Httpswork.com
Httpswork.com (Httpswork.net) is a rogue website related to Desktop Security 2010. Desktop Security 2010 uses a browser hijacker to redirect users to httpswork.com, which is basically a fake scan page which produces false results claiming the PC is infected with malware. These scare tactics are used to urge the user to purchase Desktop Security 2010 to remove the alleged threats. Do not fall for this trickery and have Desktop Security 2010 and httpswork.com removed immediately.
File System Modifications
- The following files were created in the system:
# File Name 1 %Documents and Settings%\All Users\Start Menu\Programs\Desktop Security 2010 2 %Documents and Settings%\All Users\Start Menu\Programs\Desktop Security 2010.lnk 3 %Documents and Settings%\All Users\Start Menu\Programs\Desktop Security 2010\Activate Desktop Security 2010.lnk 4 %Documents and Settings%\All Users\Start Menu\Programs\Desktop Security 2010\Desktop Security 2010.lnk 5 %Documents and Settings%\All Users\Start Menu\Programs\Desktop Security 2010\Help Desktop Security 2010.lnk 6 %Documents and Settings%\All Users\Start Menu\Programs\Desktop Security 2010\How to Activate Desktop Security 2010.lnk 7 %Program Files%\Desktop Security 2010 8 %Program Files%\Desktop Security 2010\daily.cvd 9 %Program Files%\Desktop Security 2010\Desktop Security 2010.exe 10 %Program Files%\Desktop Security 2010\guide.chm 11 %Program Files%\Desktop Security 2010\hjengine.dll 12 %Program Files%\Desktop Security 2010\mfc71.dll 13 %Program Files%\Desktop Security 2010\MFC71ENU.DLL 14 %Program Files%\Desktop Security 2010\msvcp71.dll 15 %Program Files%\Desktop Security 2010\msvcr71.dll 16 %Program Files%\Desktop Security 2010\pthreadVC2.dll 17 %Program Files%\Desktop Security 2010\securitycenter.exe 18 %Program Files%\Desktop Security 2010\taskmgr.dll 19 %Program Files%\Desktop Security 2010\uninstall.exe 20 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Desktop Security 2010.lnk 21 %UserProfile%\Local Settings\Temp\gedx_ae09.exe 22 %UserProfile%\Local Settings\Temp\jkfuckjs.exe 23 %UserProfile%\Local Settings\Temp\kgn.exe 24 %UserProfile%\Local Settings\Temp\kilslmd.exex 25 %UserProfile%\Local Settings\Temp\kn.a.exe 26 %WINDOWS%\system32\[random].exe
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "%Program Files%\Desktop Security 2010\Desktop Security 2010.exe"HKEY_LOCAL_MACHINE\SOFTWARE\Desktop Security 2010HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform "Desktop Security 2010"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Desktop Security 2010"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "SecurityCenter"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random]"HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}Desktop Security 2010
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.