Advanced RAR Password Recovery
Advanced RAR Password Recovery is a password recovery tool that is used to uncover and display lost or forgotten passwords on a computer or network. The password recovery tool may be used to gain unauthorized access to a computer and to a user s data.
It is harmful if installed without the knowledge of the user.
General information:
| Malware Name: |
Advanced RAR Password Recovery |
| Malware Type: |
Password Recovery Tool |
| Company Name: |
ElcomSoft Co. Ltd |
| Company URL: |
http://elcomsoft.com/
|
| Threat Level: |
Low Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation |
Company Description:
ElcomSoft Co. Ltd provides you the software Advanced RAR Password Recovery that can be used to recover the lost password for a RAR archive. At the moment, there is no known method to extract the password from the compressed file; so the only available
methods are brute force and dictionary-based attacks.
Spyware Description:
Advanced RAR Password Recovery is a password recovery tool that is used to uncover and display lost or forgotten passwords on a computer or network. The password recovery tool may be used to gain unauthorized access to a computer and to a user s data.
It is harmful if installed without the knowledge of the user.
Characteristics/Symptoms:
-> It may be used to gain unauthorized access to user s data. -> It is harmful if installed without the knowledge of the user.
Additional information might be found here:
Processes Running:
ARPR.EXE
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Documents and Settings\[USER]\Start Menu\Programs\Advanced RAR Password Recovery\Readme.lnk |
670 |
Shortcut |
| C:\Program Files\ElcomSoft\ARPR\polish.lng |
18301 |
LNG File |
| C:\Program Files\ElcomSoft\ARPR\spanish.lng |
15966 |
LNG File |
Folder information Created after Installation:
| Folder Location |
| C:\Documents and Settings\[USER]\Start Menu\Programs\Advanced RAR Password Recover |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_CURRENT_USER |
\Software\Elcom\Advanced RAR Password Recovery |
|
| HKEY_CURRENT_USER |
\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Advanced RAR Password Recovery |
|
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Elcom\Advanced RAR Password Recovery |
Stat param #2 |
