Technical Information
- [<HKLM>\System\CurrentControlSet\Services\Bonjour Service] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Bonjour Service] 'ImagePath' = '%TEMP%\mDNSResponder.exe'
- 'Bonjour Service' %TEMP%\mDNSResponder.exe
- %TEMP%\init_t.exe
- %TEMP%\rasplus_watch.ocx
- %TEMP%\motionsetup.dll
- %TEMP%\mdnsresponder.exe
- '22#.0.0.251':5353
- 'ff##::fb':5353
- '%TEMP%\mdnsresponder.exe' -install
- '%TEMP%\mdnsresponder.exe'
- '%TEMP%\init_t.exe' 0 41
- '%WINDIR%\syswow64\regsvr32.exe' /s "%TEMP%\RASplus_Watch.ocx"' (with hidden window)
- '%TEMP%\init_t.exe' 0 41' (with hidden window)
- '%WINDIR%\syswow64\regsvr32.exe' /s "%TEMP%\RASplus_Watch.ocx"