Elcomsoft.com » Password Recovery Software » Advanced ZIP Password Recovery » Help
Use known start of the file for stored archives (hex): if your archive contains only one encrypted file, and this file is stored (i.e. not compressed), using that option is a solution to get much better recovery speed. But you have to know from 1 to 4 bytes this file starts from. There are a lot of well-known signatures, though: for example, 'MZ' (hex: 4D 5A) for executable files, 'PK' (hex: 50 4B 03 04) for ZIP files, D0 CF 11 E0 (hex) for OLE compound documents (like MS Word/Excel files) etc.
Always use WinZIP optimized attack engine if probability is greater than XX%: if your archive has been created with WinZIP (or other Windows-based ZIP tool based on the same sources -- there are many such tools) and contains at least five encrypted files, there is some good news: the speed of brute-force attack can be about three times better! AZPR tries to recognize such a situation automatically, but unfortunately, a ZIP file doesn't store any information about the archiver. So the program calculates the "probability" value (it depends on the number of files in the archive and other factors). If it is greater than 50%, AZPR suggests you to use this (optimized) attack each time you start the recovery process. You can set this option (selecting the appropriate percentage as well) for your convenience, so the optimized engine will (or will not) be used automatically. 85% is the good value to use, but you can set a higher value, if you're not sure.
Mask symbol: used for Mask attack.
Get more information about Advanced ZIP Password Recovery
Get full version of Advanced ZIP Password Recovery
(c) 2005 ElcomSoft Co.Ltd.