Necessary At your option Useless Dangerous Application database
 Startup Programs     Entire site
Startupapps.com recommends you:

Detect and remove hidden rootkits using UnHackMe UnHackMe - Rootkit Killer Free fully functional 30-days trial.

RegRun Security Suite = 24 system utilities for protecting your computer. Try now!

Buy Now!

I would like to say that RegRun has helped me on more than 1 occasion when it comes to spyware/adware by letting me know automatically that a piece of it got added to Windows startup. There is so much spyware/addware out there today it's hard to imagine being without RegRun. I like many other features too including the daily registry backups and file protection.

Chris Wagers

Dangerous l32x.exe - Dangerous
l32x.exe
I-Worm.Dumaru.j
This worm is a part of the Dumaru family, which spreads via the Internet as files attached to infected messages.
The worm includes a backdoor function and a Trojan program which enables it to steal information.

When installing, the worm copies itself to the Windows system directory under the names l32.exe and vxd32.exe, and to the startup directory under the name dllxw.exe.

It registers itself in the system register:
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"load32" = "%windir%\%system%\l32x.exe"

The worm searches all directories on accessible local disks for files with the extensions htm, wab, html, dbx, tbb, abd, highlights lines which are email addresses and then sends infected messages to these address.
Infected messages have the following characteristics:

Sender's address:
Elene F*****SUICIDE@HOTMAIL.COM
Message header:
Important information for you. Read it immediately !
Message body:
Hi !
Here is my photo, that you asked for yesterday.
Attachment:
myphoto.zip

In order to send messages, the worm uses its own SMTP engine, giving the return address as address@dyandex.ru. All notifications sent by mail scanners about the fact that the worm has been detected in messages will therefore be sent to this address.

The worm opens port 10000 to receive hacker's commands.
The worm also has a keyboard logging function, and is able to save all information entered via the keyboard to a separate file.
Remove this worm by RegRun Startup Optimizer.

Removal: l32x.exe is removed by RegRun.

Read more... Removal instructions...

Recommended software:
UnHackMe - easy removal Rootkits/Adware/Spyware.
http://www.unhackme.com

RegRun Security Suite - removal and protection. http://www.regrun.com

RegRun Reanimator - free removal tool. greatis.com/reanimator

RegRun - User's Choice

Vista Programs - full info...

What is hidden in MSDN?
.NET Secrets Revealed

Why software developers prefer Win32.FreeTechSecrets.com?

All Unix Manuals in Alphabetical Order

C# controls for .NET in 3 simple steps.


Constantly updated. Last update: May 12 2008

Interesting information about Vista programs...
Need consultation?

Would you like to add your opinion?

Your Name (Not Required):

Your E-mail to contact (Not Required):

Application Name:

Application Status:
Neccessary
At your option
Useless
Dangerous

Description:


Quick Links
What's new?
RSS Feed
Add to AppDatabase
Ask Experts
Join forum
Links

Articles
Virus or not? SPTD####.sys
What is mc21.tmp, mc22.tmp, mc23.tmp?

Select
Necessary
Useless
At your option
Dangerous
Copyright © 1998-2008 Greatis Software