ПОЛЬЗОВАТЕЛЯМ

Закрыть

Поиск

Поиск

Поддержка
Круглосуточная поддержка

Напишите

Запрос через форму

Позвоните

Бесплатно по России:
8-800-333-79-32

ЧаВо | Форум

Напишите

Задать вопрос в поддержку

Ваши запросы

  • Все: -
  • Незакрытые: -
  • Последний: -

Позвоните

Бесплатно по России:
8-800-333-79-32

Свяжитесь с нами Незакрытые запросы: 

Профиль

Профиль

RU
RU CN DE EN ES FR IT JP KZ UZ PL BY
Закрыть

Переключение языка сайта

Сервисы
Сканеры
FixIt!
Dr.Web vxCube
Экспертиза ВКИ
Вирусная библиотека
База знаний

Технологии

Термины

Обучение и просвещение

Мифы

Новости

Trojan.DownLoader10.27485

Добавлен в вирусную базу Dr.Web: 2013-10-13

Описание добавлено:

Техническая информация

Для обеспечения автозапуска и распространения:
Модифицирует следующие ключи реестра:
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,0e,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,53,04,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,05,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,35,00,32,00,30,00,38,00,39,00,45,00,44,00,31,00,2d,00,35,00,43,00,45,00,33,00,2d,00,34,00,34,00,44,00,30,00,2d,00,39,00,31,00,41,00,35,00,2d,00,37,00,42,00,31,00,37,00,46,00,41,00,43,00,35,00,35,00,44,00,31,00,39,00,7d,00,5d,00,20,00,53,00,45,00,51,00,50,00,41,00,43,00,4b,00,45,00,54,00,20,00,31,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,09,02,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,54,04,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,02,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,35,00,32,00,30,00,38,00,39,00,45,00,44,00,31,00,2d,00,35,00,43,00,45,00,33,00,2d,00,34,00,34,00,44,00,30,00,2d,00,39,00,31,00,41,00,35,00,2d,00,37,00,42,00,31,00,37,00,46,00,41,00,43,00,35,00,35,00,44,00,31,00,39,00,7d,00,5d,00,20,00,44,00,41,00,54,00,41,00,47,00,52,00,41,00,4d,00,20,00,31,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,09,02,02,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,52,04,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,02,00,00,00,00,00,00,80,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,41,00,39,00,31,00,43,00,39,00,44,00,44,00,2d,00,42,00,44,00,43,00,31,00,2d,00,34,00,31,00,39,00,36,00,2d,00,41,00,35,00,34,00,33,00,2d,00,32,00,42,00,43,00,41,00,35,00,38,00,35,00,30,00,32,00,46,00,39,00,36,00,7d,00,5d,00,20,00,44,00,41,00,54,00,41,00,47,00,52,00,41,00,4d,00,20,00,30,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,09,02,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,50,04,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,02,00,00,00,fb,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,77,00,6c,00,6e,00,6b,00,4e,00,62,00,5d,00,20,00,44,00,41,00,54,00,41,00,47,00,52,00,41,00,4d,00,20,00,35,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,0e,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,51,04,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,05,00,00,00,00,00,00,80,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,41,00,39,00,31,00,43,00,39,00,44,00,44,00,2d,00,42,00,44,00,43,00,31,00,2d,00,34,00,31,00,39,00,36,00,2d,00,41,00,35,00,34,00,33,00,2d,00,32,00,42,00,43,00,41,00,35,00,38,00,35,00,30,00,32,00,46,00,39,00,36,00,7d,00,5d,00,20,00,53,00,45,00,51,00,50,00,41,00,43,00,4b,00,45,00,54,00,20,00,30,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,0e,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,55,04,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,05,00,00,00,fe,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,39,00,46,00,30,00,39,00,37,00,30,00,30,00,2d,00,35,00,35,00,39,00,41,00,2d,00,34,00,34,00,31,00,32,00,2d,00,38,00,37,00,44,00,42,00,2d,00,41,00,46,00,43,00,36,00,44,00,44,00,39,00,32,00,38,00,34,00,46,00,39,00,7d,00,5d,00,20,00,53,00,45,00,51,00,50,00,41,00,43,00,4b,00,45,00,54,00,20,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,0e,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,59,04,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,05,00,00,00,fc,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,43,00,42,00,33,00,44,00,37,00,30,00,31,00,38,00,2d,00,37,00,35,00,30,00,35,00,2d,00,34,00,38,00,38,00,31,00,2d,00,41,00,33,00,33,00,36,00,2d,00,33,00,44,00,44,00,30,00,44,00,31,00,41,00,44,00,37,00,45,00,44,00,46,00,7d,00,5d,00,20,00,53,00,45,00,51,00,50,00,41,00,43,00,4b,00,45,00,54,00,20,00,34,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000022] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,09,02,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,5a,04,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,02,00,00,00,fc,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,43,00,42,00,33,00,44,00,37,00,30,00,31,00,38,00,2d,00,37,00,35,00,30,00,35,00,2d,00,34,00,38,00,38,00,31,00,2d,00,41,00,33,00,33,00,36,00,2d,00,33,00,44,00,44,00,30,00,44,00,31,00,41,00,44,00,37,00,45,00,44,00,46,00,7d,00,5d,00,20,00,44,00,41,00,54,00,41,00,47,00,52,00,41,00,4d,00,20,00,34,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000020] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,09,02,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,58,04,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,02,00,00,00,fd,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,45,00,42,00,30,00,41,00,39,00,44,00,42,00,33,00,2d,00,37,00,34,00,44,00,33,00,2d,00,34,00,41,00,35,00,38,00,2d,00,41,00,33,00,46,00,39,00,2d,00,35,00,31,00,31,00,36,00,42,00,45,00,33,00,33,00,32,00,46,00,37,00,38,00,7d,00,5d,00,20,00,44,00,41,00,54,00,41,00,47,00,52,00,41,00,4d,00,20,00,33,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000018] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,09,02,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,56,04,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,02,00,00,00,fe,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,41,00,39,00,46,00,30,00,39,00,37,00,30,00,30,00,2d,00,35,00,35,00,39,00,41,00,2d,00,34,00,34,00,31,00,32,00,2d,00,38,00,37,00,44,00,42,00,2d,00,41,00,46,00,43,00,36,00,44,00,44,00,39,00,32,00,38,00,34,00,46,00,39,00,7d,00,5d,00,20,00,44,00,41,00,54,00,41,00,47,00,52,00,41,00,4d,00,20,00,32,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,0e,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,57,04,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,05,00,00,00,fd,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,65,00,74,00,42,00,54,00,5f,00,54,00,63,00,70,00,69,00,70,00,5f,00,7b,00,45,00,42,00,30,00,41,00,39,00,44,00,42,00,33,00,2d,00,37,00,34,00,44,00,33,00,2d,00,34,00,41,00,35,00,38,00,2d,00,41,00,33,00,46,00,39,00,2d,00,35,00,31,00,31,00,36,00,42,00,45,00,33,00,33,00,32,00,46,00,37,00,38,00,7d,00,5d,00,20,00,53,00,45,00,51,00,50,00,41,00,43,00,4b,00,45,00,54,00,20,00,33,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,72,73,76,70,73,70,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,09,26,02,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,e0,a9,60,9d,7a,33,d0,11,bd,88,00,00,c0,82,e6,9a,ec,03,00,00,01,00,00,00,84,f8,81,07,7c,f8,81,07,88,f9,81,07,04,a4,56,75,54,0b,00,00,a0,3c,55,75,b0,f9,81,07,06,00,00,00,02,00,00,00,10,00,00,00,10,00,00,00,02,00,00,00,11,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,bb,ff,00,00,00,00,00,00,52,00,53,00,56,00,50,00,20,00,55,00,44,00,50,00,20,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,20,00,50,00,72,00,6f,00,76,00,69,00,64,00,65,00,72,00,00,00,01,00,00,00,e4,fb,81,07,01,00,00,00,30,28,70,02,00,00,00,00,3d,fb,92,7c,80,f9,81,07,00,00,00,00,00,f9,81,07,6c,fb,92,7c,71,fb,92,7c,00,00,00,00,80,f9,81,07,3d,fb,92,7c,dc,f8,81,07,2c,f9,81,07,48,f9,81,07,18,ee,92,7c,78,fb,92,7c,ff,ff,ff,ff,71,fb,92,7c,18,6a,da,77,51,6a,da,77,b8,3c,55,75,34,0c,00,00,34,0c,00,00,88,01,1c,00,34,0c,00,00,80,f9,81,07,40,00,00,00,00,00,00,00,00,00,00,00,08,00,08,00,b8,3c,55,75,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,7b,00,41,00,41,00,39,00,31,00,43,00,39,00,44,00,44,00,2d,00,42,00,44,00,43,00,31,00,2d,00,34,00,31,00,39,00,36,00,2d,00,41,00,35,00,34,00,33,00,2d,00,32,00,42,00,43,00,41,00,35,00,38,00,35,00,30,00,32,00,46,00,39,00,36,00,7d,00,00,00,43,00,41,00,35,00,38,00,35,00,30,00,32,00,46,00,39,00,36,00,7d,00,00,00,81,07,74,6c,da,77,c0,f9,81,07,96,15,93,7c,eb,06,93,7c,58,fd,81,07,20,28,34,02,10,00,00,00,b2,8a,57,75,a0,01,1c,00,38,00,00,00,f4,f9,81,07,96,15,93,7c,eb,06,93,7c,01,00,00,00,58,fd,81,07,04,00,00,00,00,00,00,00,00,00,c9,00,4c,fa,81,07,96,15,93,7c,eb,06,93,7c,01,00,00,00,58,fd,81,07,96,15,93,7c,eb,06,93,7c,00,00,00,00,00,00,00,00,58,00,00,00,eb,06,93,7c,01,00,00,00,58,fd,81,07,01,00,00,00,00,00,00,00,0c,00,00,00,78,e8,2a,00,d4,f1,81,07,00,00,00,00,00,00,00,00,e8,2c,3d,01,90,01,1c,00,00,00,00,00,45,00,4d,00,5c,00,43,00,75,00,72,00,72,00,65,00,6e,00,74,00,1c,00,00,00,88,01,1c,00,00,00,c9,00,01,00,00,00,96,15,93,7c}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,72,73,76,70,73,70,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,66,20,02,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,e0,a9,60,9d,7a,33,d0,11,bd,88,00,00,c0,82,e6,9a,ed,03,00,00,01,00,00,00,88,01,1c,00,00,00,1c,00,08,00,00,00,00,00,00,00,8c,fb,81,07,5c,0d,93,7c,00,00,1c,00,06,00,00,00,02,00,00,00,10,00,00,00,10,00,00,00,01,00,00,00,06,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,52,00,53,00,56,00,50,00,20,00,54,00,43,00,50,00,20,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,20,00,50,00,72,00,6f,00,76,00,69,00,64,00,65,00,72,00,00,00,88,01,1c,00,00,00,00,00,10,00,00,00,50,fb,81,07,b8,44,5a,75,00,00,00,00,58,ad,f4,02,7c,fb,81,07,f4,fb,81,07,00,00,1c,00,08,00,00,00,00,00,00,00,28,fc,81,07,5c,0d,93,7c,00,00,1c,00,00,00,c9,00,00,00,00,00,98,9a,1d,00,5c,0d,93,7c,00,00,1c,00,91,0e,93,7c,08,06,1c,00,6d,05,93,7c,c0,c2,6d,02,00,00,00,00,08,00,00,00,00,00,c9,00,01,00,00,00,b0,01,1c,00,03,00,00,00,a0,9a,1d,00,03,00,00,00,00,00,00,00,c0,c2,6d,02,b0,01,1c,00,20,39,70,02,e8,fc,3d,01,38,02,1c,00,00,17,6e,02,d8,01,1c,00,00,00,00,00,10,00,00,00,00,17,6e,02,0a,00,00,00,03,00,00,00,f0,06,93,7c,c0,01,1c,00,18,00,00,00,28,39,70,02,00,00,1c,00,01,00,00,00,00,00,1c,00,c0,01,1c,00,10,00,00,00,08,17,6e,02,18,05,1c,00,00,00,1c,00,4f,6d,01,01,dc,c2,6d,02,60,00,00,00,38,02,1c,00,00,00,00,00,20,39,70,02,3c,fc,81,07,46,0f,93,7c,09,00,00,00,20,39,70,02,00,00,1c,00,c8,35,70,02,00,00,00,00,10,fd,81,07,5c,0d,93,7c,00,00,1c,00,91,0e,93,7c,08,06,1c,00,6d,05,93,7c,b0,19,70,02,00,00,00,00,b4,34,70,02,00,00,c9,00,0e,00,00,00,c8,35,70,02,00,00,00,00,00,00,00,00,54,0b,00,00,00,00,00,00,d0,35,70,02,00,00,00,00,00,00,00,00,00,00,00,00,54,0b,00,00,dc,fc,81,07,18,05,1c,00,54,0b,00,00,10,00,00,00,03,00,00,00,d0,35,70,02,18,05,1c,00,b0,19,70,02,58,03,00,00,b4,34,70,02,0c,00,0e,00,3c,56,55,75,00,00,00,00,ac,fc,81,07,b4,34,70,02,00,00,00,00,b0,19,70,02,04,fd,81,07,6c,fb,92,7c,71,fb,92,7c,b0,19,70,02,00,00,00,00,b4,34,70,02,e0,fc,81,07}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,09,06,02,00,00,00,00,00,00,00,00,00,00,00,00,00,0c,00,00,00,a0,1a,0f,e7,8b,ab,cf,11,8c,a3,00,80,5f,48,a1,92,eb,03,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,02,00,00,00,10,00,00,00,10,00,00,00,03,00,00,00,00,00,00,00,ff,00,00,00,00,00,00,00,00,00,00,00,bb,ff,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,54,00,63,00,70,00,69,00,70,00,20,00,5b,00,52,00,41,00,57,00,2f,00,49,00,50,00,5d,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,66,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,a0,1a,0f,e7,8b,ab,cf,11,8c,a3,00,80,5f,48,a1,92,e9,03,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,02,00,00,00,10,00,00,00,10,00,00,00,01,00,00,00,06,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,54,00,63,00,70,00,69,00,70,00,20,00,5b,00,54,00,43,00,50,00,2f,00,49,00,50,00,5d,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,09,06,02,00,00,00,00,00,00,00,00,00,00,00,00,00,08,00,00,00,a0,1a,0f,e7,8b,ab,cf,11,8c,a3,00,80,5f,48,a1,92,ea,03,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,02,00,00,00,10,00,00,00,10,00,00,00,02,00,00,00,11,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,bb,ff,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,54,00,63,00,70,00,69,00,70,00,20,00,5b,00,55,00,44,00,50,00,2f,00,49,00,50,00,5d,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,09,06,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,40,82,05,11,47,be,cf,11,95,c8,00,80,5f,48,a1,92,4a,04,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,06,00,00,00,10,00,00,00,0e,00,00,00,02,00,00,00,e8,03,00,00,ff,00,00,00,00,00,00,00,00,00,00,00,40,02,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,6e,00,77,00,6c,00,6e,00,6b,00,69,00,70,00,78,00,20,00,5b,00,49,00,50,00,58,00,5d,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,3e,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,41,82,05,11,47,be,cf,11,95,c8,00,80,5f,48,a1,92,4e,04,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,06,00,00,00,10,00,00,00,0e,00,00,00,01,00,00,00,e9,04,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,6e,00,77,00,6c,00,6e,00,6b,00,73,00,70,00,78,00,20,00,5b,00,53,00,50,00,58,00,20,00,49,00,49,00,5d,00,20,00,5b,00,50,00,73,00,65,00,75,00,64,00,6f,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,00,5d,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,0e,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,30,18,5f,8d,73,c2,cf,11,95,c8,00,80,5f,48,a1,92,4f,04,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,11,00,00,00,14,00,00,00,14,00,00,00,05,00,00,00,fb,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,fa,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,4e,00,65,00,74,00,42,00,49,00,4f,00,53,00,20,00,5b,00,5c,00,44,00,65,00,76,00,69,00,63,00,65,00,5c,00,4e,00,77,00,6c,00,6e,00,6b,00,4e,00,62,00,5d,00,20,00,53,00,45,00,51,00,50,00,41,00,43,00,4b,00,45,00,54,00,20,00,35,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,3e,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,03,00,00,00,41,82,05,11,47,be,cf,11,95,c8,00,80,5f,48,a1,92,4d,04,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,06,00,00,00,10,00,00,00,0e,00,00,00,05,00,00,00,e9,04,00,00,00,00,00,00,00,00,00,00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,6e,00,77,00,6c,00,6e,00,6b,00,73,00,70,00,78,00,20,00,5b,00,53,00,50,00,58,00,20,00,49,00,49,00,5d,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,1e,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,03,00,00,00,41,82,05,11,47,be,cf,11,95,c8,00,80,5f,48,a1,92,4b,04,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,06,00,00,00,10,00,00,00,0e,00,00,00,05,00,00,00,e8,04,00,00,00,00,00,00,00,00,00,00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,6e,00,77,00,6c,00,6e,00,6b,00,73,00,70,00,78,00,20,00,5b,00,53,00,50,00,58,00,5d,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
  • [<HKLM>\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008] 'PackedCatalogItem' = '{25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,73,74,65,6d,33,32,5c,6d,73,77,73,6f,63,6b,2e,64,6c,6c,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,85,00,09,00,b1,00,0e,01,c0,eb,24,05,78,01,09,00,43,00,34,00,44,00,35,00,41,00,33,00,35,00,32,00,42,00,33,00,38,00,45,00,42,00,42,00,30,00,34,00,34,00,30,00,45,00,41,00,41,00,45,00,42,00,33,00,39,00,32,00,33,00,35,00,31,00,39,00,41,00,32,00,43,00,41,00,37,00,41,00,00,00,00,00,9b,04,00,00,0c,00,0c,00,ad,01,0d,01,30,51,30,2c,06,0a,2b,06,01,04,01,82,37,02,01,19,a2,1e,80,1c,00,3c,00,3c,00,3c,00,4f,00,62,00,73,00,6f,00,6c,00,65,00,74,00,65,00,3e,00,3e,00,3e,30,21,30,09,06,05,2b,0e,03,02,1a,05,00,04,14,0d,6b,c4,d5,a3,52,b3,8e,bb,04,40,ea,ae,b3,92,35,19,a2,ca,7a,00,a3,04,00,00,0c,00,18,00,1e,00,02,00,00,00,00,00,00,00,00,00,00,00,00,00,01,00,00,00,41,82,05,11,47,be,cf,11,95,c8,00,80,5f,48,a1,92,4c,04,00,00,01,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,06,00,00,00,10,00,00,00,0e,00,00,00,01,00,00,00,e8,04,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,4d,00,53,00,41,00,46,00,44,00,20,00,6e,00,77,00,6c,00,6e,00,6b,00,73,00,70,00,78,00,20,00,5b,00,53,00,50,00,58,00,5d,00,20,00,5b,00,50,00,73,00,65,00,75,00,64,00,6f,00,20,00,53,00,74,00,72,00,65,00,61,00,6d,00,5d,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00}'
Вредоносные функции:
Создает и запускает на исполнение:
  • '<SYSTEM32>\iexplore.exe'
  • '<SYSTEM32>\dwdrt.exe' pvtha
  • '%TEMP%\nsp4.tmp\nsA.tmp' cmd.exe /c regedit /s "%HOMEPATH%\My Documents\asp.reg"
  • '%TEMP%\nsk8.tmp\ns9.tmp' cmd.exe /c regedit /s "%HOMEPATH%\My Documents\asp.reg"
  • '<SYSTEM32>\pvtha.exe' {EC48FD7E-4898-4953-A2E4-170E6979E151}|<SYSTEM32>\qpgtv.dll
  • '<SYSTEM32>\bwscse.exe' pvtha
  • '<SYSTEM32>\fvedd.exe'
  • '<SYSTEM32>\esqfqf.exe'
Запускает на исполнение:
  • '%WINDIR%\regedit.exe' /s "%HOMEPATH%\My Documents\asp.reg"
Изменения в файловой системе:
Создает следующие файлы:
  • %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\sogou[1]
  • %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\2VAZY7AN\downurla[1].aspx
  • %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\sogou[1]
  • %TEMP%\~tmp1326.dat
  • %TEMP%\~TMP0A4BD.dat
  • %TEMP%\nsp4.tmp\inetc.dll
  • %TEMP%\nsp4.tmp\Internet.dll
  • %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\downurla[1].aspx
  • %TEMP%\nsk8.tmp\inetc.dll
  • %TEMP%\~TMP0A4B.tmp
  • %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\down[1].aspx
  • %TEMP%\nsp4.tmp\nsA.tmp
  • %TEMP%\nsp4.tmp\nsExec.dll
  • %TEMP%\nsk8.tmp\ns9.tmp
  • %HOMEPATH%\My Documents\proxy.pac
  • <SYSTEM32>\Log\Install.log
  • %TEMP%\nsk8.tmp\nsExec.dll
  • %HOMEPATH%\My Documents\asp.reg
  • %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\GetUrl[1].aspx
  • %TEMP%\nsp4.tmp\System.dll
  • <SYSTEM32>\Launch_IE.exe
  • %TEMP%\nsp4.tmp\AccessControl.dll
  • <SYSTEM32>\ClearEyoo.exe
  • <SYSTEM32>\tsmfl.dll
  • <SYSTEM32>\Launcher.exe
  • <Текущая директория>\perffilt.ini
  • <SYSTEM32>\tslablec.ini
  • <SYSTEM32>\IEMon.exe
  • %TEMP%\nsb6.tmp\FindProcDLL.dll
  • %TEMP%\nsk8.tmp\System.dll
  • %TEMP%\nsb6.tmp\ShellLink.dll
  • %TEMP%\nsk8.tmp\AccessControl.dll
  • <SYSTEM32>\iexplore.exe
  • %TEMP%\nsb6.tmp\System.dll
  • <SYSTEM32>\ClearPubWin.exe
  • %TEMP%\nsb6.tmp\AccessControl.dll
  • %TEMP%\Backup.ini
Присваивает атрибут 'скрытый' для следующих файлов:
  • <SYSTEM32>\iexplore.exe
  • <SYSTEM32>\esqfqf.exe
  • <SYSTEM32>\Log\Install.log
  • %HOMEPATH%\My Documents\proxy.pac
  • <SYSTEM32>\bwscse.exe
  • <SYSTEM32>\qpgtv.dll
  • <SYSTEM32>\pvtha.exe
  • <SYSTEM32>\tslablec.ini
Удаляет следующие файлы:
  • <SYSTEM32>\iexplore.exe
  • %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\YPORKZYZ\sogou[1]
  • %TEMP%\nsk8.tmp\System.dll
  • %TEMP%\nsk8.tmp\inetc.dll
  • %TEMP%\nsk8.tmp\nsExec.dll
  • %TEMP%\nsp4.tmp\nsA.tmp
  • %TEMP%\nsp4.tmp\nsExec.dll
  • %TEMP%\nsp4.tmp\System.dll
  • %TEMP%\nsp4.tmp\Internet.dll
  • %TEMP%\nsp4.tmp\AccessControl.dll
  • %TEMP%\nsp4.tmp\inetc.dll
  • %TEMP%\nsb6.tmp\System.dll
  • %TEMP%\~TMP0A4BD.dat
  • %TEMP%\nsb6.tmp\ShellLink.dll
  • %TEMP%\nsb6.tmp\AccessControl.dll
  • %TEMP%\nsb6.tmp\FindProcDLL.dll
  • %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\downurla[1].aspx
  • %TEMP%\~tmp1326.dat
  • %TEMP%\nsk8.tmp\AccessControl.dll
  • %HOMEPATH%\My Documents\asp.reg
  • %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\U98D4X8H\sogou[1]
  • %TEMP%\nsk8.tmp\ns9.tmp
Перемещает следующие файлы:
  • <SYSTEM32>\Launch_IE.exe в <SYSTEM32>\esqfqf.exe
  • <SYSTEM32>\ClearEyoo.exe в <SYSTEM32>\fvedd.exe
  • <SYSTEM32>\ClearPubWin.exe в <SYSTEM32>\dwdrt.exe
  • <SYSTEM32>\Launcher.exe в <SYSTEM32>\pvtha.exe
  • <SYSTEM32>\IEMon.exe в <SYSTEM32>\bwscse.exe
  • <SYSTEM32>\tsmfl.dll в <SYSTEM32>\qpgtv.dll
Сетевая активность:
Подключается к:
  • '12#.#27.164.15':8899
  • '12#.#27.164.124':8899
  • '11#.#53.2.101':8899
  • '61.##8.219.226':8899
  • '12#.#27.228.118':8899
  • '12#.#25.114.144':80
  • 'co####.netbarad.net':80
  • 'co###g.v232.com':80
  • 'www.so##u.com':80
TCP:
Запросы HTTP GET:
  • www.so##u.com/sogou?qu############################################################
  • co###g.v232.com/downurla.aspx
  • co####.netbarad.net/down.aspx
  • co####.netbarad.net/GetUrl.aspx
  • 12#.#25.114.144/index.php
  • co####.netbarad.net/downurla.aspx
UDP:
  • DNS ASK www.so##u.com
  • DNS ASK co###g.v232.com
  • DNS ASK co####.netbarad.net
  • DNS ASK www.ba##u.com
Другое:
Ищет следующие окна:
  • ClassName: 'RegEdit_RegEdit' WindowName: '(null)'
  • ClassName: 'Shell_TrayWnd' WindowName: '(null)'
Изменяет значение AutoConfigURL

Рекомендации по лечению

  1. В случае если операционная система способна загрузиться (в штатном режиме или режиме защиты от сбоев), скачайте лечащую утилиту Dr.Web CureIt! и выполните с ее помощью полную проверку вашего компьютера, а также используемых вами переносных носителей информации.
  2. Если загрузка операционной системы невозможна, измените настройки BIOS вашего компьютера, чтобы обеспечить возможность загрузки ПК с компакт-диска или USB-накопителя. Скачайте образ аварийного диска восстановления системы Dr.Web® LiveDisk или утилиту записи Dr.Web® LiveDisk на USB-накопитель, подготовьте соответствующий носитель. Загрузив компьютер с использованием данного носителя, выполните его полную проверку и лечение обнаруженных угроз.
Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

Выполните полную проверку системы с использованием Антивируса Dr.Web Light для macOS. Данный продукт можно загрузить с официального сайта Apple App Store.

Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

Скачать Dr.Web с Apple Store

На загруженной ОС выполните полную проверку всех дисковых разделов с использованием продукта Антивирус Dr.Web для Linux.

Демо бесплатно

 

Скачать Dr.Web

По серийному номеру

  1. Если мобильное устройство функционирует в штатном режиме, загрузите и установите на него бесплатный антивирусный продукт Dr.Web для Android Light. Выполните полную проверку системы и используйте рекомендации по нейтрализации обнаруженных угроз.
  2. Если мобильное устройство заблокировано троянцем-вымогателем семейства Android.Locker (на экране отображается обвинение в нарушении закона, требование выплаты определенной денежной суммы или иное сообщение, мешающее нормальной работе с устройством), выполните следующие действия:
    • загрузите свой смартфон или планшет в безопасном режиме (в зависимости от версии операционной системы и особенностей конкретного мобильного устройства эта процедура может быть выполнена различными способами; обратитесь за уточнением к инструкции, поставляемой вместе с приобретенным аппаратом, или напрямую к его производителю);
    • после активации безопасного режима установите на зараженное устройство бесплатный антивирусный продукт Dr.Web для Android Light и произведите полную проверку системы, выполнив рекомендации по нейтрализации обнаруженных угроз;
    • выключите устройство и включите его в обычном режиме.

Подробнее о Dr.Web для Android

Демо бесплатно на 14 дней

Выдаётся при установке

Скачать с сайта
Скачать с Google Play