add winsock links, persistence part 26

_posts/2024-08-14-malware-pers-26.markdown

@@ -206,11 +206,11 @@ For the correctness of the experiment, we will launch our Process Hacker 2 and c
 
 ![malware](/assets/images/132/2024-08-19_21-46_1.png){:class="img-responsive"}     
 
-As you can see, `hack.dll` successfully launched, you got the same result for another Windows applications, even `Procmon64.exe` also. I think we get the same behavior after open anything in our operation system which work with Windows sockets.    
+As you can see, `hack.dll` started correctly, the same effect will be for other Windows programs, even `Procmon64.exe`. I assume the behavior will be the same if you open anything that uses Windows sockets. To be honest, I don't know what this particular registry parameter is used for, but it seems to have something to do with sockets.        
 
 > This is a practical case for educational purposes only.     
 
-[Windows Sockets](https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createsymboliclinka)     
+[Windows Sockets](https://learn.microsoft.com/en-us/windows/win32/winsock/windows-sockets-start-page-2)     
 [Malware persistence - part 1. Registry run keys](/tutorial/2022/04/20/malware-pers-1.html)     
 [source code in github](https://github.com/cocomelonc/meow/tree/master/2024-08-14-malware-pers-26)