ELCOMSOFT.COM » Proactive System Password Recovery

User interface

Top Previous Next

The program menu is located at the left of the main screen, just as in Microsoft Outlook, and it contains buttons for the Main menu, Advanced features, Revelation, Miscellaneous, Recover PWL, Options, Help and Exit. Click on a button to switch to the appropriate pages.

Most interface elements (such as buttons, rows in the "list view" windows, etc.) have pop-up "tooltips" which give more details about them: e.g., what action will be performed when the button is pressed. "List view" elements also have context-sensitive menus appearing on a right button click.

The program also supports keyboard hotkeys. Use CTRL-<digit> to select the high-level menu item, and ALT-<digit> to switch to the low-level item under it (in order).

•	Main menu (CTRL-1)

•	Logon password

•	Cached passwords1

•	RAS entries

•	Shared info

•	Recovered hashes2

•	Screensaver password1

•	Domain cached credentials3

•	Advanced features (CTRL-2)

•	Groups and users2

•	NT secrets3

•

Run as2

•	Windows CD key

•	Net passwords4

•	Revelation (CTRL-3)

•	Behind asterisks

•	Control reviver

•	Registry and AD2

•	Password reset disk4

•	Mail/FTP server emulator

•	Misc (CTRL-4)

•	Protected storage

•	Remote assistance4

•	Script decoder

•	Remote desktop

•	Wireless network5

•	Recover PWL (CTRL-5)

•	View PWL file

•	Bruteforce attack

•	Dictionary attack

•	Options (CTRL-6)

•	General options

•	PWL bruteforce options

•	PWL dictionary options

•	NT hash options

•	Help (CTRL-7)

•	Register the program

•

Help

•

About

•	System information

1 Available only on Windows 95, Windows 9 and Windows Me

2 Available only on Windows NT and up

3 Available only on Windows 2000 and up

4 Available only on Windows XP and up

5 Available only on Windows XP SP1 and up, when Wireless Zero Configuration service is used

The program also supports a few command-line switches:

-h	Help (shows command line switches)
-c <archive file name> <file or mask>	Compress the given file(s) into CAB archive
-d	Delayed run (starts after 10 seconds)
-u <user name> [-p <password>]	Starts using the credentials of the given user
-v <PWL-file> [-u <user name> [-p <password>]]	Shows PWL file using given user name and password
-noipr	Disables the IPR* feature

*IPR stands for Intelligent Password Recovery, and unique feature of PSPR which works transparent to the user, but really helps to recover long and complex passwords, as well as improves the program performance. When it is enabled, the program collects all passwords from the system when it starts (not every time, but on the first run and then on a regular basis) - of course, only those ones that can be recovered instantly or in a very short time (from secrets, Internet Explorer and Outlook Express, Mozilla, some network clients, network credentials etc). Then, all those passwords are compiled into the special internal dictionary/wordlist (saved as passdef.ssd in the program folder), and used in further recovery tasks where the encryption is really strong and requires time-consuming brute-force or dictionary attacks. For example, there is a good chance that some user account (used to log on into the system) has the same password as one of Outlook Express credentials. However, logon passwords are relatively hard to break, while OE passwords are saved in the system; and with IPR, such logon password will be recovered instantly.

However, collecting/updating IPR data may take some time - usually a few minutes, but sometimes more. Also, the program may even 'hang' on that step (i.e. when it starts) on certain circumstances, i.e. on a heavy loaded systems with a lot of accounts. If you encounter such problem, simply terminate PSPR from the Task Manager and restart it with -noipr switch.

Get more information about Proactive System Password Recovery
Get full version of Proactive System Password Recovery

(c) 2014 ElcomSoft Co.Ltd.