Mal/Dbot-D is a backdoor Trojan which allows a remote intruder to gain access and control over the computer.
When first run Mal/Dbot-D copies itself to <System>\system32.exe and creates the following files:
<Current Folder>\Server.exe
<System>\sys.html
Mal/Dbot-D may install a new version of the file <System>\msinet.ocx.
The following registry entry is set, affecting internet security:
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
EnableFirewall
0
Registry entries are set as follows:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
EnableBalloonTips
0
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Userinit
<System>\userinit.exe,\WINDOWS\system32\system32.exe