Technical Information
- [<HKCU>\Software\Microsoft\Windows\CurrentVersion\Run] 'avguard' = '"<SYSTEM32>\avguard.exe"'
- [<HKLM>\Software\Microsoft\Windows\CurrentVersion\Run] 'avguard' = '"<SYSTEM32>\avguard.exe"'
- [<HKLM>\System\CurrentControlSet\Services\IKEEXT] 'Start' = '00000002'
- <SYSTEM32>\avguard.exe
- '91.#13.8.28':80
- '<SYSTEM32>\netsh.exe' Advfirewall set Currentprofile State off