Technical Information
Malicious functions:
To complicate detection of its presence in the operating system,
blocks execution of the following system utilities:
- Windows Update
- Windows Security Center
Executes the following:
- '<SYSTEM32>\notepad.exe'
Terminates or attempts to terminate
the following user processes:
- outpost.exe
- Drwebupw.exe
Modifies file system:
Modifies the HOSTS file.