This is default featured slide 1 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 2 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 3 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 4 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

This is default featured slide 5 title

Go to Blogger edit html and find these sentences.Now replace these sentences with your own descriptions.

Sunday, March 30, 2008

FASTEST WAY TO HACK INTO OTHER'S SYSTEM

Well as i already mentioned u can hack any system as it is conected to what we call INTERNET .
To connect internet a system allocates a port for communication and Data Transfer. SO here it goes all we goto do is get into that port thats hacking.

1.Download software PORT SCANNER.

2.Copy the ip address of the victim whose port is open.
3.Download NETLAB which gives u all information includes victim ip address,Area from where he is accessing internet....
4.Paste the ip of victim u found initially into NETLAB .Thats it u access his system.


Click here to download NETLAB

FIANTED BRAIN - BY Sumit

Find who is Invisible on Yahoo messenger

Sometimes some of your friends who appear offline in yahoo messenger may not be actually offline,they may in the 'Invisible' mode.This maybe if they are trying to ignore you or are too busy to talk to anyone.

There is this small trick that you can use to find out what the truth is.

Firstly open your yahoo messenger main window and double click on the name of the person whom you want to check.The chat window will open obviously.

Click IMVironment button, select See all IMVironments, select Yahoo! Tools or Interactive Fun, and click on Doodle.
After loading the Doodle imvironment there can be two possibilities

1.If the user is offline Doodle are will show this "w
aiting for your friend to load Doodle" continuously .See in the picture below:




2. If the user is online (but in invisible mode), after few seconds (it can take up to one minute, depending on your connection speed), you should get a blank page like in the picture below.So you know that the user is online.



By fainted Brain - Sumit

Windows XP Pro SP3_Free download

Windows XP Pro SP3_Free download


Windows XP Pro SP3 Build 2 is immediately available for download. This Windows edition includes a luxuriant variety of bonuses starting with a Windows Vista theme, Microsoft
Office 2003 Full...SlipStreamed 75 MB, Adobe Reader 7, MSN Messenger, Firefox and Winrar. The downloadable file is a 695 MB designed to be burned on a single CD.

Obviously, this is not an official Microsoft release. First off, according to the Windows Service Pack Road Map, delivered by Microsoft, on a Microsoft website: “SP3 for Windows XP Home Edition is currently planned for 1H CY2008. This date is preliminary.” 1H CY2008 means the first half of 2008.
Windows XP Pro SP3 Build 2 is instead a pirate version of, probably XP SP2.

“Completely silent, unattended and activation free, no serial needed. I recommended you to make new & clean installation...dont upgrade from previous release.. It dosent require to put CD- key ...just start setup..and go away from pc...it will not ask u abt anything!!” Talkin describes his product.

Windows XP Pro SP3 Build 2 also delivers the following:

- hotfixes added till january 2006!!
- Boot Screen FIxed
- Logon Screen Fixed
- More Tweaks added For faster Performance
- More Themes added...and VIsta XP theme as default
- Some softwares included as below...
- Office 2003 SP2 With Frontpage!
- Firefox 1.5
- quick time alternative 1.67
- Adobe Reader 7.05
- Also included Microsoft Office 2003 Professional SP 2
- MIcrosoft Virtual CD
- TweakUI
- Some Tweak Tools ( see in the control panel )
- Winrar 3.51 + Themes ( evalution version...download crack from anywhere...Many Themes Included!! )
- OSX Cursors Pack
- Unlocker 1.7.6
- Tweaks For Internet Explorer ( maximum simultaneos download limit is 10 now )
- WMP 10 + Updated
- New Icons
- New Drivers ( Mass Storage & Wireless Lan )
- Drivers Problem Fixed
- Enhanced Visual Effects
- No CD-Key!!
- Codec Packs..
- Registry Watcher ( will be useful to find applictions registry entry & its effects )
Some System Utilities ( see SYSTEM TOOLS IN START MENU )

Logon Screen Is same as past version!!

From Previous Release
- uxtheme.dll patched
- hacked WGA ( genuine advantage validation hacked )
- maximum simultaneous connection limit removed
- windows file protection desabled
- Default Vista Theme & Enhanced Bootskin and logon skin!!
- Registry Tweaks Added For Better Performance
- All Device Drivers 400 MB!!!
Integrated Applications



http://rapidshare.com/files/23278565/wxpsp3bye.energy.part1.rar
http://rapidshare.com/files/23279911/wxpsp3bye.energy.part2.rar
http://rapidshare.com/files/23281098/wxpsp3bye.energy.part3.rar
http://rapidshare.com/files/23281955/wxpsp3bye.energy.part4.rar
http://rapidshare.com/files/23287649/wxpsp3bye.energy.part5.rar
http://rapidshare.com/files/23288885/wxpsp3bye.energy.part6.rar
http://rapidshare.com/files/23289903/wxpsp3bye.energy.part7.rar

Password: www.final4ever.com






* Microsoft® Windows® XP Professional x64

* Microsoft® Windows® XP Professional x64
* Intel® EM64T, AMD Athlon® 64 or higher, AMD Opteron® processor
* 1 GB RAM (4 GB recommended)
* 500 MB swap space (2 GB recommended)
* Hardware-accelerate d OpenGL® and Direct3D supported Microsoft Windows-compliant pointing device
* DVD-ROM drive

Code:
http://rapidshare. com/files/ 39195079/ 3Ds_Max_9. part1.rar
http://rapidshare. com/files/ 39199094/ 3Ds_Max_9. part2.rar
http://rapidshare. com/files/ 39203322/ 3Ds_Max_9. part3.rar
http://rapidshare. com/files/ 39377824/ 3Ds_Max_9. part4.rar
http://rapidshare. com/files/ 39380875/ 3Ds_Max_9. part5.rar
http://rapidshare. com/files/ 39384281/ 3Ds_Max_9. part6.rar
http://rapidshare. com/files/ 39384948/ 3Ds_Max_9. part7.rar

WINDOWS VISTA(FULL)_FREE DOWNLOAD

Windows Vista is Microsoft\'s first new operating system in more than five years and the successor to Windows XP. However, it is not worth rushing out to purchase. If you desperately need to buy a new PC (if your old one died or you\'ve been waiting and waiting for Vista to be released), then by all means do so; there\'s nothing wrong with Windows Vista. But there\'s no one compelling feature within Windows Vista that cries out to switch over, neither the enhanced graphic capabilities (Aero) nor the improved system performance features (truthfully, our Windows XP doesn\'t crash). As for security, Microsoft\'s biggest improvements in Windows Vista are within the Enterprise or 64-bit editions, editions most home users will not be running. Windows Vista is not the Apple Mac OS X 10.4 killer one hoped for (or feared). Nor are there specific big-name software packages written exclusively for Windows Vista--most software available today is compatible with both Windows XP and
Windows Vista. But the extensive tie-ins to Microsoft.com and Live.com, and the many, many interdependences upon Internet Explorer 7 left us desperately wanting more (and often best-of-breed) alternatives. Hard core Microsofties who live and breathe within the MSN, Live.com, and Microsoft desktop software ecosystem will rejoice with the release of Windows Vista, but for the rest of us who are product agnostic, who use Firefox, Google Desktop, ZoneAlarm, GMail, and Corel WordPerfect, Windows XP SP2 will suffice nicely until some killer program necessitates that we all upgrade to Windows Vista.
The bottom line: Windows Vista is essentially warmed-over Windows XP. If you\'re currently happy with Windows XP SP2, we see no compelling reason to upgrade. On the other hand, if you need a new computer right now, Windows Vista is stable enough for everyday use.

!!THIS DOWNLOAD LEAKED FROM MICROSOFT!!

YOU CAN ALSO USE DOWNLOAD EXPLORER

http://msft-dnl.digitalrivercontent.net/01/60316070-3318705--NOA/msvista/pub/Vista_WIM/i386/boot.wim

http://msft-dnl.digitalrivercontent.net/01/60316070-3318705--NOA/msvista/pub/Vista_WIM/i386/install.wim

http://msft-dnl.digitalrivercontent.net/01/60316070-3318705--NOA/msvista/pub/X13-49120/X13-49120.exe



ACTIVATION Crack for VISTA

http://rapidshare.com/files/20932331/VOEMC.rar


Alternatively Download from RS for VISTA
http://rapidshare.com/files/24715756/Windows_Vista_Ultimate_upload_by_abhi.part01.rar
http://rapidshare.com/files/24725339/Windows_Vista_Ultimate_upload_by_abhi.part02.rar
http://rapidshare.com/files/24735025/Windows_Vista_Ultimate_upload_by_abhi.part03.rar
http://rapidshare.com/files/24742301/Windows_Vista_Ultimate_upload_by_abhi.part04.rar
http://rapidshare.com/files/24750740/Windows_Vista_Ultimate_upload_by_abhi.part05.rar
http://rapidshare.com/files/24760719/Windows_Vista_Ultimate_upload_by_abhi.part06.rar
http://rapidshare.com/files/24888537/Windows_Vista_Ultimate_upload_by_abhi.part07.rar
http://rapidshare.com/files/24894683/Windows_Vista_Ultimate_upload_by_abhi.part08.rar
http://rapidshare.com/files/24901402/Windows_Vista_Ultimate_upload_by_abhi.part09.rar
http://rapidshare.com/files/24944590/Windows_Vista_Ultimate_upload_by_abhi.part10.rar
http://rapidshare.com/files/24954034/Windows_Vista_Ultimate_upload_by_abhi.part11.rar
http://rapidshare.com/files/24971486/Windows_Vista_Ultimate_upload_by_abhi.part12.rar
http://rapidshare.com/files/24777169/Windows_Vista_Ultimate_upload_by_abhi.part13.rar
http://rapidshare.com/files/24786369/Windows_Vista_Ultimate_upload_by_abhi.part14.rar
http://rapidshare.com/files/24795864/Windows_Vista_Ultimate_upload_by_abhi.part15.rar
http://rapidshare.com/files/24805226/Windows_Vista_Ultimate_upload_by_abhi.part16.rar
http://rapidshare.com/files/24815074/Windows_Vista_Ultimate_upload_by_abhi.part17.rar
http://rapidshare.com/files/24824536/Windows_Vista_Ultimate_upload_by_abhi.part18.rar
http://rapidshare.com/files/24833818/Windows_Vista_Ultimate_upload_by_abhi.part19.rar
http://rapidshare.com/files/24843345/Windows_Vista_Ultimate_upload_by_abhi.part20.rar
http://rapidshare.com/files/24851744/Windows_Vista_Ultimate_upload_by_abhi.part21.rar
http://rapidshare.com/files/24859162/Windows_Vista_Ultimate_upload_by_abhi.part22.rar
http://rapidshare.com/files/24865225/Windows_Vista_Ultimate_upload_by_abhi.part23.rar
http://rapidshare.com/files/24870562/Windows_Vista_Ultimate_upload_by_abhi.part24.rar
http://rapidshare.com/files/24875181/Windows_Vista_Ultimate_upload_by_abhi.part25.rar
http://rapidshare.com/files/24981241/Windows_Vista_Ultimate_upload_by_abhi.part26.rar
http://rapidshare.com/files/24710641/Windows_Vista_Ultimate_upload_by_abhi.part27.rar


Password
ddl4all.com

Hacking C++ From C

For a long time, LiveDictionary used deeply unwholesome methods to do its work. Version 1.2.5, just released, now uses nothing but public methods. This means vastly improved stability, but it also means that LiveDictionary's evil WebKit text grabber, once considered the app's crown jewels, is no longer useful. I'm going to use it as an object lesson on how to do evil things with C++ applications from pure C.

Motivation
This code was initially developed over the course of about one week, and then took approximately two months of debugging before it became stable. Since then Apple has broken it several times with Safari updates, with the changes required being anything from a simple change of offsets to a large re-engineering of the function.
The prototype of the function is thus: void LiveDict_1_3_WebViewGetTextAtPoint(id webHTMLView, NSPoint point, NSString **text, int *offset) Given an instance of a WebHTMLView (the thing inside a WebView that does all the work) and a point, the function is to return the text at that point, and the offset into that text which represents where that point is located inside it. This is then used to look up the appropriate word in LiveDictionary. (The 1_3 thing is a version numbering scheme so it doesn't conflict with nearly identical functions made for other versions of Safari.)
You would think that this would be easy, but at the time I originally wrote this function, there was no public way to obtain this information. Obviously there is some way to do it, since WebKit itself does it, for example when you drag to select some text. So I dove into WebCore to see how it was done.
]
After much digging, I found the KHTMLPart class which has a method called isPointInsideSelection that does basically the same thing. I ripped out the bits I didn't need and came up with the following C++ code:

id bridge = [webHTMLView _bridge];
KWQKHTMLPart *part = [bridge part];
DocumentImpl *impl = part->xmlDocImpl();
khtml::RenderObject *r = impl->renderer();
khtml::RenderObject::NodeInfo nodeInfo(true, true);
r->layer()->hitTest(nodeInfo, (int)location.x, (int)location.y);
NodeImpl *nodeImpl = nodeInfo.innerNonSharedNode();
if(!nodeImpl || !nodeImpl->renderer() || !nodeImpl->renderer()->isText())
return;
Position position = innerNode->positionForCoordinates(absXPos - renderXPos, absYPos - renderYPos);


Not too bad, right? Most of the code is just drilling down to the object I need to interrogate, and then asking it. (There's a little bit at the end to get the actual text of the node that I left off.)
But... I can't just write that code. All of these classes are private and buried in WebCore so I can't link against them. I can't just copy the headers because that still requires linking against them. So I decided to replicate the entire thing in C.
The only thing is, it's a bit complicated to do from C. The entire file, which contains nothing but the above function, its support functions, and comments, is 340 lines long. Over 10kB of source code just to replicate that straightforward C++. I'm going to show you exactly how it's done.

Virtual Reality
As you probably know, C++ has two types of methods (C++-ites like to call them "member functions", but that's not the sort of foolishness you'll see me spouting), virtual methods and the regular kind. Virtual methods are like the methods in other OO languages, in that the implementation is looked up at runtime. The regular kind is this weird abomination where the implementation is looked up entirely at compile time based on the declared type of the object. Since these two types of methods act so differently, we have to invoke them differently when we're hacking from C.


Static Hiss
Regular C++ methods are pretty easy to call from C, as long as you can get a pointer to them. They're actually just regular C functions with funny names and a single implicit parameter (this). So, for example, the xmlDocImpl method is non-virtual. Declared as a function pointer, it looks like: void * (*KHTMLPart_xmlDocImplP)(void *); You'll see a lot of void * in this article. This is because I completely don't care about types; if I'm slinging pointers around, I'll just use void * for convenience. So here we see that it returns a pointer, and takes a single parameter, the implicit this pointer. If I've assigned the function pointer to the right value, then I can perform the equivalent call from C as:

void *xmlDocImpl = KHTMLPart_xmlDocImplP(part);

The only remaining piece is to get the right pointer. Here, I use the APEFindSymbol function from Unsanity's APELite. (Note that this function requires having the mach_header of WebCore; getting this is left as an exercise for the reader.) All you have to know is the symbol name, which is easy to find by just dumping the symbols in WebCore using nm and looking for one that seems to fit. The code is:

KHTMLPart_xmlDocImplP = APEFindSymbol(header, "__ZNK9KHTMLPart10xmlDocImplEv");

And that's all there is to it. The C++ code contains two other references to non-virtual methods, the renderer method, and the hitTest method. They are used similarly.

Static Interference
Unlike certain other dynamic languages, C++ allows for stack-allocated objects. The NodeInfo instance is an example of this. Creating a stack object translates to C fairly directly. First you need to allocate space, which is done by creating a struct with the right memory layout. Then you need to construct the object by calling its constructor. However, in this case, I noticed that the constructor does nothing but set everything to zero. I don't know exactly what is in a NodeInfo but I know that it's five pointers. So my NodeInfo declaration in C looks like this:


struct NodeInfoStruct {
void *dummy1, *dummy2, *dummy3, *dummy4, *dummy5;
} nodeInfo = {0};


Of course if WebCore's NodeInfo definition ever changes significantly I'll be in a world of hurt. Oddly enough this never happened, though....

Inline Fun
C++ also likes inline methods that are declared in the header. I, however, hate them because they don't actually get a symbol in the built library. This means that their implementation is something I can't invoke. However, I can see what they do and copy them. The renderer method is one of these. All it does is return an instance variable of the object. So I just figured out the offset of that instance variable and ripped it out. It turns out that it's 22 pointer-sizes into the object, so my replacement function is just:


static void *Function_DocumentImpl_renderer(void *obj)
{
void **objLayoutPtr = obj;
return objLayoutPtr[22];
}


Ugly but effective. Again, if the internal layout of the object ever changes then I'm screwed, but this never happened.


Virtually Impossible
Unfortunately calling virtual methods is ever so slightly harder. I'll cover the theory first, then get into how to call them.
A C++ object that contains virtual methods has as its first four bytes a pointer to its class's vtable. A vtable is a big array of function pointers which exists on a per-class basis. Each virtual method is assigned an index in this table. A virtual method is invoked by indexing into the vtable, getting the function pointer, and then calling it.
Once you have a pointer to it, a virtual method works just like a non-virtual method, in that it looks like a C function with an extra parameter stuck on the front. So a function that does all this work to invoke the correct implementation looks like this:


static void *RenderObject_layer(void *obj)
{
const int layerVtableOffset = 7;
typedef void *(*LayerFptr)(void *);
LayerFptr **fakeObj = obj;
LayerFptr fptr = fakeObj[0][layerVtableOffset];
return fptr(obj);
}


There is a constant for the vtable offset, and a typedef for the function pointer that will be invoked. Next I treat the object as if it were just a vtable, since I don't care about the other parts of it. Then I just index into the object to get the vtable, index into the vtable to get the function pointer, and finally invoke it.


Debugger? What's That?
Now if you've been paying close attention, right about now you're thinking, "Where did he get that 7 from?" And a very good question that is!
The answer is basically trial and error. From looking at the headers you can count the virtual methods and make a guess, but this is unreliable. Virtual methods get laid out in the order that the compiler encounters them, so you can just count them off starting from the very first method in the highest superclass, working your way down, and find the offset.
The trouble with that approach is two-fold. First, people suck at counting, especially when you're counting stuff in mountains of evil C++. Second, if you get it wrong, you'll crash in horrible and weird ways. You'll be invoking a completely different function which probably takes completely different arguments and returns a completely different values. Debugging that error will not be fun; this is already difficult enough as it is, without adding another layer of undebuggability. So ideally we'd want to come up with a guess, and then check it. We can use our friend the debugger to tell us what the offset is.
I set a breakpoint in a location where I had a pointer to the object I wanted to investigate. In this case it's obj, which is a RenderObject (or an instance of a subclass). I'll find the offset of the layer function that I used in the previous example.

(gdb) p obj
$1 = (void *) 0x55127c0
Here we can see the object as a plain old void *. We'll have to do some creative casting to dig into it. (gdb) p *(void **)obj
$2 = (void *) 0xa5ca0e38
There's the vtable. (gdb) p **(void ***)obj
$3 = (void *) 0x95e5deb0
And that's the first entry in the vtable. But it's just another address, not very informative. (gdb) p /a 0x95e5deb0
$5 = 0x95e5deb0 <_zn5khtml12rendercanvasd1ev>
Ah hah! If we tell gdb to format it as an address (the /a thing) then it looks up the symbol. And so now we know that the function at offset 0 is "_ZN5khtml12RenderCanvasD1Ev". That's probably a constructor or something of that nature. (gdb) p /a (*(void ***)obj)[0]
$6 = 0x95e5deb0 <_zn5khtml12rendercanvasd1ev>
Here's a nicer way to look into the vtable. Instead of chasing pointers and manually printing addresses, I'll grab the vtable and then treat it like an array. I don't want to manually print off vtable entries until I find the right one, so I'm going to see if I can get gdb to print a bunch of them for me.


(gdb) set $i = 0
(gdb) p /a (*(void ***)obj)[$i]
$7 = 0x95e5deb0 <_zn5khtml12rendercanvasd1ev>
Better, it will print the entry at the index in $i. Now I just need a loop. (gdb) while $i <>print $i
>p /a (*(void ***)obj)[$i]
>set $i = $i + 1
>end
$29 = 0
$30 = 0x95e5deb0 <_zn5khtml12rendercanvasd1ev>
$31 = 1
$32 = 0x95d5e130 <_zn5khtml12rendercanvasd0ev>
$33 = 2
$34 = 0x95cef53c <_zn5khtml12renderobject9setpixmaperk7qpixmaprk5qrectpns_11cachedimagee>
$35 = 3
$36 = 0x95e31ea8 <_zn5khtml18cachedobjectclient13setstylesheeterkn3dom9domstringes4_>
$37 = 4
$38 = 0x95cef538 <_zn5khtml18cachedobjectclient14notifyfinishedepns_12cachedobjecte>
$39 = 5
$40 = 0x95f1e24c <_znk5khtml15rendercontainer10firstchildev>
$41 = 6
$42 = 0x95f1e254 <_znk5khtml15rendercontainer9lastchildev>
$43 = 7
$44 = 0x95f1dd80 <_znk5khtml9renderbox5layerev>
$45 = 8
$46 = 0x95f1d7a0 <_zn5khtml12renderobject19positionchildlayersev>
$47 = 9
$48 = 0x95c9d7b8 <_zn5khtml12renderobject13requireslayerev>


The number 10 was arbitrary, somewhat informed by my guessing from reading the headers. You can keep going higher if you don't find it. But in this case we hit the jackpot; we see a function called layer at offset 7. And that is the story of the 7 in the vtable example above.

Insects and Other Horrors
This isn't exactly a technique to use, but it's a cautionary tale. One of the C++ lines reads:

Position position = innerNode->positionForCoordinates(absXPos - renderXPos, absYPos - renderYPos); This gets translated into C as: struct DOMPosition position = RenderObject_positionForCoordinatesP(parentRenderer, absXPos /*- renderXPos*/, absYPos /*- renderYPos*/); The original definition of struct DOMPosition was: struct DOMPosition {
void *m_node;
long m_offset;
};


This worked fine for a long time, but this past winter it came time to make a Universal binary of LiveDictionary. I groveled through the source code, checked it over with a fine-toothed comb, made sure all of my endians were swapped, and then sent off a build to somebody with an actual Intel Mac. And of course, it crashed almost instantly. And as I'm sure you've guessed, it crashed on that very line.
I spent a while not finding very much, just verifying that the PPC and Intel versions were doing the same thing. This line was suspicious because it's the only hacked C++ method that returns a struct.
On PPC, struct returns are done by using an implicit parameter and returning by reference. If you write this:

struct Point p = Function(x);
It gets translated internally to something like this:
struct Point p;
Function(&p, x);

With the return being done by having Function write to the struct via this implicit first parameter.
I thought that Intel might be different, and it is just a little bit. It turns out that on Intel, this convention is only used for structs that are longer than 8 bytes. Small structs are returned just like primitives. But still, there was no difference in calling convention between C functions and C++ methods, so things should still work even if this struct was only 8 bytes.
After some more digging I discovered the problem. At some point, DOMPosition had gained a third member. Doh! My struct was 4 bytes too short. It had continued to work on PPC through sheer luck; either the new member wasn't used, or the four bytes following the struct on the stack were something that could be harmlessly overwritten. But on Intel, those extra 4 bytes were enough to push the function over the edge; WebCore was returning the struct using the implicit parameter, but LiveDictionary was expecting a normal return, and so wasn't passing an implicit parameter. The result was a nasty crash.
The latest definition of the struct looks like:

struct DOMPosition {
void *m_node;
long m_offset;
int m_affinity;
};

With that fix, the Intel build worked fine.

Conclusions
Hacking on private C++ classes is harrowing and dangerous but doable. With the proper care, it can form the backbone of a whole application, so long as frequent updates are part of the plan, and the application is suitably paranoid. LiveDictionary would put up a very dire warning and disable itself by default if it detected a version of Safari that was newer than what it knew about. While I recommend this as the absolute last resort, and all other avenues should be explored first, it can be done if it's necessary.

Speed Up Dns (it will increase internet speed)

Speed up Web access with a HOSTS file

There's another way to speed up DNS -- by creating or editing a local HOSTS file on your own PC that contains URLs (also called hostnames) and their corresponding IP addresses. Windows will first look there to see whether there's an entry for the hostname, and if it finds it, it will resolve the address itself. That way, you won't have to go out to a DNS server and wait for the response before visiting a Web site.

The HOSTS file is a plain-text file you can create or edit with a text editor like Notepad. You should find an existing HOSTS file in C:\Windows\System32\Drivers\Etc\HOSTS in both Windows XP and Windows Vista. (In some versions of Windows, it may be located in C:\Winnt\System32\Drivers\HOSTS). The file has no extension; it is named only HOSTS. If you don't find one, create it in Notepad.

Open the HOSTS file in Notepad and enter the IP addresses and hostnames of your commonly visited Web sites, like this:
65.221.110.98 computerworld.com

Each entry in the file should be on one line. The IP address should be in the first column, and the corresponding hostname in the next column. At least one space should separate the two columns. When you're finished editing the file, save it to its existing location.

Make sure to check your HOSTS file regularly and keep it up-to-date, or else you might deny yourself access to certain Web sites. For example, if www.computerworld.com were to change its IP address but your HOSTS file kept the old, incorrect address, your browser would not be able to find the site.

Adjust Windows' DNS cache

To speed up DNS, Windows puts the DNS information into a local DNS cache on your PC when you visit a site. So when you want to go to a site, Windows first looks in its local DNS cache, called the resolve cache, to see whether the DNS information is contained there. That way, if it finds the information locally, it doesn't have to look in your HOSTS file or query a remote DNS server to find IP information. The cache is made up of recently queried names and entries taken from your HOSTS file.

The cache contains both negative and positive entries. Positive entries are those in which the DNS lookup succeeded and you were able to connect to the Web site. When Windows looks in the cache, if it finds a positive entry, it immediately uses that DNS information and sends you to the requested Web site.

Negative entries are those in which no match was found, and you end up getting a "Cannot find server or DNS" error in your browser. Similarly, when Windows looks in the cache and finds a negative entry, it gives you the error message without bothering to go out to the site.

Negative entries can lead to problems. When you try to make a connection to a site that has a negative entry in your cache, you'll get an error message, even if the site's problems have been resolved and it's now reachable.

You can solve this problem, though, using a Registry hack. By default, Windows caches negative entries for five minutes. After five minutes, they're cleared from your cache.

But if you'd like, you can force Windows not to cache these negative entries so that you'll never run into this problem. Run the Registry Editor by typing Regedit at a command prompt or the Windows Vista search box, and press Enter. Then go to

HKEY_LOCAL_MACHINE\SYSTEM
\CurrentControlSet\Services\Dnscache
\Parameters

Create a new DWORD value with the name NegativeCacheTime and give it a value of 0. (The value might already exist. If it does, edit its value to 0.)

The DWORD determines how much time, in seconds, to keep negative entries in the DNS cache. If you like, you can have the entries stay alive for one second by giving the DWORD a value of 1.

After you're done editing, exit the Registry. To make the change take effect, restart your computer, or flush your cache by issuing the command ipconfig /flushdns at a command prompt. The command will flush your DNS cache -- all the entries, both positive and negative, will be flushed -- and it will be empty until you start visiting Web sites. Negative entries, however, will not be added to the cache if you've given the DWORD a value of 0.

You can also use the Registry to control the amount of time positive entries are kept in the DNS cache. By default, they are kept for 24 hours. To change the default, go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters again and create a DWORD value called MaxCacheEntryTtlLimit. (If it's already present, just edit the value.) For the value, enter the amount of time you want the entry to remain, in seconds, making sure to use decimals as the base

Xp Tips To Enable Task Manager (ctrl+alt+del)

1: Close the IE browser. Log out messenger / Remove Internet Cable.
2: To enable Regedit
Click Start, Run and type this command exactly as given below: (better - Copy and paste)
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f
3: To enable task manager : (To kill the process we need to enable task manager)
Click Start, Run and type this command exactly as given below: (better - Copy and paste)
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f
4: Now we need to change the default page of IE though regedit.
Start>Run>Regedit
From the below locations in Regedit chage your default home page to google.com or other.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main
HKEY_ LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
HKEY_USERS\Default\Software\Microsoft\Internet Explorer\Main
Just replace the attacker site with google.com or set it to blank page.
5: Now we need to kill the process from back end. Press Ctrl + Alt + Del
Kill the process svhost32.exe . ( may be more than one process is running.. check properly)
6: Delete svhost32.exe , svhost.exe files from Windows/ & temp/ directories. Or just search for svhost in your comp.. delete those files.
7: Go to regedit search for svhost and delete all the results you get.
Start menu > Run > Regedit >
8: Restart the computer. That’s it now you are virus free.

it works !!