ПОЛЬЗОВАТЕЛЯМ

Закрыть

Поиск

Поиск

Поддержка
Круглосуточная поддержка

Напишите

Запрос через форму

Позвоните

Бесплатно по России:
8-800-333-79-32

ЧаВо | Форум

Напишите

Задать вопрос в поддержку

Ваши запросы

  • Все: -
  • Незакрытые: -
  • Последний: -

Позвоните

Бесплатно по России:
8-800-333-79-32

Свяжитесь с нами Незакрытые запросы: 

Профиль

Профиль

RU
RU CN DE EN ES FR IT JP KZ UZ PL BY
Закрыть

Переключение языка сайта

Сервисы
Сканеры
FixIt!
Dr.Web vxCube
Экспертиза ВКИ
Вирусная библиотека
База знаний

Технологии

Термины

Обучение и просвещение

Мифы

Новости

Trojan.Siren.18

Добавлен в вирусную базу Dr.Web: 2013-08-02

Описание добавлено:

Техническая информация

Для обеспечения автозапуска и распространения:
Модифицирует следующие ключи реестра:
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,4b,04,00,00,00,00,47,86,4b,04,00,00,00,00,69,87,4b,04,00,00,00,00,8b,88,4b,04,00,00,00,00,ad,89,4b,04,00,00,00,00,cf,8a,4b,04,00,00,00,00,f1,8b,4b,04,00,00,00,00,13,8d,4b,04,00,00,00,00,35,8e,4b,04,00,00,00,00,57,8f,4b,04,00,00,00,00,79,90,4b,04,00,00,00,00,9b,91,4b,04,00,00,00,00,bd,92,4b,04,00,00,00,00,df,93,4b,04,00,00,00,00,01,95,4b,04,00,00,00,00,23,96,4b,04,00,00,00,00,45,97,4b,04,00,00,00,00,67,98,4b,04,00,00,00,00,89,99,4b,04,38,00,00,00,ab,9a,4b,04,00,00,00,00,cd,9b,4b,04,00,00,00,00,f7,9c,4b,04,00,00,00,00,19,9e,4b,04,00,00,00,00,3b,9f,4b,04,00,00,00,00,5d,a0,4b,04,00,00,00,00,7f,a1,4b,04,00,00,00,00,a1,a2,4b,04,00,00,00,00,c3,a3,4b,04,00,00,00,00,e5,a4,4b,04,09,02,02,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,f0,03,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,02,00,00,00,00,00,00,80,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,45,00,35,00,46,00,35,00,46,00,30,00,42,00,38,00,2d,00,38,00,38,00,34,00,42,00,2d,00,34,00,31,00,33,00,30,00,2d,00,42,00,37,00,36,00,38,00,2d,00,38,00,44,00,42,00,39,00,32,00,30,00,31,00,30,00,32,00,35,00,43,00,44,00,7d,00,5d,00,20,00,44,00,41,00,54,00,41,00,47,00,52,00,41,00,4d,00,20,00,30,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,4b,04,00,00,00,00,47,86,4b,04,00,00,00,00,69,87,4b,04,00,00,00,00,8b,88,4b,04,00,00,00,00,ad,89,4b,04,00,00,00,00,cf,8a,4b,04,00,00,00,00,f1,8b,4b,04,00,00,00,00,13,8d,4b,04,00,00,00,00,35,8e,4b,04,00,00,00,00,57,8f,4b,04,00,00,00,00,79,90,4b,04,00,00,00,00,9b,91,4b,04,00,00,00,00,bd,92,4b,04,00,00,00,00,df,93,4b,04,00,00,00,00,01,95,4b,04,00,00,00,00,23,96,4b,04,00,00,00,00,45,97,4b,04,00,00,00,00,67,98,4b,04,00,00,00,00,89,99,4b,04,38,00,00,00,ab,9a,4b,04,00,00,00,00,cd,9b,4b,04,00,00,00,00,f7,9c,4b,04,00,00,00,00,19,9e,4b,04,00,00,00,00,3b,9f,4b,04,00,00,00,00,5d,a0,4b,04,00,00,00,00,7f,a1,4b,04,00,00,00,00,a1,a2,4b,04,00,00,00,00,c3,a3,4b,04,00,00,00,00,e5,a4,4b,04,0e,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,ef,03,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,05,00,00,00,00,00,00,80,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,45,00,35,00,46,00,35,00,46,00,30,00,42,00,38,00,2d,00,38,00,38,00,34,00,42,00,2d,00,34,00,31,00,33,00,30,00,2d,00,42,00,37,00,36,00,38,00,2d,00,38,00,44,00,42,00,39,00,32,00,30,00,31,00,30,00,32,00,35,00,43,00,44,00,7d,00,5d,00,20,00,53,00,45,00,51,00,50,00,41,00,43,00,4b,00,45,00,54,00,20,00,30,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,72,73,76,70,73,70,2e,64,6c,6c,00,00,4b,04,00,00,00,00,47,86,4b,04,00,00,00,00,69,87,4b,04,00,00,00,00,8b,88,4b,04,00,00,00,00,ad,89,4b,04,00,00,00,00,cf,8a,4b,04,00,00,00,00,f1,8b,4b,04,00,00,00,00,13,8d,4b,04,00,00,00,00,35,8e,4b,04,00,00,00,00,57,8f,4b,04,00,00,00,00,79,90,4b,04,00,00,00,00,9b,91,4b,04,00,00,00,00,bd,92,4b,04,00,00,00,00,df,93,4b,04,00,00,00,00,01,95,4b,04,00,00,00,00,23,96,4b,04,00,00,00,00,45,97,4b,04,00,00,00,00,67,98,4b,04,00,00,00,00,89,99,4b,04,38,00,00,00,ab,9a,4b,04,00,00,00,00,cd,9b,4b,04,00,00,00,00,f7,9c,4b,04,00,00,00,00,19,9e,4b,04,00,00,00,00,3b,9f,4b,04,00,00,00,00,5d,a0,4b,04,00,00,00,00,7f,a1,4b,04,00,00,00,00,a1,a2,4b,04,00,00,00,00,c3,a3,4b,04,00,00,00,00,e5,a4,4b,04,66,20,02,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,e0,a9,60,9d,7a,33,d0,11,bd,88,00,00,c0,82,e6,9a,ee,03,00,00,01,00,00,00,0f,2e,f5,77,0b,18,f5,77,00,00,00,00,4c,ff,b6,01,02,00,00,00,01,00,00,00,0f,2e,f5,77,06,00,00,00,02,00,00,00,10,00,00,00,10,00,00,00,01,00,00,00,06,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,52,00,53,00,56,00,50,00,20,00,54,00,43,00,50,00,20,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,20,00,50,00,72,00,6f,00,76,00,69,00,64,00,65,00,72,00,00,00,00,00,00,00,f2,5f,5a,75,03,60,5a,75,00,fc,6d,01,b0,b0,0c,00,80,13,b7,01,80,13,b7,01,b4,fb,6d,01,88,01,08,00,78,13,b7,01,00,00,00,00,00,00,00,00,00,00,aa,00,00,00,08,00,10,8e,d6,00,00,00,00,00,50,fc,6d,01,bf,1f,f5,77,00,00,08,00,00,00,08,00,c0,a5,0c,00,00,00,00,00,68,fc,6d,01,bf,1f,f5,77,00,00,08,00,83,20,f5,77,08,06,08,00,8d,16,f5,77,00,00,00,00,c8,a5,0c,00,c8,a5,0c,00,6c,fd,6d,01,f0,14,b7,01,58,36,b8,01,18,8e,d6,00,88,01,08,00,d0,01,08,00,a8,36,b8,01,88,01,08,00,90,0e,d6,00,90,01,08,00,00,00,00,00,00,00,00,00,08,00,00,00,c0,a5,0c,00,10,00,00,00,00,03,08,00,50,2b,b7,01,02,00,00,00,06,00,00,00,00,03,08,00,d0,2c,b7,01,08,00,00,00,0b,00,00,00,d8,01,08,00,c0,a5,0c,00,00,00,00,00,00,00,00,00,00,00,aa,00,60,00,00,00,ff,8f,f5,77,98,0e,d6,00,e0,26,b7,01,54,fc,6d,01,54,21,f5,77,31,00,00,00,48,2b,b7,01,00,00,08,00,e0,26,b7,01,00,00,08,00,00,00,08,00,00,00,08,00,78,01,08,00,83,20,f5,77,08,06,08,00,8d,16,f5,77,c0,8b,d6,00,00,00,00,00,3c,85,d6,00,2f,f3,f7,77,f8,fc,6d,01,02,24,f8,77,40,55,f7,77,ff,ff,ff,ff,54,12,f5,77,04,58,da,77,00,00,00,00,00,00,00,00,00,00,00,00,a4,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,78,01,08,00,e8,26,b7,01,78,65,b7,01,80,65,b7,01,78,01,08,00,a4,02,00,00,e4,fc,6d,01,03,00,00,00,e8,26,b7,01,d8,58,da,77,e0,26,b7,01,00,00,00,00,00,00,00,00,c0,8b,d6,00,00,00,00,00,3c,85,d6,00,4f,12,f5,77,54,12,f5,77,c0,8b,d6,00,00,00,00,00,3c,85,d6,00,f8,fc,6d,01}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,4b,04,00,00,00,00,47,86,4b,04,00,00,00,00,69,87,4b,04,00,00,00,00,8b,88,4b,04,00,00,00,00,ad,89,4b,04,00,00,00,00,cf,8a,4b,04,00,00,00,00,f1,8b,4b,04,00,00,00,00,13,8d,4b,04,00,00,00,00,35,8e,4b,04,00,00,00,00,57,8f,4b,04,00,00,00,00,79,90,4b,04,00,00,00,00,9b,91,4b,04,00,00,00,00,bd,92,4b,04,00,00,00,00,df,93,4b,04,00,00,00,00,01,95,4b,04,00,00,00,00,23,96,4b,04,00,00,00,00,45,97,4b,04,00,00,00,00,67,98,4b,04,00,00,00,00,89,99,4b,04,38,00,00,00,ab,9a,4b,04,00,00,00,00,cd,9b,4b,04,00,00,00,00,f7,9c,4b,04,00,00,00,00,19,9e,4b,04,00,00,00,00,3b,9f,4b,04,00,00,00,00,5d,a0,4b,04,00,00,00,00,7f,a1,4b,04,00,00,00,00,a1,a2,4b,04,00,00,00,00,c3,a3,4b,04,00,00,00,00,e5,a4,4b,04,0e,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,f1,03,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,05,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,36,00,46,00,31,00,36,00,37,00,35,00,34,00,45,00,2d,00,36,00,42,00,45,00,35,00,2d,00,34,00,36,00,44,00,46,00,2d,00,42,00,35,00,35,00,37,00,2d,00,33,00,38,00,34,00,46,00,43,00,46,00,37,00,41,00,33,00,43,00,39,00,31,00,7d,00,5d,00,20,00,53,00,45,00,51,00,50,00,41,00,43,00,4b,00,45,00,54,00,20,00,31,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,4b,04,00,00,00,00,47,86,4b,04,00,00,00,00,69,87,4b,04,00,00,00,00,8b,88,4b,04,00,00,00,00,ad,89,4b,04,00,00,00,00,cf,8a,4b,04,00,00,00,00,f1,8b,4b,04,00,00,00,00,13,8d,4b,04,00,00,00,00,35,8e,4b,04,00,00,00,00,57,8f,4b,04,00,00,00,00,79,90,4b,04,00,00,00,00,9b,91,4b,04,00,00,00,00,bd,92,4b,04,00,00,00,00,df,93,4b,04,00,00,00,00,01,95,4b,04,00,00,00,00,23,96,4b,04,00,00,00,00,45,97,4b,04,00,00,00,00,67,98,4b,04,00,00,00,00,89,99,4b,04,38,00,00,00,ab,9a,4b,04,00,00,00,00,cd,9b,4b,04,00,00,00,00,f7,9c,4b,04,00,00,00,00,19,9e,4b,04,00,00,00,00,3b,9f,4b,04,00,00,00,00,5d,a0,4b,04,00,00,00,00,7f,a1,4b,04,00,00,00,00,a1,a2,4b,04,00,00,00,00,c3,a3,4b,04,00,00,00,00,e5,a4,4b,04,09,02,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,f4,03,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,02,00,00,00,fe,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,31,00,38,00,32,00,37,00,42,00,42,00,34,00,35,00,2d,00,42,00,42,00,39,00,36,00,2d,00,34,00,31,00,43,00,30,00,2d,00,39,00,45,00,35,00,44,00,2d,00,33,00,43,00,41,00,32,00,38,00,35,00,38,00,32,00,35,00,46,00,31,00,31,00,7d,00,5d,00,20,00,44,00,41,00,54,00,41,00,47,00,52,00,41,00,4d,00,20,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,4b,04,00,00,00,00,47,86,4b,04,00,00,00,00,69,87,4b,04,00,00,00,00,8b,88,4b,04,00,00,00,00,ad,89,4b,04,00,00,00,00,cf,8a,4b,04,00,00,00,00,f1,8b,4b,04,00,00,00,00,13,8d,4b,04,00,00,00,00,35,8e,4b,04,00,00,00,00,57,8f,4b,04,00,00,00,00,79,90,4b,04,00,00,00,00,9b,91,4b,04,00,00,00,00,bd,92,4b,04,00,00,00,00,df,93,4b,04,00,00,00,00,01,95,4b,04,00,00,00,00,23,96,4b,04,00,00,00,00,45,97,4b,04,00,00,00,00,67,98,4b,04,00,00,00,00,89,99,4b,04,38,00,00,00,ab,9a,4b,04,00,00,00,00,cd,9b,4b,04,00,00,00,00,f7,9c,4b,04,00,00,00,00,19,9e,4b,04,00,00,00,00,3b,9f,4b,04,00,00,00,00,5d,a0,4b,04,00,00,00,00,7f,a1,4b,04,00,00,00,00,a1,a2,4b,04,00,00,00,00,c3,a3,4b,04,00,00,00,00,e5,a4,4b,04,0e,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,f3,03,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,05,00,00,00,fe,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,31,00,38,00,32,00,37,00,42,00,42,00,34,00,35,00,2d,00,42,00,42,00,39,00,36,00,2d,00,34,00,31,00,43,00,30,00,2d,00,39,00,45,00,35,00,44,00,2d,00,33,00,43,00,41,00,32,00,38,00,35,00,38,00,32,00,35,00,46,00,31,00,31,00,7d,00,5d,00,20,00,53,00,45,00,51,00,50,00,41,00,43,00,4b,00,45,00,54,00,20,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,4b,04,00,00,00,00,47,86,4b,04,00,00,00,00,69,87,4b,04,00,00,00,00,8b,88,4b,04,00,00,00,00,ad,89,4b,04,00,00,00,00,cf,8a,4b,04,00,00,00,00,f1,8b,4b,04,00,00,00,00,13,8d,4b,04,00,00,00,00,35,8e,4b,04,00,00,00,00,57,8f,4b,04,00,00,00,00,79,90,4b,04,00,00,00,00,9b,91,4b,04,00,00,00,00,bd,92,4b,04,00,00,00,00,df,93,4b,04,00,00,00,00,01,95,4b,04,00,00,00,00,23,96,4b,04,00,00,00,00,45,97,4b,04,00,00,00,00,67,98,4b,04,00,00,00,00,89,99,4b,04,38,00,00,00,ab,9a,4b,04,00,00,00,00,cd,9b,4b,04,00,00,00,00,f7,9c,4b,04,00,00,00,00,19,9e,4b,04,00,00,00,00,3b,9f,4b,04,00,00,00,00,5d,a0,4b,04,00,00,00,00,7f,a1,4b,04,00,00,00,00,a1,a2,4b,04,00,00,00,00,c3,a3,4b,04,00,00,00,00,e5,a4,4b,04,09,02,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,f2,03,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,02,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,36,00,46,00,31,00,36,00,37,00,35,00,34,00,45,00,2d,00,36,00,42,00,45,00,35,00,2d,00,34,00,36,00,44,00,46,00,2d,00,42,00,35,00,35,00,37,00,2d,00,33,00,38,00,34,00,46,00,43,00,46,00,37,00,41,00,33,00,43,00,39,00,31,00,7d,00,5d,00,20,00,44,00,41,00,54,00,41,00,47,00,52,00,41,00,4d,00,20,00,31,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,72,73,76,70,73,70,2e,64,6c,6c,00,00,4b,04,00,00,00,00,47,86,4b,04,00,00,00,00,69,87,4b,04,00,00,00,00,8b,88,4b,04,00,00,00,00,ad,89,4b,04,00,00,00,00,cf,8a,4b,04,00,00,00,00,f1,8b,4b,04,00,00,00,00,13,8d,4b,04,00,00,00,00,35,8e,4b,04,00,00,00,00,57,8f,4b,04,00,00,00,00,79,90,4b,04,00,00,00,00,9b,91,4b,04,00,00,00,00,bd,92,4b,04,00,00,00,00,df,93,4b,04,00,00,00,00,01,95,4b,04,00,00,00,00,23,96,4b,04,00,00,00,00,45,97,4b,04,00,00,00,00,67,98,4b,04,00,00,00,00,89,99,4b,04,38,00,00,00,ab,9a,4b,04,00,00,00,00,cd,9b,4b,04,00,00,00,00,f7,9c,4b,04,00,00,00,00,19,9e,4b,04,00,00,00,00,3b,9f,4b,04,00,00,00,00,5d,a0,4b,04,00,00,00,00,7f,a1,4b,04,00,00,00,00,a1,a2,4b,04,00,00,00,00,c3,a3,4b,04,00,00,00,00,e5,a4,4b,04,09,26,02,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,e0,a9,60,9d,7a,33,d0,11,bd,88,00,00,c0,82,e6,9a,ed,03,00,00,01,00,00,00,c8,f9,6d,01,16,00,18,00,08,3c,55,75,00,00,00,00,7c,f8,6d,01,17,87,56,75,00,00,00,00,06,00,00,00,02,00,00,00,10,00,00,00,10,00,00,00,02,00,00,00,11,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,bb,ff,00,00,00,00,00,00,52,00,53,00,56,00,50,00,20,00,55,00,44,00,50,00,20,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,20,00,50,00,72,00,6f,00,76,00,69,00,64,00,65,00,72,00,00,00,18,f9,6d,01,0f,2e,f5,77,0b,18,f5,77,01,00,00,00,00,fc,6d,01,04,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,0f,2e,f5,77,00,00,00,00,a8,f9,6d,01,20,12,f5,77,4f,12,f5,77,54,12,f5,77,00,00,00,00,a8,f9,6d,01,0f,2e,f5,77,0b,18,f5,77,01,00,00,00,00,fc,6d,01,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,7b,00,45,00,35,00,46,00,35,00,46,00,30,00,42,00,38,00,2d,00,38,00,38,00,34,00,42,00,2d,00,34,00,31,00,33,00,30,00,2d,00,42,00,37,00,36,00,38,00,2d,00,38,00,44,00,42,00,39,00,32,00,30,00,31,00,30,00,32,00,35,00,43,00,44,00,7d,00,00,00,42,00,39,00,32,00,30,00,31,00,30,00,32,00,35,00,43,00,44,00,7d,00,00,00,00,00,19,00,02,00,54,fc,6d,01,19,00,02,00,54,fc,6d,01,00,01,00,00,02,00,07,80,cc,f9,6d,01,0c,88,56,75,a4,02,00,00,08,3c,55,75,0f,2e,f5,77,0b,18,f5,77,0e,00,07,80,f4,12,b7,01,10,ff,b6,01,00,00,00,00,5c,fc,6d,01,1b,19,da,77,e4,f9,6d,01,d8,51,57,75,00,00,00,00,10,ff,b6,01,00,00,00,00,4c,ff,b6,01,60,e5,db,77,ff,ff,ff,ff,2b,18,da,77,33,1b,da,77,20,00,00,00,24,fa,6d,01,00,00,00,00,19,00,02,00,74,fc,6d,01,00,00,00,00,74,fc,6d,01,00,00,00,00,74,00,74,00,6c,fa,6d,01,00,00,00,00,0f,2e,f5,77,0b,18,f5,77,0f,2e,f5,77,0b,18,f5,77,01,00,00,00,6c,fd,6d,01,04,00,00,00,88,3c,c1,77,59,97,57,75,02,00,00,80,0f,2e,f5,77,0b,18,f5,77,01,00,00,00,0f,2e,f5,77,0b,18,f5,77,00,00,00,00,00,00,00,00,58,00,00,00,0f,2e,f5,77,0b,18,f5,77,01,00,00,00,6c,fd,6d,01,01,00,00,00,6e,00,74,00,0c,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003] 'LibraryPath' = '%SystemRoot%\System32\mswsock.dll'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002] 'LibraryPath' = '%SystemRoot%\System32\winrnr.dll'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001] 'LibraryPath' = '%SystemRoot%\System32\mswsock.dll'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,4b,04,00,00,00,00,47,86,4b,04,00,00,00,00,69,87,4b,04,00,00,00,00,8b,88,4b,04,00,00,00,00,ad,89,4b,04,00,00,00,00,cf,8a,4b,04,00,00,00,00,f1,8b,4b,04,00,00,00,00,13,8d,4b,04,00,00,00,00,35,8e,4b,04,00,00,00,00,57,8f,4b,04,00,00,00,00,79,90,4b,04,00,00,00,00,9b,91,4b,04,00,00,00,00,bd,92,4b,04,00,00,00,00,df,93,4b,04,00,00,00,00,01,95,4b,04,00,00,00,00,23,96,4b,04,00,00,00,00,45,97,4b,04,00,00,00,00,67,98,4b,04,00,00,00,00,89,99,4b,04,38,00,00,00,ab,9a,4b,04,00,00,00,00,cd,9b,4b,04,00,00,00,00,f7,9c,4b,04,00,00,00,00,19,9e,4b,04,00,00,00,00,3b,9f,4b,04,00,00,00,00,5d,a0,4b,04,00,00,00,00,7f,a1,4b,04,00,00,00,00,a1,a2,4b,04,00,00,00,00,c3,a3,4b,04,00,00,00,00,e5,a4,4b,04,06,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,3d,52,72,39,f1,2a,d1,11,b6,55,00,80,5f,36,42,cc,e9,03,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,1a,00,00,00,20,00,00,00,08,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,49,00,72,00,64,00,61,00,20,00,5b,00,49,00,72,00,44,00,41,00,5d,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,4b,04,00,00,00,00,47,86,4b,04,00,00,00,00,69,87,4b,04,00,00,00,00,8b,88,4b,04,00,00,00,00,ad,89,4b,04,00,00,00,00,cf,8a,4b,04,00,00,00,00,f1,8b,4b,04,00,00,00,00,13,8d,4b,04,00,00,00,00,35,8e,4b,04,00,00,00,00,57,8f,4b,04,00,00,00,00,79,90,4b,04,00,00,00,00,9b,91,4b,04,00,00,00,00,bd,92,4b,04,00,00,00,00,df,93,4b,04,00,00,00,00,01,95,4b,04,00,00,00,00,23,96,4b,04,00,00,00,00,45,97,4b,04,00,00,00,00,67,98,4b,04,00,00,00,00,89,99,4b,04,38,00,00,00,ab,9a,4b,04,00,00,00,00,cd,9b,4b,04,00,00,00,00,f7,9c,4b,04,00,00,00,00,19,9e,4b,04,00,00,00,00,3b,9f,4b,04,00,00,00,00,5d,a0,4b,04,00,00,00,00,7f,a1,4b,04,00,00,00,00,a1,a2,4b,04,00,00,00,00,c3,a3,4b,04,00,00,00,00,e5,a4,4b,04,09,06,02,00,00,00,00,00,00,00,00,00,00,00,00,00,0c,00,00,00,a0,1a,0f,e7,8b,ab,cf,11,8c,a3,00,80,5f,48,a1,92,ec,03,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,02,00,00,00,10,00,00,00,10,00,00,00,03,00,00,00,00,00,00,00,ff,00,00,00,00,00,00,00,00,00,00,00,bb,ff,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,54,00,63,00,70,00,69,00,70,00,20,00,5b,00,52,00,41,00,57,00,2f,00,49,00,50,00,5d,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,4b,04,00,00,00,00,47,86,4b,04,00,00,00,00,69,87,4b,04,00,00,00,00,8b,88,4b,04,00,00,00,00,ad,89,4b,04,00,00,00,00,cf,8a,4b,04,00,00,00,00,f1,8b,4b,04,00,00,00,00,13,8d,4b,04,00,00,00,00,35,8e,4b,04,00,00,00,00,57,8f,4b,04,00,00,00,00,79,90,4b,04,00,00,00,00,9b,91,4b,04,00,00,00,00,bd,92,4b,04,00,00,00,00,df,93,4b,04,00,00,00,00,01,95,4b,04,00,00,00,00,23,96,4b,04,00,00,00,00,45,97,4b,04,00,00,00,00,67,98,4b,04,00,00,00,00,89,99,4b,04,38,00,00,00,ab,9a,4b,04,00,00,00,00,cd,9b,4b,04,00,00,00,00,f7,9c,4b,04,00,00,00,00,19,9e,4b,04,00,00,00,00,3b,9f,4b,04,00,00,00,00,5d,a0,4b,04,00,00,00,00,7f,a1,4b,04,00,00,00,00,a1,a2,4b,04,00,00,00,00,c3,a3,4b,04,00,00,00,00,e5,a4,4b,04,09,06,02,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,a0,1a,0f,e7,8b,ab,cf,11,8c,a3,00,80,5f,48,a1,92,eb,03,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,02,00,00,00,10,00,00,00,10,00,00,00,02,00,00,00,11,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,bb,ff,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,54,00,63,00,70,00,69,00,70,00,20,00,5b,00,55,00,44,00,50,00,2f,00,49,00,50,00,5d,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,4b,04,00,00,00,00,47,86,4b,04,00,00,00,00,69,87,4b,04,00,00,00,00,8b,88,4b,04,00,00,00,00,ad,89,4b,04,00,00,00,00,cf,8a,4b,04,00,00,00,00,f1,8b,4b,04,00,00,00,00,13,8d,4b,04,00,00,00,00,35,8e,4b,04,00,00,00,00,57,8f,4b,04,00,00,00,00,79,90,4b,04,00,00,00,00,9b,91,4b,04,00,00,00,00,bd,92,4b,04,00,00,00,00,df,93,4b,04,00,00,00,00,01,95,4b,04,00,00,00,00,23,96,4b,04,00,00,00,00,45,97,4b,04,00,00,00,00,67,98,4b,04,00,00,00,00,89,99,4b,04,38,00,00,00,ab,9a,4b,04,00,00,00,00,cd,9b,4b,04,00,00,00,00,f7,9c,4b,04,00,00,00,00,19,9e,4b,04,00,00,00,00,3b,9f,4b,04,00,00,00,00,5d,a0,4b,04,00,00,00,00,7f,a1,4b,04,00,00,00,00,a1,a2,4b,04,00,00,00,00,c3,a3,4b,04,00,00,00,00,e5,a4,4b,04,66,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,a0,1a,0f,e7,8b,ab,cf,11,8c,a3,00,80,5f,48,a1,92,ea,03,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,02,00,00,00,10,00,00,00,10,00,00,00,01,00,00,00,06,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,54,00,63,00,70,00,69,00,70,00,20,00,5b,00,54,00,43,00,50,00,2f,00,49,00,50,00,5d,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
Вредоносные функции:
Запускает на исполнение:
  • '%WINDIR%\regedit.exe' -s "<SYSTEM32>\winsock2.~reg"
Изменения в файловой системе:
Создает следующие файлы:
  • <SYSTEM32>\winsock2.~reg
Другое:
Ищет следующие окна:
  • ClassName: 'RegEdit_RegEdit' WindowName: '(null)'

Рекомендации по лечению

  1. В случае если операционная система способна загрузиться (в штатном режиме или режиме защиты от сбоев), скачайте лечащую утилиту Dr.Web CureIt! и выполните с ее помощью полную проверку вашего компьютера, а также используемых вами переносных носителей информации.
  2. Если загрузка операционной системы невозможна, измените настройки BIOS вашего компьютера, чтобы обеспечить возможность загрузки ПК с компакт-диска или USB-накопителя. Скачайте образ аварийного диска восстановления системы Dr.Web® LiveDisk или утилиту записи Dr.Web® LiveDisk на USB-накопитель, подготовьте соответствующий носитель. Загрузив компьютер с использованием данного носителя, выполните его полную проверку и лечение обнаруженных угроз.
Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

Выполните полную проверку системы с использованием Антивируса Dr.Web Light для macOS. Данный продукт можно загрузить с официального сайта Apple App Store.

Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

Скачать Dr.Web с Apple Store

На загруженной ОС выполните полную проверку всех дисковых разделов с использованием продукта Антивирус Dr.Web для Linux.

Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

  1. Если мобильное устройство функционирует в штатном режиме, загрузите и установите на него бесплатный антивирусный продукт Dr.Web для Android Light. Выполните полную проверку системы и используйте рекомендации по нейтрализации обнаруженных угроз.
  2. Если мобильное устройство заблокировано троянцем-вымогателем семейства Android.Locker (на экране отображается обвинение в нарушении закона, требование выплаты определенной денежной суммы или иное сообщение, мешающее нормальной работе с устройством), выполните следующие действия:
    • загрузите свой смартфон или планшет в безопасном режиме (в зависимости от версии операционной системы и особенностей конкретного мобильного устройства эта процедура может быть выполнена различными способами; обратитесь за уточнением к инструкции, поставляемой вместе с приобретенным аппаратом, или напрямую к его производителю);
    • после активации безопасного режима установите на зараженное устройство бесплатный антивирусный продукт Dr.Web для Android Light и произведите полную проверку системы, выполнив рекомендации по нейтрализации обнаруженных угроз;
    • выключите устройство и включите его в обычном режиме.

Подробнее о Dr.Web для Android

Демо бесплатно на 14 дней

Выдаётся при установке

Скачать с сайта
Скачать с Google Play