the pop ups start especially HTTP 404 which say I am not connected . then all the others startDeckard's System Scanner v20071014.68Run by Sonji&Alex on 2008-05-14 22:48:18Computer is in Normal Mode.---------------------------------------------------------------------------------- Last 5 Restore Point(s) --7: 2008-05-07 13:04:32 UTC - RP397 - Windows Update6: 2008-05-05 02:22:28 UTC - RP396 - Windows Update5: 2008-05-02 14:00:56 UTC - RP395 - Windows Update4: 2008-04-30 07:26:02 UTC - RP394 - Scheduled Checkpoint3: 2008-04-28 04:21:00 UTC - RP393 - Restore Operation-- First Restore Point -- 1: 2008-04-28 04:18:10 UTC - RP391 - 4/15/08Backed up registry hives.Performed disk cleanup.Total Physical Memory: 511 MiB (1024 MiB recommended).-- HijackThis Clone ------------------------------------------------------------Emulating logfile of Trend Micro HijackThis v2.0.2Scan saved at 2008-05-14 22:51:49Platform: Windows Vista (6.00.6000)MSIE: Internet Explorer (7.00.6000.16386)Boot mode: NormalRunning processes:C:\Windows\System32\taskeng.exeC:\Windows\System32\dwm.exeC:\Program Files\Windows Defender\MSASCui.exeC:\Program Files\Common Files\soft602\pdfSaver.exeC:\Windows\System32\cthelper.exeC:\Program Files\Yahoo!\browser\ybrwicon.exeC:\Windows\BCMSMMSG.exeC:\Win... Read more

A:Http 404 And Other Pop Ups

Hello krazymanyac,Welcome to Bleeping Computer Please run HijackThis! and click "Scan." Place checks next to the following entries, if present:O2 - BHO: (no name) - {09410A74-393D-44C5-A1E7-3D3424436B0A} - (no file)O2 - BHO: Alcohol Toolbar Helper - {0ACF00E0-C1E4-4F6B-B290-10AC7505C47A} - C:\Program Files\Alcohol Toolbar\v3.0.0.0\AudioGizmo_Toolbar.dll (file missing)O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll (file missing)O2 - BHO: (no name) - {11682196-5BC2-425B-B3FA-7C3CAC771569} - (no file)O2 - BHO: (no name) - {3D6E42BA-722A-4754-AAD2-67B7CCF5D208} - (no file)O2 - BHO: (no name) - {6396B795-6A6C-4639-872E-77141C9B1BB4} - (no file)O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb126\Dealio.dll (file missing)O2 - BHO: (no name) - {96521836-417A-4025-BC4E-BC843010891B} - (no file)O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)O2 - BHO: (no name) - {B4E48119-0DCE-45EA-94F2-F8BB8826B388} - (no file)O2 - BHO: (no name) - {B712DF81-EDF9-404D-9EB5-679F3A490B7B} - (no file)O2 - BHO: (no name) - {C6DF2294-975B-4BEA-93AB-AD6DB4D03EE5} - (no file)O2 - BHO: UrlHelper Class - {CFC4F59B-A2DA-4e12-B337-52A4F871E10C} - C:\Program Files\Shareaza Applications\Shareaza MediaBar... Read more

Read other 2 answers
RELEVANCY SCORE 54.4

Is it relatively hard to setup RPC over HTTP.

Im looking for a proper procedure that wont inconvenience all my users.

I noticed that if you dont have an SSL certificate you have to mess with the registry so I am looking into getting that also.
 

Read other answers
RELEVANCY SCORE 54.4

Hi
I have a wireless media player that plays streaming mms from the web, I want to play streaming asf , asx etc but the address is http. is there a way to change the http to mms so my media player can player the asf,asx?

Also would this work for motion jpeg?

thanks
Simon
 

Read other answers
RELEVANCY SCORE 54.4

My Internet Explorer (v 8) connects without problem to every URL I enter, with one exception. Every time I attempt to connect to that one URL I get a message indicating http 501/http 505 error. Several days ago I was able to connect to that site without problem but all more recent attempts have failed as described

Any clues or suggestions.

A:http 501/http 505

What is the site?

See here: Error Message: Error 501/505: Not Implemented or Not Supported

Try running IE without Add-ons then try the site again.

Click Start then Run, type iexplore -extoff and press Enter or click on Go.
-- or --
Click on Start, Programs, Accessories, System Tools, Internet Explorer (No Add-ons)

Read other 9 answers
RELEVANCY SCORE 54.4

Hi allI am new here and sure hope you can help I followed the advice for"newbies" before postingI could not run the Kaspersky progam, it kept frezzing up but Ido have the report from Deckard's System Scanner (DSS) the problem is that everytime I open the internet, several pages open with the HTTP 404 error on itI sure hope someone can help, as I have exhusted all options that I could read about fixing italso I have run every free spywere program that I could find!and AVGThanks in advance to all who help me outHere is the reportDeckard's System Scanner v20071014.68Run by caprice on 2008-06-21 21:31:04Computer is in Normal Mode.---------------------------------------------------------------------------------- Last 2 Restore Point(s) --2: 2007-07-31 16:22:16 UTC - RP32 - Scheduled Checkpoint1: 2007-07-29 05:23:03 UTC - RP31 - Removed Maxtor?MaxBlastBacked up registry hives.Performed disk cleanup.Total Physical Memory: 1015 MiB (1024 MiB recommended).-- HijackThis (run as caprice.exe) ---------------------------------------------Logfile of Trend Micro HijackThis v2.0.2Scan saved at 9:33:47 PM, on 6/21/2008Platform: Windows Vista (WinNT 6.00.1904)MSIE: Internet Explorer v7.00 (7.00.6000.16681)Boot mode: NormalRunning processes:C:\Windows\system32\taskeng.exeC:\Windows\system32\Dwm.exeC:\hp\support\hpsysdrv.exeC:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exeC:\Windows\RtHDVCpl.... Read more

A:Http 404 And Pop Ups

Hello Dilaysisgirl and welcome to BleepingComputer,1. * Clean your Cache and Cookies in IE:Close all instances of Outlook Express and Internet Explorer Go to Control Panel > Internet Options > General tabUnder Browsing History, click Delete. Click Delete Files, Delete cookies and Delete historyClick Close below.* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):Go to Tools > Options.Click Privacy in the menu..Click the Clear now button below.. A new window will popup what to clear.Select all and click the Clear button again.Click OK to close the Options window* Clean other Temporary files + Recycle bin Go to start > run and type: cleanmgr and click ok. Let it scan your system for files to remove. Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.Press OK to remove them.2. Please download Malwarebytes' Anti-Malware from Here or HereDoubleclick mbam-setup.exe to install the application.Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.If an update is found, it will download and install the latest version.Once the program has loaded, select "Perform Quick Scan", then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is comp... Read more

Read other 6 answers
RELEVANCY SCORE 54.4

61911644











Solved!
View Solution.

A:http://192.168.223.1

61911644

Read other 4 answers
RELEVANCY SCORE 54.4

Hi guys , im new to having a router and such , but i got one today .

a Sitecom WL-161 Broadband Router for my virgin media cable modem.

problem is when i first tried setting it up i connected to http://192.168.0.1/

and it connected fine , but i couldnt manage to get the internet working so i was messing around with some of the settings (big mistake) and i set DHCP to client instead of server.

Now ever since i cant connect to http://192.168.0.1/.

help would really be appreciated

Gaz
 

A:http://192.168.0.1/

Read other 6 answers
RELEVANCY SCORE 54.4

http.sys driver does not load. File is found as required in:
windows/system32/driver/http.sys
Should appear in hidden system devices list. May be corrupted file. Can this driver be updated or reloaded?

A:http.sys

  
Quote: Originally Posted by skipshein


http.sys driver does not load. File is found as required in:
windows/system32/driver/http.sys
Should appear in hidden system devices list. May be corrupted file. Can this driver be updated or reloaded?


Since it is part of IIS and win7 you should run a system file check to verify and repair your system files
(type cmd in search>right click and run as admin>sfc /scannow)

Let us know the results

Ken

Read other 3 answers
RELEVANCY SCORE 54.4

Hi, I have a windows XP. I foolishly tried to download something from LimeWire for the first time ever and have completely wrecked my pc.
I have constant pop ups - CiC:http\adserver5 is the main one but there are many more.
I found your amazing site by searching the web, so hope you don't mind my asking for your help.
I was using Symantec Professional, which the last guy who fixed it installed for me but I added AVG Antispyware and As-aware SE by myself and that seemed to be ok until I did this. I have since downloaded Spybot search and destroy and Avast Antivirus which I have run several times. I found a thread on your forum from someone with a similar problem so I downloaded Hijack This and ran it. Here is the report
Logfile of HijackThis v1.99.1
Scan saved at 04:40:50, on 19/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\system32\PV92Tray.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\QuickTime\Q... Read more

A:CiD:http pop ups ...and much more

Anyone????
Getting desperate now.
Thanks.
 

Read other 2 answers
RELEVANCY SCORE 54.4

G,day,
Have just fired up pc and all that happens is http:/// flashes in the address bar. This happens on or offline. Any tabs I try to click on just close. Any ideas.
Thankyou Jamie

Read other answers
RELEVANCY SCORE 54.4
Q: Http

Hi Guys

Firstly, if this is in the wrong place please move it. I was not sure which section to put it in.

I am learning HTML and doing pretty well but need some advice.

I create a web page with an animated gif on it and a pic in the middle. I uploaded it to a server, and the gif came out ok, but where the pic was, was just a red cross.

Secondly. I can successfully put a link to a site on the page, but can you tell me how to set it up so that if you click on a picture I put on the page it will then link to the desired web page.

Thanks for your time

Fas
 

RELEVANCY SCORE 54.4

My OS is Win XP Pro SP3 and Browser Firefox 5

Sometimes when I click on close (Red X top right hand corner) from a page on the FF browser I am getting another page with the domain name http.com.

This is a page of parked domains and I have attached a screenshot of the top half of the page. There is a privacy link at the bottom of the page and when I click on this the url is Google AdSense for Domains which is Google Adsense for Domains.

I haven?t a clue why this is happening although it is becoming more frequent.

I have run a scans with NOD32 and Spybot which are clean.

Can anyone help please?

A:What is http.doc

Have a look in your Firefox's add-ons & extensions manager.

Read other 1 answers