Technical Information
- [HKLM\software\Wow6432Node\microsoft\windows NT\currentversion\Winlogon] 'UserInit' = 'userinit.exe,<Full path to file>'
- %APPDATA%\microsoft\windows\start menu\programs\docguarder file safe system\client login tool.lnk
- %APPDATA%\microsoft\windows\start menu\programs\docguarder file safe system\offline manage.lnk
- 'localhost':9444
- '%WINDIR%\syswow64\regsvr32.exe' -s "<Current directory>\AntCom.dll"
- '%WINDIR%\syswow64\regsvr32.exe' -s "<Current directory>\dgieaddin.dll"
- '%WINDIR%\syswow64\regsvr32.exe' -s "<Current directory>\DGCrypt.dll"
- '%WINDIR%\syswow64\regsvr32.exe' -u -s "<Current directory>\OutlookAddin.dll"
- '%WINDIR%\syswow64\regsvr32.exe' -s "<Current directory>\DGFileProperty64.dll"