How to Remove Newfolder.EXE/Sohanad Virus

You can remove this worm by manual method, or using a removal tool.



1.Manual Method

Here are simple steps following which you can get the worm removed from your system:



1.Download this file:Registry_Repair.



2.Double click on that downloaded registry file, you will be asked weather you’re sure to add this to registry, click yes.



3.Restart your system.



4.Search for the file svhost32.exe and delete it if its found.



5.Search for the file svhost.exe and delete it if its found.

Password Hacking FAQ

1. What are some password basics?




Most accounts on a computer system usually have some method of restricting access to that account, usually in the form of a password. When accessing the system, the user has to present a valid ID to use the system, followed by a password to use the account. Most systems either do not echo the password back on the screen as it is typed, or they print an asterisk in place of the real character.

On most systems,the password is typically ran through some type of algorithm to generate a hash. The hash is usually more than just a scrambled version of the original text that made up the password, it is usually a one-way hash. The one-way hash is a string of characters that cannot be reversed into its original text. You see, most systems do not “decrypt” the stored password during authentication, they store the one-way hash. During the login process, you supply an account and password. The password is ran through an algorithm that generates a one-way hash. This hash is compared to the hash stored on the system. If they are the same, it is assumed the proper password was supplied.

Cryptographically speaking, some algorithms are better than others at generating a one-way hash. The main operating systems we are covering here — NT, Netware, and Unix — all use an algorithm that has been made publically available and has been scrutinized to some degree.

To crack a password requires getting a copy of the one-way hash stored on the server, and then using the algorithm generate your own hash until you get a match. When you get a match, whatever word you used to generate your hash will allow you to log into that system. Since this can be rather time-consuming, automation is typically used. There are freeware password crackers available for NT, Netware, and Unix.



2. Why protect the hashes?



If the one-way hashes are not the password itself but a mathematical derivative, why should they be protected? Well, since the algorithm is already known, a password cracker could be used to simply encrypt the possible passwords and compare the one-way hashes until you get a match. There are two types of approaches to this — dictionary and brute force.

Usually the hashes are stored in a part of the system that has extra security to limit access from potential crackers.



3. What is a dictionary password cracker?



A dictionary password cracker simply takes a list of dictionary words, and one at a time encrypts them to see if they encrypt to the one way hash from the system. If the hashes are equal, the password is considered cracked, and the word tried from the dictionary list is the password.

Some of these dictionary crackers can “manipulate” each word in the wordlist by using filters. These rules/filters allow you to change “idiot” to “1d10t” and other advanced variations to get the most from a word list. The best known of these mutation filters are the rules that come with Crack (for Unix). These filtering rules are so popular they have been ported over to cracking software for NT.

If your dictionary cracker does not have manipulation rules, you can “pre-treat” the wordlist. There are plenty of wordlist manipulation tools that allow all kinds of ways to filter, expand, and alter wordlists. With a little careful planning, you can turn a small collection of wordlists into a very large and thorough list for dictionary crackers without those fancy word manipulations built in.



4. What is a brute force password cracker?



A brute force cracker simply tries all possible passwords until it gets the password. From a cracker perspective, this is usually very time consuming. However, given enough time and CPU power, the password eventually gets cracked.

Most modern brute force crackers allow a number of options to be specified, such as maximum password length or characters to brute force with.



5. Which method is best for cracking?



It really depends on your goal, the cracking software you have, and the operating system you are trying to crack. Let’s go through several scenarios.

If you remotely retrieved the password file through some system bug, your goal may be to simply get logged into that system. With the password file, you now have the user accounts and the hashes. A dictionary attack seems like the quickest method, as you may simply want access to the box. This is typical if you have a method of leveraging basic access to gain god status.

If you already have basic access and used this access to get the password file, maybe you have a particular account you wish to crack. While a couple of swipes with a dictionary cracker might help, brute force may be the way to go.

If your cracking software does both dictionary and brute force, and both are quite slow, you may just wish to kick off a brute force attack and then go about your day. By all means, we recommend a dictionary attack with a pre-treated wordlist first, followed up by brute force only on the accounts you really want the password to.

You should pre-treat your wordlists if the machine you are going to be cracking from bottlenecks more at the CPU than at the disk controller. For example, some slower computers with extremely fast drives make good candidates for large pre-treated wordlists, but if you have the CPU cycles to spare you might want to let the cracking program’s manipulation filters do their thing.

A lot of serious hackers have a large wordlist in both regular and pre-treated form to accommodate either need.



6. What is a salt?



To increase the overhead in cracking passwords, some algorithms employ salts to add further complexity and difficulty to the cracking of passwords. These salts are typically 2 to 8 bytes in length, and algorithmically introduced to further obfuscate the one-way hash. Of the major operating systems covered here, only NT does not use a salt. The specifics for salts for both Unix and Netware systems are covered in their individual password sections.

Historically, the way cracking has been done is to take a potential password, encrypt it and produce the hash, and then compare the result to each account in the password file. By adding a salt, you force the cracker to have to read the salt in and encrypt the potential password with each salt present in the password file. This increases the amount of time to break all of the passwords, although it is certainly no guarantee that the passwords can’t be cracked. Because of this most modern password crackers when dealing with salts do give the option of checking a specific account.



7. What are the dangers of cracking passwords?



The dangers are quite simple, and quite real. If you are caught with a password file you do not have legitimate access to, you are technically in possession of stolen property in the eyes of the law. For this reason, some hackers like to run the cracking on someone else’s systems, thereby limiting their liability. I would only recommend doing this on a system you have a legitimate or well-established account on if you wish to keep a good eye on things, but perhaps have a way of running the cracking software under a different account than your own. This way, if the cracking is discovered (as it often is — cracking is fairly CPU-intensive), it looks to belong to someone else. Obviously, you would want to run this under system adminstrator priviledges as you may have a bit more control, such as assigning lower priority to the cracking software, and hiding the results (making it less obvious to the real administrator).

Being on a system you have legit access to also allows you better access to check on the progress. Of course, if it is known you are a hacker, you’ll still be the first to be blamed whether the cracking software is yours or not!

Running the cracking software in the privacy of your own home has the advantage of allowing you to throw any and all computing power you have at your disposal at a password, but if caught (say you get raided) then there is little doubt whose cracking job is running. However, there are a couple of things you can do to protect yourself: encrypt your files. Only decrypt them when you are viewing them, and wipe and/or encrypt them back after you are done viewing them.



8. Is there any way I can open a password-protected Microsoft Office document?



Certainly! There are plenty of commercial programs that will do this, but we give props to Elcomsoft for fighting the DMCA. 30-day trial versions are available here

Hide IP Address – Real ways to hide your IP

Here in this post I will try to give you every possible information to hide the IP address.If you seriously want to hide your IP address then this post is for you!




One of the most frequently asked questions by the internet users is How To Hide IP Address ?. Many times it becomes necessary to hide the real IP address for the sake of privacy.For this, I have tried many softwares, proxy servers and many such tools that guaranteed to hide my IP address.But still none of them worked for me. I think most of you have the same experience.Are you fed up with these dummy softwares that fails to hide the real IP address? Then is there any working way to hide the IP address?



YES, you can definitely hide your IP .



Now I’ll come to the heart of the post, which contains the answer to your curious question How to Hide the IP address ? The only solution to hide your IP address is by using a Proxy Server.But Wait! The story doesn’t end here.Even though proxy servers are the only way to hide your IP address, there are several ways of connecting your PC to the proxy server.Before setting up the connection with the proxy servers you must know some information about different types of proxy servers and their uses.



1. Transparent Proxy Server

This type of proxy server identifies itself as a proxy server and also makes the original IP address available through the http headers. These are generally used to speedup the web browsing since thay have a very good ability to cache websites.But they do not conceal the IP of it’s users. It is widely known as transparent proxy because it will expose your real IP address to the web.This type of proxy server does not hide your IP address.



2. Anonymous Proxy Server

This type of proxy server identifies itself as a proxy server, but does not make the original IP address available. This type of proxy server is detectable, but provides reasonable anonymity for most users. This type of proxy server will hide your IP address.



3. Distorting Proxy Server

This type of proxy server identifies itself as a proxy server, but make an incorrect original IP address available through the http headers. This type of proxy server will hide your IP address.



4. High Anonymity Proxy Server ( Elite Proxy)

This type of proxy server does not identify itself as a proxy server and does not make available the original IP address. This type of proxy server will hide your IP address.So this is the best way to mask your IP.



Which Proxy Server is the best to Hide My IP ?



I know, you can answer this question better than me.Obviously High Anonymity Proxy or Elite Proxy is the best to hide your IP.But it’s not easy to get a list of working elite proxies.If you search the Google, you will definitely get tons of proxy list.You’ll get a list of proxies in the following format



IP:Port Number

Eg: 221.90.45.67:8080 (221.90.45.67 is the IP of the proxy server and 8080 is the port number)

But most of them don’t work.Here are some of the problems/risks associated with using free proxies that are available on the internet.



■Most of them do not work since the proxy servers frequently changes it’s IP/Port number.

■Even if you find a working proxy server it may be too slow.

■Your privacy is not guaranteed since all your traffic is routed through the proxy server.

■The administrators of the proxy servers may steal your valuable information such as passwords,SSN (Social security number),Credit Card details etc.

So with all these being the risks then how to find a Working,fast,Highly Anonymous and secured Proxy servers?



Now I will give a list of softwares that will really hide your IP address.I have tried many such softwares and have found only few of them working perfectly.Here is a list of working IP Hiding softwares that you can try.I have listed them in the order of their popularity



1. Hide The IP



Let’s you choose the country,Type and speed of the proxy.Not so popular but personally I recommend this to the users.



2. Hide My IP



3. Hide IP NG



You can get more informations about these products on their respective homepages.



How to ensure that the IP is hidden ?



Before you hide your IP you can check your real IP by visiting the following site.



WhatIsMyIPAddress.Com



Once you get your real IP, switch on your IP hiding software.Now once again visit the above site and check your IP address.If you see a new IP then this means that your software is doing the right job.Also the above site(Whatismyipaddress.com) is capable of detecting many proxies.If you see the words such as “Suspected proxy server or network sharing device” or similar words then it means that the proxy you are using is not an Elite Proxy.



One Final Word before you leave! Even though Elite proxies are almost undetectable this doesn’t mean that you can escape from online crimes by hiding your IP.There are many proxy detecting services available which detect almost any proxy.So if you involve in any cyber crimes then you will definitely be behind the bars.Using proxy will not help you in this case.



One More thing, It is unsafe to use proxy during e-commerce transactions such as Online banking,Online Credit Card payment etc.So please avoid proxies during these circumstances.