Written in Visual C++

Released in October 2003

Remote and stealth password recovery with the use of "Advanced Archive Password Recovery" 
CHARACTERISTICS:
1) Remote Installation.
2) quiet Execution.
3) AutoStart with Windows


RPR_SE.exe:
dropped files:
c:\Program Files\uninstal.log       size: 2.220 bytes 
c:\WINDOWS\ARCHPR.INI              size: 1.299 bytes 
c:\WINDOWS\unvise32.exe            size: 86.016 bytes 
c:\WINDOWS\archpr\archpr.exe       size: 420.864 bytes 
c:\WINDOWS\archpr\caps.chr         size: 26 bytes 
c:\WINDOWS\archpr\digits.chr       size: 10 bytes 
c:\WINDOWS\archpr\english.lng      size: 17.524 bytes 
c:\WINDOWS\archpr\MyRun.exe        size: 108.032 bytes 
c:\WINDOWS\archpr\MyRun.mrn        size: 238 bytes 
c:\WINDOWS\archpr\proagent122.rar  size: 989.392 bytes 
c:\WINDOWS\archpr\small.chr        size: 26 bytes 
c:\WINDOWS\archpr\start.bat        size: 60 bytes

startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "SystemR" 
data: C:\WINDOWS\archpr\MyRun.exe c:\windows\archpr\MyRun.mrn

MegaSecurity