First off, that codes out

Some guys here could work the binary with a debugger (and proper motivation of course), but don't upload it, that would be bad.

I can't find anything on this site, google, or security focus regarding 'NTAdminRights.exe'. Though the names not hard to change. An AV may ID it. Maybe run the binary on a junk box with no network connection to see if it gives some info.

THE FOLLOWING IS MY OPINION, WAIT FOR A DOZEN MORE POSTS OR SOME PROFESSIONAL ADVICE BEFORE PROCEEDING IF YOU HAVEN'T ALREADY DECIDED ON A COURSE OF ACTION.

My company doesn't mess around with this sort of thing. Check the backups for the file, if there clean, restore them. If there not, you've got a mess. We'd play it by ear. You shouldn't if your not confident. Wait for some more posts or get some proffessional consultation. It may, after all, be nothing.

I'll post more if I catch any more info.

Jon.