by ?
Backdoor.Win32.Dumador.q port: 2283, 10000 TCP dropped files: C:\WINDOWS\Start Menu\Programs\StartUp\rundllw.exe c:\WINDOWS\SYSTEM\load32.exe c:\WINDOWS\SYSTEM\vxdmgr32.exe startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "load32" c:\windows\system.ini, [boot] "shell" does steal account information of following: Storm e-metal WebMoney WM Keeper Keeper Fethard fethard PayPal localhost WinampMegaSecurity