Archive for May, 2008

How to Make File Undetected by AVs

Posted in info, Video Hacking, windows on May 20, 2008 by sasat

cara buat file  supaya gak didetect oleh anti virus

http://str0ke213.tradebit.com/pub/8/77.flv 

download videonya
Advertisements

Rapidshare Premium

Posted in info, windows on May 20, 2008 by sasat

u can download at http://w15.easy-share.com/1700423360.html

keep spirit

How to recover lost passwords XP with Ophcrack

Posted in info, Video Hacking, windows on May 11, 2008 by sasat

try it :

you can download ophcrack at here http://ophcrack.sourceforge.net/#livecd

isu SMS Merah ATAU EMANG MASYARAKATNYA PENGGOSIP

Posted in info on May 11, 2008 by sasat

dengan adanya SMS MERAH masyarakat dibutakan akan agamanya sendiri akhirnya mau percaya aja isu – isu yang berkembang di media dan teman -teman.

yang lebih lucunya lagi dari berita – berita tersebar yang bercerita tidak langsung menerima sms tersebut dan bercerita bahwa dia punya teman dan temannya lagi punya teman trus ampe punya teman trus ampe punya tetangga trus tetangganya itu punya teman trus teman tetangga itu punya sanak keluarga yang jauh sanak keluarga yang jauh itu masih punya teman …. ?????  aneh berita nya itu sapa dan dimana asal usulnya gak jelas.

menurut ku bila dia punya teman gak punya nama dan alamat artinya temannya itu hantu hehehee

hantu kale yang cerita.

masa bodoh main isu – isu aja.

yang dirugikan bila seseorang yang tak tau menau trus mempunyai nomer 666 ato 866 masa dituduh .. emang masyarakat KOLOT.

LEBIH BELAJAR DAN TRUS BELAJAR , CARI DUIT , CARI DUIT  JANGAN JADI MASYARAKAT PENGGOSIP.

Disable and Remove Windows Genuine Advantage Notifications Nag Screen

Posted in info, windows on May 10, 2008 by sasat

This page has been updated, visit the new article on how to bypass and disable the WGA or way to make your Windows genuine permanently.

Microsoft has released WGA Notifications application which effectively turned Microsoft Windows operating system into a ‘nagware’, with a “This copy of Windows is not genuine” warning. What the Windows Genuine Advantage Notifications application does what it will check your Microsoft Windows XP validity. If it found that the copy of Windows XP is not validated, not genuine, counterfeit, unlicensed, pirated, illegal, unauthorised or simply failed the Windows Genuine Advantage validation process, then the notification messages will appear at various places and time.

Disclaimer: This article is for informational and educational purpose only, as most information is found on various part of Internet. Readers should contacts Microsoft if their licensed or OEM software cannot be validated or purchase genuine software.

When you log on to a non-genuine copy of Windows XP, the following notification error message “This copy of Windows is not genuine” will pop-up on the logon process:

And the nicely said “You may be a victim of software counterfeiting” message on the bottom right corner of log-in screen:

Microsoft allows Windows faithfuls to have 2 options: Get Genuine or Resolve Later. Click on Resolve Later will temporarily bypass the notification and let you login into and use Windows nagged with notification icon and messages, which will randomly appear as balloon notification message with an icon in the notification area (system tray).

Clicking on the balloon notification or the notification area icon will lead you to the Windows Genuine Advantage Validation Failure Web page that contains the specifics of the validation failure and the steps that you can take to make the operating system genuine.

To get rid of the WGA notifications that intends to remind you that your Windows is not validated, you can buy a validly licensed copy of genuine Microsoft Windows.

Update: Bypass WGA Validation with Crack or Hack and Disable WGA Notifications Warning Message Workarounds

Latest Version: 1.5.554.0 on October 2006 (distribute to some computers with no known roll-out pattern), 1.5.708.0 on September 2006 (distribute to whoever wants to download from Microsoft Download Center), 1.5.540.0 on 28th June 2006, 1.5.532.2 on 6th June 2006, 1.5.532.0 on 30th May 2006, 1.5.530.0 on 23rd May 2006, 1.5.526.0 on 26th April 2006.

More information on WGA Validation Tool (KB892130) and WGA Notifications (KB905474) which install LegitCheckControl.dll, WgaLogon.dll and WgaTray.exe.

With new release of WGA, some methods no longer works, and some has been updated. Several methods that has certain success on certain people, you may try until you success.

Official Method by Microsoft

First Method

  1. Lauch Windows Task Manager.
  2. End wgatray.exe process in Task Manager.
  3. Restart Windows XP in Safe Mode.
  4. Delete WgaTray.exe from c:\Windows\System32.
  5. Delete WgaTray.exe from c:\Windows\System32\dllcache.
  6. Lauch RegEdit.
  7. Browse to the following location:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
    Windows NT\CurrentVersion\Winlogon\Notify
  8. Delete the folder ‘WgaLogon’ and all its contents
  9. Reboot Windows XP.

Note: With this method, you may be prompted to install WGA Notifications again which can still be unselected.

Second Method

Another alternative is by using System Restore to restore the PC to a previous restore point that WGA Notifications hasn’t kicked in, and then carefully stop KB905474 from been applied to the system. To use System Restore, go to Start -> All Programs -> Accessories -> System Tools -> System Restore.

Note: Again, you may be prompted again to install WGA Notification, so it must be bypassed.

Third Method updated

This method involves using a cracked version of LegitCheckControl.dll to replace the original copy of LegitCheckControl.dll, and thus bypass the WGA validation and make Microsoft believes that your copy of Windows is genuine. To get rid of WGA Notifications warning messages, the patched version of WgaLogon.dll and WgaTray.exe to replace the existing files.

To apply the patch by replacing the files manually, try to end the respective processes in the Task Manager before deleting the existing files. Most likely is you will have to restart your PC in Safe Mode in order to replacing the original copy of LegitCheckControl.dll and related files. However, there has been automatic updater and even cracked WGA installer that automatically apply the patched version of WGA files.

Latest Update for WGA version 1.5.708.0 latest

Download cracked and patched version of LegitCheckControl.dll with thanks to Danny.

Latest Update for WGA version 1.5.554.0 latest

Download cracked and patched version of LegitCheckControl.dll, WgaLogon.dll and WgaTray.exe for v1.5.554.0 of Windows Genuine Advantage Validation Tool and WGA Notifications.

John suggested that it may be rolled out to reduce the frequency of ‘phone home’ feature. BetaNews has confirmed this and says Microsoft has completed the pilot phase for WGA Notifications, officially rolling out the anti-piracy reminders to Windows XP users worldwide. Anyway if Notifications Tools is patched, it won’t callbacks at all. Swissboy found that now there are 15 languages supported for KB905474 and offers solution.

General release version of Windows Genuine Advantage Notifications also has updated EULA which says installing of this update is optional. However, once installed, the update will become a permanent part of your Windows XP software, means you can’t uninstall it. The EULA also confirms that information about your system will be sent to Microsoft. You can just skip installing the KB905474 by clicking “I Decline” when shown the EULA. If you don’t want the Automatic Updates or Windows Updates to try install WGA Notifications again, click Don’t ask me to install these updates again at Decline EULA window.

Latest Update for WGA version 1.5.532.2

Version 1.5.532.2 of WGA Validation Tool and WGA Notifications is NOT YET mass released to all Windows system, so your system may not have this version.

WindowsXP-KB905474-ENU-x86-1.5.532.2-noWGA.exe (as suggested by swissboy) is the original setup of KB905474, but with the 3 files as mentioned above replaced with patched version and re-packed. You can view the contents with WinRAR or 7-Zip. Download here or here. (Removed due to compliant from Microsoft)

LegitCheckControl.dll-v1.5.532.2-Jun-02-2006.zip (as suggested by swissboy) contains hacked version of LegitCheckControl.dll which you have to replace manually over the existing dll in \Windows\System32 folder. Download here or here. (Deleted due to complaint from Microsoft)

new More automated WGA removal tool: RemoveWGA

Latest Update for WGA version 1.5.532.0

LegitCheckControl1.5.532.0.muiz.fixed.rar (suggested by Picard) is the patched LegitCheckControl.dll and can be download here or here (removed due to complaint from Microsoft).

If LegitCheckControl.dll alone doesn’t work, try to patch the other two WGA files too, namely WgaLogon.dll and WgaTray.exe. Download the the patches for 3 files here or here (Removed due to complaint from Microsoft). Overwrite the original files with these hacked version in \Windows\System32 folder. The patch should remove notifications nag screen and allows Windows Update.

There are also several automated tools that save the dirty works of have to manually overwrites and replaces the WGA applications.

WGAPatch905474 (suggested by SilverBullet) contains 905474.exe that will patch Windows to allow access to full (custom) Windows Update and get rid of nag screen. Download 905474.exe here or here (removed due to complaint from Microsoft).

There are also several patched WGANotify KB905474 installation setup which will install KB905474 WGAnotify with the 3 patched WGA files namely LegitCheckControl.dll, WgaLogon.dll and WgaTray.exe. One of them is HotFix windowsxp-kb905474-enu-x86.exe suggested by DeaDMan Walking, which will after install, disable notifications nag screen and allows update. Download here, here or here (removed coz of Microsoft complaint).

WindowsXP-KB905474-ENU-x86-v1.5.532.0-noWGA.exe (suggested by Swissboy) is also the patched KB905474 setup file which is actually the original setup of KB905474, but with the 3 files replaced. Download it here or here (removed due to Microsoft compliant).

Old Updates

Version 1.5.530.0 of cracked LegitCheckControl.dll (suggested by chucko), can also be downloaded here or here (obsolete links, visit here for updates).

Use the latest cracked LegitCheckControl.dll by searching for “Windows.Genuine.Advantage.Validation.v1.5.526.0.CRACKED-ETH0″. Can also be downloaded here (obsolete link, update here). Cracked LegitCheckControl.dll also available here or here (obsolete links, updates available here). Once download the cracked dll, replace the LegitCheckControl.dll in \Windows\System32 folder with the cracked version. You may need to restart your PC in safe mode to replace the files.

Forth Method

Jules found that by disabling and renaming the files ‘WgaLogon.dll’ and ‘WgaTray.exe’ in C:\WINDOWS\system32 folder by using the program Unlocker seems to get rid of all the nags/popups.

Fifth Method

Clear the contents or create a new empty data.dat for WGA, and make data.dat Read-Only and Hidden as detailed here.

The following step basically is the same with the above data.dat method, only different is that you no need to create any file in the WGA data folder:

  1. Launch Windows Explorer and go to C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage\data
  2. Go to Tools -> Folder Option -> View.
  3. Select (click) Show Hidden Files and Folders option.
  4. Unselect (uncheck) Hide Protected Operating System Files option.
  5. Click OK.
  6. Delete everything in the data folder.
  7. Right click on data folder, and select Properties.
  8. Select (Check) Read-Only as the folder’s atributes.
  9. Click OK or Apply.

Update: After 30 May 2006 with the release of WGA 1.5.532.0, this method no longer works. If the data.dat is set to “Read-Only”, WGA may complains that the serial key from the file could not be read, making the WGA validation failed even with the cracked dll files. So just delete the file (and make sure the folder is not set to “Read-Only”), WGA will then automatically regenerate the file and create the key, so you will pass the validation if you have the correct patched dll installed.

Sixth Method

Another alternative suggest that three files are installed Windows XP System Folder for WGA:

\WINDOWS\system32\WgaLogon.dll
\WINDOWS\system32\WgaTray.exe
\WINDOWS\system32\LegitCheckControl.dll

The wgatray.exe process makes the check for genuine windows software. If WgaLogon.dll is denied execution right, that WinLogon is unable to call it to check on Windows validity and display notification package at boot, and since WgaLogon is also responsible for running and maintaining WgaTray.exe, no more tray popups either.

To change and disable the execute bit of WgaLogon.dll:

  1. Turn off Simple File Sharing in Tools -> Folder Options -> View tab.
  2. Right click WgaLogon.dll in Windows Explorer and open the Security Tab.
  3. Click Advanced button.
  4. Uncheck the Inherit box at the bottom.
  5. Click the Copy button.
  6. Click OK.
  7. Go through each listed user/group and remove the “Read & Execute” permission for WgaLogon.dll, leaving the “Read” permission as-is.
  8. Click OK to apply the permission changes.
  9. Close the file properties dialog.
  10. Restart the computer.
  11. Turn “Use simple file sharing” on (optional).

Optionally, steps suggested by PSNet which has the same effect – disabling WgaLogon.dll.

Registry has been disable by your administrator

Posted in info, windows on May 9, 2008 by sasat

hehhe mau coba masuk regestrynya windows soalnya kebanyak proteksi

nih script dibawah copy ke notepad

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] “DisableRegistryTools”=dword:00000000

simpan dengan hajar.reg

trus klik aja hajar.reg 2 kali

restart
skrg coba buka regeditnya

How to recover from a corrupted registry that prevents Windows XP from starting

Posted in info, windows on May 6, 2008 by sasat

ketemu ada kata-kata seperti dibawah ini yang membuat pusing saat booting masuk windows

MORE INFORMATION

When you try to start or restart your Windows XP-based computer, you may receive one of the following error messages:

Windows XP could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SYSTEM
Windows XP could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SOFTWARE
Stop: c0000218 {Registry File Failure} The registry cannot load the hive (file): \SystemRoot\System32\Config\SOFTWARE or its log or alternate
System error: Lsass.exe
When trying to update a password the return status indicates that the value provided as the current password is not correct.
solusi nya
part one:
n part one, you start the Recovery Console, create a temporary folder, back up the existing registry files to a new location, delete the registry files at their existing location, and then copy the registry files from the repair folder to the System32\Config folder. When you have finished this procedure, a registry is created that you can use to start Windows XP. This registry was created and saved during the initial setup of Windows XP. Therefore any changes and settings that occurred after the Setup program was finished are lost.

To complete part one, follow these steps:

1. Insert the Windows XP startup disk into the floppy disk drive, or insert the Windows XP CD-ROM into the CD-ROM drive, and then restart the computer.
Click to select any options that are required to start the computer from the CD-ROM drive if you are prompted to do so.
2. When the “Welcome to Setup” screen appears, press R to start the Recovery Console.
3. If you have a dual-boot or multiple-boot computer, select the installation that you want to access from the Recovery Console.
4. When you are prompted to do so, type the Administrator password. If the administrator password is blank, just press ENTER.
5. At the Recovery Console command prompt, type the following lines, pressing ENTER after you type each line:
md tmp
copy c:\windows\system32\config\system c:\windows\tmp\system.bak
copy c:\windows\system32\config\software c:\windows\tmp\software.bak
copy c:\windows\system32\config\sam c:\windows\tmp\sam.bak
copy c:\windows\system32\config\security c:\windows\tmp\security.bak
copy c:\windows\system32\config\default c:\windows\tmp\default.bak

delete c:\windows\system32\config\system
delete c:\windows\system32\config\software
delete c:\windows\system32\config\sam
delete c:\windows\system32\config\security
delete c:\windows\system32\config\default

copy c:\windows\repair\system c:\windows\system32\config\system
copy c:\windows\repair\software c:\windows\system32\config\software
copy c:\windows\repair\sam c:\windows\system32\config\sam
copy c:\windows\repair\security c:\windows\system32\config\security
copy c:\windows\repair\default c:\windows\system32\config\default

6.Type exit to quit Recovery Console. Your computer will restart.
Note This procedure assumes that Windows XP is installed to the C:\Windows folder. Make sure to change C:\Windows to the appropriate windows_folder if it is a different location.

If you have access to another computer, to save time, you can copy the text in step five, and then create a text file called “Regcopy1.txt” (for example). To use this file, run the following command when you start in Recovery Console:

batch regcopy1.txt

With the batch command in Recovery Console, you can process all the commands in a text file sequentially. When you use the batch command, you do not have to manually type as many commands.

Part two

loadTOCNode(3, ‘moreinformation’); To complete the procedure described in this section, you must be logged on as an administrator, or an administrative user (a user who has an account in the Administrators group). If you are using Windows XP Home Edition, you can log on as an administrative user. If you log on as an administrator, you must first start Windows XP Home Edition in Safe mode. To start the Windows XP Home Edition computer in Safe mode, follow these steps.

Note Print these instructions before you continue. You cannot view these instructions after you restart the computer in Safe Mode. If you use the NTFS file system, also print the instructions from Knowledge Base article KB309531. Step 7 contains a reference to the article.

1. Click Start, click Shut Down (or click Turn Off Computer), click Restart, and then click OK (or click Restart).
2. Press the F8 key.

On a computer that is configured to start to multiple operating systems, you can press F8 when you see the Startup menu.

3. Use the arrow keys to select the appropriate Safe mode option, and then press ENTER.
4. If you have a dual-boot or multiple-boot system, use the arrow keys to select the installation that you want to access, and then press ENTER.

In part two, you copy the registry files from their backed up location by using System Restore. This folder is not available in Recovery Console and is generally not visible during typical usage. Before you start this procedure, you must change several settings to make the folder visible:

1. Start Windows Explorer.
2. On the Tools menu, click Folder options.
3. Click the View tab.
4. Under Hidden files and folders, click to select Show hidden files and folders, and then click to clear the Hide protected operating system files (Recommended) check box.
5. Click Yes when the dialog box that confirms that you want to display these files appears.
6. Double-click the drive where you installed Windows XP to display a list of the folders. If is important to click the correct drive.
7. Open the System Volume Information folder. This folder is unavailable and appears dimmed because it is set as a super-hidden folder.

Note This folder contains one or more _restore {GUID} folders such as “_restore{87BD3667-3246-476B-923F-F86E30B3E7F8}”.

Note You may receive the following error message:

C:\System Volume Information is not accessible. Access is denied.

If you receive this message, see the following Microsoft Knowledge Base article to gain access to this folder and continue with the procedure:

309531 (http://support.microsoft.com/kb/309531/) How to gain access to the System Volume Information folder
8. Open a folder that was not created at the current time. You may have to click Details on the View menu to see when these folders were created. There may be one or more folders starting with “RPx under this folder. These are restore points.
9. Open one of these folders to locate a Snapshot subfolder. The following path is an example of a folder path to the Snapshot folder:

C:\System Volume Information\_restore{D86480E3-73EF-47BC-A0EB-A81BE6EE3ED8}\RP1\Snapshot
10. From the Snapshot folder, copy the following files to the C:\Windows\Tmp folder:

_REGISTRY_USER_.DEFAULT
_REGISTRY_MACHINE_SECURITY
_REGISTRY_MACHINE_SOFTWARE
_REGISTRY_MACHINE_SYSTEM
_REGISTRY_MACHINE_SAM
11. Rename the files in the C:\Windows\Tmp folder as follows:

Rename _REGISTRY_USER_.DEFAULT to DEFAULT
Rename _REGISTRY_MACHINE_SECURITY to SECURITY
Rename _REGISTRY_MACHINE_SOFTWARE to SOFTWARE
Rename _REGISTRY_MACHINE_SYSTEM to SYSTEM
Rename _REGISTRY_MACHINE_SAM to SAM
untuk lebih lanjut bisa kunjungi http://support.microsoft.com/kb/307545