宏杰文件夹加密 2708 破解密码(解密程序)

        闲来无聊,拿几个加密程序看看,声称是说对大容量数据可以瞬间加密,我们都知道,真正的加密是通过密钥来加密,比如windows下的EFS,大名鼎鼎的加密软件PGP,都是基于密钥。这款宏杰文件夹加密仅仅是使用了障眼法,走了个歪道加密了,解密如下:

@echo off
color 0a
title 宏杰文件夹加密2708—解密程序 By Www.NetworkQuestions.Org
echo.
echo 注意:请退出加密软件主程序后再运行此程序!
echo —————————————————–
echo 请输入您加密文件所在分区驱动器号(C\D\E\F)
echo —————————————————–
echo.
set path=
set /p path= 请输入:
echo 您的密码为符号””后符号””前的字符!
type %path%:\RECYCLER88\MICROSOFT-7701091-6666888-16826688..\$$$\com8.{21EC2020-3AEA-1069-A2DD-08002B30309D}\param\mi.dat
PAUSE

原理不多说了,研究过dos命令的都知道这是什么加密。把上面代码保存为unlock.bat 双击运行即可。

之前还看过恒波加密程序的加密方法跟其一样。

PS:以上测试的都是免费版,付费版没看过。

以上测试没有经过严格的测试,在windows7  windows server 2008R2 中测试通过,如有需要可以留言。

系统蓝屏分析工具-windbg

系统蓝屏分析工具:windbg

下载地址:http://msdl.microsoft.com/download/symbols/debuggers/dbg_x86_6.11.1.404.msi

 在系统蓝屏的时候可以查看系统内存转储文件:

%SystemRoot%\MEMORY.DMP  此文件描述了系统蓝屏状况及原因。

 windbg工具就可以分析转储文件

EG:

 Microsoft (R) Windows Debugger Version 6.11.0001.404 X86

Copyright (c) Microsoft Corporation. All rights reserved.

Loading Dump File [H:\MEMORY.DMP]

Kernel Summary Dump File: Only kernel address space is available

Symbol search path is: *** Invalid ***

****************************************************************************

* Symbol loading may be unreliable without a symbol search path.           *

* Use .symfix to have the debugger choose a symbol path.                   *

* After setting your symbol path, use .reload to refresh symbol locations. *

****************************************************************************

Executable search path is:

*********************************************************************

* Symbols can not be loaded because symbol path is not initialized. *

*                                                                   *

* The Symbol Path can be set by:                                    *

*   using the _NT_SYMBOL_PATH environment variable.                 *

*   using the -y <symbol_path> argument when starting the debugger. *

*   using .sympath and .sympath+                                    *

*********************************************************************

*** ERROR: Symbol file could not be found.  Defaulted to export symbols for ntkrpamp.exe –

Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible

Product: WinNt, suite: TerminalServer SingleUserTS

Built by: 7601.17640.x86fre.win7sp1_gdr.110622-1506

Machine Name:

Kernel base = 0x8404f000 PsLoadedModuleList = 0x841984f0

Debug session time: Thu Nov  3 11:33:09.761 2011 (GMT+8)

System Uptime: 0 days 3:05:28.478

*********************************************************************

* Symbols can not be loaded because symbol path is not initialized. *

*                                                                   *

* The Symbol Path can be set by:                                    *

*   using the _NT_SYMBOL_PATH environment variable.                 *

*   using the -y <symbol_path> argument when starting the debugger. *

*   using .sympath and .sympath+                                    *

*********************************************************************

*** ERROR: Symbol file could not be found.  Defaulted to export symbols for ntkrpamp.exe –

Loading Kernel Symbols

………………………………………………………

……………………………………………………….

………………….

Loading User Symbols

PEB is paged out (Peb.Ldr = 7ffde00c).  Type “.hh dbgerr001” for details

Loading unloaded module list

….

*** ERROR: Module load completed but symbols could not be loaded for ndis.sys

*******************************************************************************

*                                                                             *

*                        Bugcheck Analysis                                    *

*                                                                             *

*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {14, 2, 0, 8d0866fa}

*** ERROR: Module load completed but symbols could not be loaded for L1C62x86.sys

*** ERROR: Module load completed but symbols could not be loaded for pacer.sys

*** ERROR: Module load completed but symbols could not be loaded for tcpip.sys

*** ERROR: Module load completed but symbols could not be loaded for NETIO.SYS

*** ERROR: Module load completed but symbols could not be loaded for nsiproxy.sys

*** ERROR: Module load completed but symbols could not be loaded for Hookport.sys

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*************************************************************************

***                                                                   ***

***                                                                   ***

***    Your debugger is not using the correct symbols                 ***

***                                                                   ***

***    In order for this command to work properly, your symbol path   ***

***    must point to .pdb files that have full type information.      ***

***                                                                   ***

***    Certain .pdb files (such as the public OS symbols) do not      ***

***    contain the required information.  Contact the group that      ***

***    provided you with these symbols if you need this command to    ***

***    work.                                                          ***

***                                                                   ***

***    Type referenced: nt!_KPRCB                                     ***

***                                                                   ***

*************************************************************************

*************************************************************************

***                                                                   ***

***                                                                   ***

***    Your debugger is not using the correct symbols                 ***

***                                                                   ***

***    In order for this command to work properly, your symbol path   ***

***    must point to .pdb files that have full type information.      ***

***                                                                   ***

***    Certain .pdb files (such as the public OS symbols) do not      ***

***    contain the required information.  Contact the group that      ***

***    provided you with these symbols if you need this command to    ***

***    work.                                                          ***

***                                                                   ***

***    Type referenced: nt!KPRCB                                      ***

***                                                                   ***

*************************************************************************

*************************************************************************

***                                                                   ***

***                                                                   ***

***    Your debugger is not using the correct symbols                 ***

***                                                                   ***

***    In order for this command to work properly, your symbol path   ***

***    must point to .pdb files that have full type information.      ***

***                                                                   ***

***    Certain .pdb files (such as the public OS symbols) do not      ***

***    contain the required information.  Contact the group that      ***

***    provided you with these symbols if you need this command to    ***

***    work.                                                          ***

***                                                                   ***

***    Type referenced: nt!_KPRCB                                     ***

***                                                                   ***

*************************************************************************

*************************************************************************

***                                                                   ***

***                                                                   ***

***    Your debugger is not using the correct symbols                 ***

***                                                                   ***

***    In order for this command to work properly, your symbol path   ***

***    must point to .pdb files that have full type information.      ***

***                                                                   ***

***    Certain .pdb files (such as the public OS symbols) do not      ***

***    contain the required information.  Contact the group that      ***

***    provided you with these symbols if you need this command to    ***

***    work.                                                          ***

***                                                                   ***

***    Type referenced: nt!KPRCB                                      ***

***                                                                   ***

*************************************************************************

*************************************************************************

***                                                                   ***

***                                                                   ***

***    Your debugger is not using the correct symbols                 ***

***                                                                   ***

***    In order for this command to work properly, your symbol path   ***

***    must point to .pdb files that have full type information.      ***

***                                                                   ***

***    Certain .pdb files (such as the public OS symbols) do not      ***

***    contain the required information.  Contact the group that      ***

***    provided you with these symbols if you need this command to    ***

***    work.                                                          ***

***                                                                   ***

***    Type referenced: nt!_KPRCB                                     ***

***                                                                   ***

*************************************************************************

*************************************************************************

***                                                                   ***

***                                                                   ***

***    Your debugger is not using the correct symbols                 ***

***                                                                   ***

***    In order for this command to work properly, your symbol path   ***

***    must point to .pdb files that have full type information.      ***

***                                                                   ***

***    Certain .pdb files (such as the public OS symbols) do not      ***

***    contain the required information.  Contact the group that      ***

***    provided you with these symbols if you need this command to    ***

***    work.                                                          ***

***                                                                   ***

***    Type referenced: nt!_KPRCB                                     ***

***                                                                   ***

*************************************************************************

*************************************************************************

***                                                                   ***

***                                                                   ***

***    Your debugger is not using the correct symbols                 ***

***                                                                   ***

***    In order for this command to work properly, your symbol path   ***

***    must point to .pdb files that have full type information.      ***

***                                                                   ***

***    Certain .pdb files (such as the public OS symbols) do not      ***

***    contain the required information.  Contact the group that      ***

***    provided you with these symbols if you need this command to    ***

***    work.                                                          ***

***                                                                   ***

***    Type referenced: nt!_KPRCB                                     ***

***                                                                   ***

*************************************************************************

*************************************************************************

***                                                                   ***

***                                                                   ***

***    Your debugger is not using the correct symbols                 ***

***                                                                   ***

***    In order for this command to work properly, your symbol path   ***

***    must point to .pdb files that have full type information.      ***

***                                                                   ***

***    Certain .pdb files (such as the public OS symbols) do not      ***

***    contain the required information.  Contact the group that      ***

***    provided you with these symbols if you need this command to    ***

***    work.                                                          ***

***                                                                   ***

***    Type referenced: nt!_KPRCB                                     ***

***                                                                   ***

*************************************************************************

*********************************************************************

* Symbols can not be loaded because symbol path is not initialized. *

*                                                                   *

* The Symbol Path can be set by:                                    *

*   using the _NT_SYMBOL_PATH environment variable.                 *

*   using the -y <symbol_path> argument when starting the debugger. *

*   using .sympath and .sympath+                                    *

*********************************************************************

*********************************************************************

* Symbols can not be loaded because symbol path is not initialized. *

*                                                                   *

* The Symbol Path can be set by:                                    *

*   using the _NT_SYMBOL_PATH environment variable.                 *

*   using the -y <symbol_path> argument when starting the debugger. *

*   using .sympath and .sympath+                                    *

*********************************************************************

Probably caused by : L1C62x86.sys ( L1C62x86+4ce3 )

Followup: MachineOwner

———

上面一大堆无用的信息,到最后发现是L1C62x86.sys的原因导致蓝屏,看其拓展名是某个驱动程序的问题,google之:

L1c62x86.sys with description Atheros L1c PCI-E Gigabit Ethernet Controller is a driver file from company Atheros Communications, Inc. belonging to product Atheros L1c PCI-E Gigabit Ethernet Controller.

The file is digitally signed from Atheros Communications Inc. – VeriSign Time Stamping Services Signer – G2

We do not recommend removing digitally signed files from Atheros Communications Inc.

找到原因,网卡驱动的问题,估计没什么太大问题,暂时不更新驱动了,如果后期因其原因导致蓝屏频繁,需要升级下驱动即可。

linux查看系统初始安装时间

      今天突发奇想,想看看系统是什么时候安装的,找了一顿没有找到相关命令(我们都知道windows下可以通过systeminfo命令查看),最后改变思路,系统中每个文件或者是文件夹都有创建日期,那么找一个最不常用的看看就知道了:

[root@s1 ~]# ll
总计 68
-rw——- 1 root root  1108 2011-03-02 anaconda-ks.cfg
drwxr-xr-x 2 root root  4096 2011-03-02 Desktop
-rw-r–r– 1 root root 33819 2011-03-02 install.log
-rw-r–r– 1 root root  3686 2011-03-02 install.log.syslog
-rw-r–r-x 1 root root   139 06-17 13:11 process.sh
      install.log 文件就是在系统安装的时候,被安装过的rpm包都会被写入到此文件,那么就可以用它来确定安装时间了。