Removing the Shortcut arrow from Desktop Icons:

Removing the Shortcut arrow from Desktop Icons:

Goto Start then Run and Enter regedit.
Navigate to HKEY_CLASSES_ROOTlnkfile.
Delete the IsShortcut registry value.
You may need to restart Windows XP.

What is a Cookie?

A Cookie is a very small text file placed on your hard drive by a Web Page server. It is essentially your identification card, and cannot be executed as code or deliver viruses. It is uniquely yours and can only be read by the server that gave it to you.A Cookie's Purpose is to tell the server that you've returned to that Web page. It can save you time. If you personalize pages, or register for products or services, a cookie helps that company remember who you are. So, the next time that you visit, they will have a good idea of what to show you. Or, for your convenience, you would not have to re-register as the cookies would provide this information from your previous visit.
WARNING: You are always in control of what information that you provide to anyone while online. You need to be cautious of some web sites that request too much information about you.If You Want to Control Which Cookies You Accept:You can order your browser to accept all cookies or to alert you every time a cookie is offered. Then you can decide whether to accept one or not.

If you're using Internet Explorer 6.0:
1. Choose Tools, then
2. Internet Options.
3. Click the Privacy tab
4. Default setting is medium.

Move the slider to determine which setting you prefer.
5. You can also click on Advanced for specialized cookie treatment.

Show Windows Vista "super hidden" Files

To show Windows Vista "super hidden" files, that is, those files that are normally hidden from the user, you'll need to accesss the registry editor.

To turn on (or off) super hidden files: (make sure you backup the registry before making changes)

* Click the Start Button, type "regedit" (Registry Editor) in the search box, and press Enter
* Click Continue to get past the User Account Control hurdle
* On the left panel, double-click to navigate to the key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
* On the right panel, double-click on Superhidden
* In the Value Data box, change the value to "1"
* Click OK
* Exit the Registry Editor
* Restart your machine for the changes to take effect.

Track who is sending you email-Gmail/Yahoo/hotmail

When you receive an email, you receive more than just the message. The email comes with headers that carry important information that can tell where the email was sent from and possibly who sent it. For that, you would need to find the IP address of the sender. The tutorial below can help you find the IP address of the sender. Note that this will not work if the sender uses anonymous proxy servers.

First of all, the IP address is generally found in the headers enclosed beween square brackets, for instance, [129.130.1.1]

Finding IP address in Gmail

1. Log into your Gmail account with your username and password.
2. Open the mail.
3. To display the email headers,
* Click on the inverted triangle beside Reply. Select Show Orginal.
4. manually find the IP address, proceed to 5.
5. Look for Received: from followed by the IP address between square brackets [ ].

Received: from [69.138.30.1] by web4587.mail.***.yahoo.com

6. If you find more than one Received: from patterns, select the last one.
7. Track the IP address of the sender

Finding IP address in Yahoo! Mail

1. Log into your Yahoo! mail with your username and password.
2. Click on Inbox or whichever folder you have stored your mail.
3. Open the mail.
4. If you do not see the headers above the mail message, your headers are not displayed. To display the headers,
* Click on Options on the top-right corner
* In the Mail Options page, click on General Preferences
* Scroll down to Messages where you have the Headers option
* Make sure that Show all headers on incoming messages is selected
* Click on the Save button
* Go back to the mails and open that mail
5. You should see similar headers like this:

Or if you want to manually find the IP address, proceed to 7.
7. Look for Received: from followed by the IP address between square brackets [ ]. Here, it is 202.65.138.109.
That is be the IP address of the sender.
If there are many instances of Received: from with the IP address, select the IP address in the last pattern. If there are no instances of Received: from with the IP address, select the first IP address in X-Originating-IP.
8. Track the IP address of the sender

Finding IP address in Hotmail

1. Log into your Hotmail account with your username and password.
2. Click on the Mail tab on the top.
3. Open the mail.
4. If you do not see the headers above the mail message, your headers are not displayed. To display the headers,
* Click on Options on the top-right corner
* In the Mail Options page, click on Mail Display Settings
* In Message Headers, make sure Advanced option is checked
* Click on Ok button
* Go back to the mails and open that mail
5. You should see the email headers now.
6. manually find the IP address, proceed to 7.
7. If you find a header with X-Originating-IP: followed by an IP address, that is the sender's IP address

Hotmail headers

In this case the IP address of the sender is [68.34.60.59]. Jump to step 9.
8. If you find a header with Received: from followed by a Gmail proxy like this


Hotmail headers

Look for Received: from followed by IP address within square brackets[
In this case, the IP address of the sender is [69.140.7.58]. Jump to step 9.
9. Or else if you have headers like this

Hotmail headers

Look for Received: from followed by IP address within square brackets[].
In this case, the IP address of the sender is [61.83.145.129] (Spam mail). Jump to step 9.
10. * If you have multiple Received: from headers, eliminate the ones that have proxy.anyknownserver.com.
11. Track the IP address of the sender.

Remove 'Orkut is Banned you fool' virus!!!

Many of my NITW pal must be suffering from this 'Orkut is banned you fool,Muhaaa haha bla bla....." then herezz this post fior you....

Virus Code:

ifwinactive ahk_class IEFrame
{

ControlGetText,ed,edit1,ahk_class IEFrame
ifinstring,ed,orkut
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,ORKUT IS BANNED,Orkut is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit2,ahk_class IEFrame
ifinstring,ed,orkut
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,ORKUT IS BANNED,Orkut is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit3,ahk_class IEFrame
ifinstring,ed,orkut
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,ORKUT IS BANNED,Orkut is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit4,ahk_class IEFrame
ifinstring,ed,orkut
{

It is the source code of a virus that blocks Orkut, Youtube and Firefox and shows a message as under,if you try to open either of the two websites :

"ORKUT IS BANNED,Orkut is banned you fool`,The administrators didnt write this program guess who did?? MUHAHAHA!!"

It makes a folder named heap41a in the C:\ drive with attributes S (System file) and H (Hidden file).If your pc is infected by this virus then just boot it in safe mode,goto cmd prompt and at C:\> type attrib -S -H heap41a to make this folder visible and then just delete this folder.Now use a registry cleaner to delete the registry keys made by this

Easy Method to delete the virus.

open task manager>process tab>there if you find svchost.exe before your user name (remember also system will use svchost.exe don't end that) just give end process for that then go to run and type C://heap41a and delete all files of that folder.. now you are done Enjoy orkut..

What is the Registry???

The Registry is the central core registrar for Windows NT. Each NT workstation for server has its own Registry, and each one contains info on the hardware and software of the computer it resides on. For example, com port definitions, Ethernet card settings, desktop setting and profiles, and what a particular user can and cannot do are stored in the Registry. Remember those ugly system INI files in Windows 3.1? Well, they are all included with even more fun stuff into one big database called the Registry in NT.

Always make sure that you know what you are doing when changing the registry or else just one little mistake can crash the whole system. That's why it's always good to back it up!


Backup and Restore:
Even with Windows 98, and Windows 95 you can not just backup the registry when you back up files. What you would need to do is run either: regedit32.exe (for NT) or regedit.exe and then click the registry menu, then click export registry. The next step is to click all, then pick the drive to back up onto (usually a removable drive like tape, floppy, cd, zip drive, jazz drive etc.) and then hit "ok". To restore a registry from a backed up version, enter the registry program the same way, click import registry and click the drive and path where the backup is and hit "ok". It will restore it back to the previous backed up settings and may require a reboot.
Note: registry backups are saved as .reg files, and they are associated with regedit as default. This means that once you double-click a .reg file, it's contents will be inserted into your own registry.

What is SAM?
SAM is short for Security Accounts Manager, which is located on the PDC and has information on all user accounts and passwords. Most of the time while the PDC is running, it is being accessed or used.


What do I do with a copy of SAM?


You get passwords. First use a copy of SAMDUMP.EXE to extract the user info out of it. You do not need to import this data into the Registry of your home machine to play with it. You can simply load it up into one of the many applications for cracking passwords, such as L0phtCrack, which is available from: http://www.L0phtCrack.com



Of interest to hackers is the fact that all access control and assorted parameters are located in the Registry. The Registry contains thousands of individual items of data, and is grouped together into "keys" or some type of optional value. These keys are grouped together into subtrees -- placing like keys together and making copies of others into separate trees for more convenient system access.

The Registry is divided into four separate subtrees. These subtrees are called

HKEY_CLASSES_ROOT
HKEY_CURRENT_USER
HKEY_LOCAL_MACHINE
HKEY_USERS
We'll go through them from most important to the hacker to least important to the hacker.


First and foremost is the HKEY_LOCAL_MACHINE subtree. It contains five different keys. These keys are as follows:

SAM and SECURITY - These keys contain the info such as user rights, user and group info for the domain (or workgroup if there is no domain), and passwords. In the NT hacker game of capture the flag, this is the flag. Bag this and all bets are off.
The keys are binary data only (for security reasons) and are typically not accessible unless you are an Administrator or in the Administrators group. It is easier to copy the data and play with it offline than to work on directly.


HARDWARE - this is a storage database of throw-away data that describes the hardware components of the computer. Device drivers and applications build this database during boot and update it during runtime (although most of the database is updated during the boot process). When the computer is rebooted, the data is built again from scratch. It is not recommended to directly edit this particular database unless you can read hex easily.
There are three subkeys under HARDWARE, these are the Description key, the DeviceMap key, and the ResourceMap key. The Description key has describes each hardware resource, the DeviceMap key has data in it specific to individual groups of drivers, and the ResourceMap key tells which driver goes with which resource.

SYSTEM - This key contains basic operating stuff like what happens at startup, what device drivers are loaded, what services are in use, etc. These are split into ControlSets which have unique system configurations (some bootable, some not), with each ControlSet containing service data and OS components for that ControlSet. Ever had to boot from the "Last Known Good" configuration because something got hosed? That is a ControlSet stored here.
SOFTWARE - This key has info on software loaded locally. File associations, OLE info, and some miscellaneous configuration data is located here.


The second most important main key is HKEY_USERS. It contains a subkey for each local user who accesses the system, either locally or remotely. If the server is a part of a domain and logs in across the network, their subkey is not stored here, but on a Domain Controller. Things such as Desktop settings and user profiles are stored here.

The third and fourth main keys, HKEY_CURRENT_USER and HKEY_CLASSES_ROOT, contain copies of portions of HKEY_USERS and HKEY_LOCAL_MACHINE respectively. HKEY_CURRENT_USER contains exactly would you would expect a copy of the subkey from HKEY_USERS of the currently logged in user. HKEY_CLASSES_ROOT contains a part of HKEY_LOCAL_MACHINE, specifically from the SOFTWARE subkey. File associations, OLE configuration and dependency information.

What are hives?
Hives are the major subdivisions of all of these subtrees, keys, subkeys, and values that make up the Registry. They contain "related" data.

All hives are stored in %systemroot%\SYSTEM32\CONFIG. The major hives and their files are as follows:

Hive File Backup File
HKEY_LOCAL_MACHINE\SOFTWARE SOFTWARE SOFTWARE.LOG
HKEY_LOCAL_MACHINE\SECURITY SECURITY SECURITY.LOG
HKEY_LOCAL_MACHINE\SYSTEM SYSTEM SYSTEM.LOG
HKEY_LOCAL_MACHINE\SAM SAM SAM.LOG
HKEY_CURRENT_USER USERxxx
ADMINxxx USERxxx.LOG
ADMINxxx.LOG
HKEY_USERS\.DEFAULT DEFAULT DEFAULT.LOG

Hackers should look for the SAM file, with the SAM.LOG file as a secondary target. This contains the password info.

Hive File Backup File
HKEY_LOCAL_MACHINE\SOFTWARE SOFTWARE SOFTWARE.LOG
HKEY_LOCAL_MACHINE\SECURITY SECURITY SECURITY.LOG
HKEY_LOCAL_MACHINE\SYSTEM SYSTEM SYSTEM.LOG
HKEY_LOCAL_MACHINE\SAM SAM SAM.LOG
HKEY_CURRENT_USER USERxxx
ADMINxxx USERxxx.LOG
ADMINxxx.LOG
HKEY_USERS\.DEFAULT DEFAULT DEFAULT.LOG

Hackers should look for the SAM file, with the SAM.LOG file as a secondary target. This contains the password info.

For ease of use, the Registry is divided into five separate structures that represent the Registry database in its entirety. These five groups are known as Keys, and are discussed below:

HKEY_CURRENT_USER
This registry key contains the configuration information for the user that is currently logged in. The users folders, screen colors, and control panel settings are stored here. This information is known as a User Profile.

HKEY_USERS
In windowsNT 3.5x, user profiles were stored locally (by default) in the systemroot\system32\config directory. In NT4.0, they are stored in the systemroot\profiles directory. User-Specific information is kept there, as well as common, system wide user information.

This change in storage location has been brought about to parallel the way in which Windows95 handles its user profiles. In earlier releases of NT, the user profile was stored as a single file - either locally in the \config directory or centrally on a server. In windowsNT 4, the single user profile has been broken up into a number of subdirectories located below the \profiles directory. The reason for this is mainly due to the way in which the Win95 and WinNT4 operating systems use the underlying directory structure to form part of their new user interface.



HKEY_LOCAL_MACHINE
This key contains configuration information particular to the computer. This information is stored in the systemroot\system32\config directory as persistent operating system files, with the exception of the volatile hardware key.

The information gleaned from this configuration data is used by applications, device drivers, and the WindowsNT 4 operating system. The latter usage determines what system configuration data to use, without respect to the user currently logged on. For this reason the HKEY_LOCAL_MACHINE regsitry key is of specific importance to administrators who want to support and troubleshoot NT 4.

HKEY_LOCAL_MACHINE is probably the most important key in the registry and it contains five subkeys:

Hardware: Database that describes the physical hardware in the computer, the way device drivers use that hardware, and mappings and related data that link kernel-mode drivers with various user-mode code. All data in this sub-tree is re-created everytime the system is started.
SAM: The security accounts manager. Security information for user and group accounts and for the domains in NT 4 server.
Security: Database that contains the local security policy, such as specific user rights. This key is used only by the NT 4 security subsystem.
Software: Pre-computer software database. This key contains data about software installed on the local computer, as well as configuration information.
System: Database that controls system start-up, device driver loading, NT 4 services and OS behavior.


Information about the HKEY_LOCAL_MACHINE\SAM Key
This subtree contains the user and group accounts in the SAM database for the local computer. For a computer that is running NT 4, this subtree also contains security information for the domain. The information contained within the SAM registry key is what appears in the user interface of the User Manager utility, as well as in the lists of users and groups that appear when you make use of the Security menu commands in NT4 explorer.

Information about the HKEY_LOCAL_MACHINE\Security key
This subtree contains security information for the local computer. This includes aspects such as assigning user rights, establishing password policies, and the membership of local groups, which are configurable in User Manager.


HKEY_CLASSES_ROOT
The information stored here is used to open the correct application when a file is opened by using Explorer and for Object Linking and Embedding. It is actually a window that reflects information from the HKEY_LOCAL_MACHINE\Software subkey.

HKEY_CURRENT_CONFIG
The information contained in this key is to configure settings such as the software and device drivers to load or the display resolution to use. This key has a software and system subkeys, which keep track of configuration information.






Understanding Hives
The registry is divided into parts called hives. These hives are mapped to a single file and a .LOG file. These files are in the systemroot\system32\config directory.

Registry Hive File Name
HKEY_LOCAL_MACHINE\SAM SAM and SAM.LOG
HKEY_LOCAL_MACHINE\SECURITY Security and Security.LOG
HKEY_LOCAL_MACHINE\SOFTWARE Software and Software.LOG
HKEY_LOCAL_MACHINE\SYSTEM System and System.ALT



Checkout these sites for more info:

NT registry Hacks: http://www.jsiinc.com/default.htm?/reghack.htm
Unofficial NT Hack: http://www.nmrc.org/faqs/nt/index.html
Rhino9: The Windows NT Security Research Team: http://www.xtreme.abyss.com/techvoodoo/rhino9
Regedit.com - cool registry tricks: http://www.regedit.com

Also please checkout: www.windows2000test.com and give it your best shot because Microsoft wants you to test their operating system's security flaws for them. They are challenging all hackers to hack that site.

MAKING WINDOWS XP GENUINE THE EASY WAY

Download jellybean keyfinder from this website
http://www.magicaljellybean.com/keyfinder.shtml

Now open keyfinder.exe
Click on options and click "change windows key"
Now enter this key and you're done.
*****************************
V2C47-MK7JD-3R89F-D2KXW-VPK3J
*****************************

P.S: this works on windows xp sp2 only......

ppl u can try this out...
this might sound silly but it works perfectly...

TRY INSTALLING IE7 OR MEDIA PLAYER11.