ra32.exe - Useless
Manual removal instructions:
This trojan uses a stealth technique to circumvent certain scanning technology.
The trojan attempts to capture typed keystrokes and steal web site passwords.
Trojan do not self-replicate. It is spread manually, often under the premise that the executable is something beneficial.
Distribution channels include IRC, peer-to-peer networks, newsgroup postings, email, etc.
When run, the trojan creates a hidden directory named f~a within the WINDOWS SYSTEM directory.
Adds the value: "f~a" = C:\WINNT\System32\f~a\ra32.exe
to the registry keys:
Within this directory, several files are created:
usr_ext.dll (captures keystrokes and steals password)
usrvcrt.dll (captures web site username/password)
Use RegRun Startup Optimizer to remove this trojan.
by NightWatcherra32.exe Dangerous Rating: 5 out of 5
My PC had gotten a bad rootkit that my ISP antivirus software (powered by McAfee) could not detect, nor could fix.
I sought a solution on the Internet and discovered your product and tried out the trial of UnHackMe.
You quickly found the rootkit and SAVED my PC!
I haven't had any problems since, and I'm extremely grateful.