Necessary At your option Useless Dangerous Windows Programs - Useful, Useless or Malicious
Startupapps.com recommends you:

UnHackMe Warrior Removing rootkits is best done from the "clean" Windows!

UnHackMe Warrior

Blog: New viruses/malware/rootkits. Everyday!

Blog: How to remove malware/Trojans/rootkits using UnHackMe or manually. We know how to remove malware.

Shortcut Antivirus protects against Microsoft LNK and PIF vulnerability, notify a user about found threats and give possibility to immediately remove threats.

StuxnetRemover - free of charge Stuxnet/Tmphider rootkit removal tool.

Blog: System Software Research. What is under the hood? Who is faster? Antiviral and system software under microscope...

Dangerous l32x.exe - Dangerous

Fix it immediately

l32x.exe
I-Worm.Dumaru.j
This worm is a part of the Dumaru family, which spreads via the Internet as files attached to infected messages.
The worm includes a backdoor function and a Trojan program which enables it to steal information.

When installing, the worm copies itself to the Windows system directory under the names l32.exe and vxd32.exe, and to the startup directory under the name dllxw.exe.

It registers itself in the system register:
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"load32" = "%windir%\%system%\l32x.exe"

The worm searches all directories on accessible local disks for files with the extensions htm, wab, html, dbx, tbb, abd, highlights lines which are email addresses and then sends infected messages to these address.
Infected messages have the following characteristics:

Sender's address:
Elene F*****SUICIDE@HOTMAIL.COM
Message header:
Important information for you. Read it immediately !
Message body:
Hi !
Here is my photo, that you asked for yesterday.
Attachment:
myphoto.zip

In order to send messages, the worm uses its own SMTP engine, giving the return address as address@dyandex.ru. All notifications sent by mail scanners about the fact that the worm has been detected in messages will therefore be sent to this address.

The worm opens port 10000 to receive hacker's commands.
The worm also has a keyboard logging function, and is able to save all information entered via the keyboard to a separate file.
Remove this worm by RegRun Startup Optimizer.

Remove L32X.EXE.HTM now!

Install UnHackMe Install RegRun

Virus Problem? Google Redirects? Ads? Slow?

  1. First download the latest version UnHackMe: Download UnHackMe.
  2. Open the archive and start the unhackme_setup.exe.
  3. When the installation is over you will see the main UnHackMe screen.
  4. Click on the Advanced button and choose “Send report to the support center” in the popup menu. Follow the instructions. The report file (regrunlog.txt) will be saved on your Desktop.
  5. Go to the Support Center. Attach it to your ticket and click on the Browse button and then to the regrunlog.txt file. Don’t insert the report text directly into the message text! We won’t be able to analyse such a report. Describe your problem in detail. Add the screenshot, your antivirus log or suspicious files.

Constantly updated. Last update: February 5 2012

Fix Windows PC's Fast! Automated Software Repairs damaged & slow windows systems in 1 click.


Quick Links
What's new?
RSS Feed
Add to AppDatabase
Ask Experts
Join forum
Links

Articles
Virus or not? SPTD####.sys
What is mc21.tmp, mc22.tmp, mc23.tmp?

Select
Necessary
Useless
At your option
Dangerous
Copyright © 1998-2012 Greatis Software