|Previous Top Next|
Use known start of the file for stored archives (hex): if your archive contains only one encrypted file, and this file is stored (i.e. not compressed), using that option is a solution to get much better recovery speed. But you have to know from 1 to 4 bytes this file starts from. There are a lot of well-known signatures, though: for example, 'MZ' (hex: 4D 5A) for executable files, 'PK' (hex: 50 4B 03 04) for ZIP files, D0 CF 11 E0 (hex) for OLE compound documents (like MS Word/Excel files) etc.
Always use WinZIP optimized attack engine if probability is greater than XX%: if your archive has been created with WinZIP (or other Windows-based ZIP tool based on the same sources -- there are many such tools) and contains at least five encrypted files, there is some good news: the speed of brute-force attack can be about three times better! ARCHPR tries to recognize such a situation automatically, but unfortunately, a ZIP file doesn't store any information about the archiver. So the program calculates the "probability" value (it depends on the number of files in the archive and other factors). If it is greater than 50%, ARCHPR suggests you to use this (optimized) attack each time you start the recovery process. You can set this option (selecting the appropriate percentage as well) for your convenience, so the optimized engine will (or will not) be used automatically. 85% is the good value to use, but you can set a higher value, if you're not sure.
Mask symbol: used for Mask attack.
Use code optimized for: (Non-MMX processors / Intel PII/PIII/Celeron / AMD Athlon / Intel P4 SSE2 / Intel Core/Core2): force ARCHPR to use the code specially optimized for the given CPUs. The program detects your CPU and tries to select the proper code automatically, but you may want to play with that option if you've got any other CPU.
Get more information about Advanced Archive Password Recovery
Get full version of Advanced Archive Password Recovery
(c) 2008 ElcomSoft Co.Ltd.