Thursday, May 31, 2012

All About Movie Tags (what Is A Dvdrip, Cam ...)

A cam is a theater rip usually done with a digital video camera. A mini tripod is sometimes used, but a lot of the time this wont be possible, so the camera make shake. Also seating placement isn't always idle, and it might be filmed from an angle. If cropped properly, this is hard to tell unless there's text on the screen, but a lot of times these are left with triangular borders on the top and bottom of the screen. Sound is taken from the onboard microphone of the camera, and especially in comedies, laughter can often be heard during the film. Due to these factors picture and sound quality are usually quite poor, but sometimes we're lucky, and the theater will be fairly empty and a fairly clear signal will be heard.

TELESYNC (TS) - A telesync is the same spec as a CAM except it uses an external audio source (most likely an audio jack in the chair for hard of hearing people). A direct audio source does not ensure a good quality audio source, as a lot of background noise can interfere. A lot of the times a telesync is filmed in an empty cinema or from the projection booth with a professional camera, giving a better picture quality. Quality ranges drastically, check the sample before downloading the full release. A high percentage of Telesyncs are CAMs that have been mislabeled.

A telecine machine copies the film digitally from the reels. Sound and picture should be very good, but due to the equipment involved and cost telecines are fairly uncommon. Generally the film will be in correct aspect ratio, although 4:3 telecines have existed. A great example is the JURASSIC PARK 3 TC done last year. TC should not be confused with TimeCode , which is a visible counter on screen throughout the film.

A pre VHS tape, sent to rental stores, and various other places for promotional use. A screener is supplied on a VHS tape, and is usually in a 4:3 (full screen) a/r, although letterboxed screeners are sometimes found. The main draw back is a "ticker" (a message that scrolls past at the bottom of the screen, with the copyright and anti-copy telephone number). Also, if the tape contains any serial numbers, or any other markings that could lead to the source of the tape, these will have to be blocked, usually with a black mark over the section. This is sometimes only for a few seconds, but unfortunately on some copies this will last for the entire film, and some can be quite big. Depending on the equipment used, screener quality can range from excellent if done from a MASTER copy, to very poor if done on an old VHS recorder thru poor capture equipment on a copied tape. Most screeners are transferred to VCD, but a few attempts at SVCD have occurred, some looking better than others.

DVD-SCREENER (DVDscr) -Same premise as a screener, but transferred off a DVD. Usually letterbox , but without the extras that a DVD retail would contain. The ticker is not usually in the black bars, and will disrupt the viewing. If the ripper has any skill, a DVDscr should be very good. Usually transferred to SVCD or DivX/XviD.

DVDRip - A copy of the final released DVD. If possible this is released PRE retail (for example, Star Wars episode 2) again, should be excellent quality. DVDrips are released in SVCD and DivX/XviD.

VHSRip -Transferred off a retail VHS, mainly skating/sports videos and XXX releases.

TVRip -TV episode that is either from Network (capped using digital cable/satellite boxes are preferable) or PRE-AIR from satellite feeds sending the program around to networks a few days earlier (do not contain "dogs" but sometimes have flickers etc) Some programs such as WWF Raw Is War contain extra parts, and the "dark matches" and camera/commentary tests are included on the rips. PDTV is capped from a digital TV PCI card, generally giving the best results, and groups tend to release in SVCD for these. VCD/SVCD/DivX/XviD rips are all supported by the TV scene.

WORKPRINT (WP) -A workprint is a copy of the film that has not been finished. It can be missing scenes, music, and quality can range from excellent to very poor. Some WPs are very different from the final print (Men In Black is missing all the aliens, and has actors in their places) and others can contain extra scenes (Jay and Silent Bob) . WPs can be nice additions to the collection once a good quality final has been obtained.

DivX Re-Enc -A DivX re-enc is a film that has been taken from its original VCD source, and re-encoded into a small DivX file. Most commonly found on file sharers, these are usually labeled something like Film.Name.Group(1of2) etc. Common groups are SMR and TND. These aren't really worth downloading, unless you're that unsure about a film u only want a 200mb copy of it. Generally avoid.

Watermarks -
A lot of films come from Asian Silvers/PDVD (see below) and these are tagged by the people responsible. Usually with a letter/initials or a little logo, generally in one of the corners. Most famous are the "Z" "A" and "Globe" watermarks.

Asian Silvers / PDVD -
These are films put out by eastern bootleggers, and these are usually bought by some groups to put out as their own. Silvers are very cheap and easily available in a lot of countries, and its easy to put out a release, which is why there are so many in the scene at the moment, mainly from smaller groups who don't last more than a few releases. PDVDs are the same thing pressed onto a DVD. They have removable subtitles, and the quality is usually better than the silvers. These are ripped like a normal DVD, but usually released as VCD.


VCD  is an mpeg1 based format, with a constant bitrate of 1150kbit at a resolution of 352x240 (NTCS). VCDs are generally used for lower quality transfers (CAM/TS/TC/Screener(VHS)/TVrip(analogue) in order to make smaller file sizes, and fit as much on a single disc as possible. Both VCDs and SVCDs are timed in minutes, rather than MB, so when looking at an mpeg, it may appear larger than the disc capacity, and in reality u can fit 74min on a CDR74.

SVCD  is an mpeg2 based (same as DVD) which allows variable bit-rates of up to 2500kbits at a resolution of 480x480 (NTSC) which is then decompressed into a 4:3 aspect ratio when played back. Due to the variable bit-rate, the length you can fit on a single CDR is not fixed, but generally between 35-60 Mins are the most common. To get a better SVCD encode using variable bit-rates, it is important to use multiple "passes". this takes a lot longer, but the results are far clearer.

XVCD/XSVCD -These are basically VCD/SVCD that don't obey the "rules". They are both capable of much higher resolutions and bit-rates, but it all depends on the player to whether the disc can be played. X(S)VCD are total non-standards, and are usually for home-ripping by people who don't intend to release them.

KVCD is a modification to the standard MPEG-1 and MPEG-2 GOP structure and Quantization Matrix. It enables you to create over 120 minutes of near DVD quality video, depending on your material, on a single 80 minute CD-R/CD-RW. We have published these specifications as KVCDx3, our official resolution, which produce 528x480 (NTSC) and 528x576 (PAL) MPEG-1 variable bit rate video, from 64Kbps to 3,000Kbps. Using a resolution of 352x240 (NTSC) or 352x288 (PAL), it's possible to encode video up to ~360 minutes of near VCD quality on a single 80 minute CD-R. The mpeg files created will play back in most modern standalone DVD players. You must burn the KVCD MPEG files as non-standard VCD or non-standard SVCD (depends on your player) with Nero or VCDEasy.

DivX is a format designed for multimedia platforms. It uses two codecs, one low motion, one high motion. most older films were encoded in low motion only, and they have problems with high motion too. A method known as SBC (Smart Bit-rate Control) was developed which switches codecs at the encoding stage, making a much better print. The format is Ana orphic and the bit-rate/resolution are interchangeable. Due to the higher processing power required, and the different codecs for playback, its unlikely we'll see a DVD player capable of play DivX for quite a while, if at all. There have been players in development which are supposedly capable, but nothing has ever arisen. The majority of PROPER DivX rips (not Re-Encs) are taken from DVDs, and generally up to 2hours in good quality is possible per disc. Various codecs exist, most popular being the original Divx3.11a and the new XviD codecs.

CVD is a combination of VCD and SVCD formats, and is generally supported by a majority of DVD players. It supports MPEG2 bit-rates of SVCD, but uses a resolution of 352x480(ntsc) as the horizontal resolution is generally less important. Currently no groups release in CVD.

Is the recordable DVD solution that seems to be the most popular (out of DVD-RAM, DVD-R and DVD+R). it holds 4.7gb of data per side, and double sided discs are available, so discs can hold nearly 10gb in some circumstances. SVCD mpeg2 images must be converted before they can be burnt to DVD-R and played successfully. DVD>DVDR copies are possible, but sometimes extras/languages have to be removed to stick within the available 4.7gb.

MiniDVD/cDVD is the same format as DVD but on a standard CDR/CDRW. Because of the high resolution/bit-rates, its only possible to fit about 18-21 mins of footage per disc, and the format is only compatible with a few players.

Regional Coding -
This was designed to stop people buying American DVDs and watching them earlier in other countries, or for older films where world distribution is handled by different companies. A lot of players can either be hacked with a chip, or via a remote to disable this.

RCE (Regional Coding Enhancement) was designed to overcome "Multiregion" players, but it had a lot of faults and was overcome. Very few titles are RCE encoded now, and it was very unpopular.

Macrovision is the copy protection employed on most commercial DVDs. Its a system that will display lines and darken the images of copies that are made by sending the VHS signals it can't understand. Certain DVD players (for example the Dansai 852 from Tescos) have a secret menu where you can disable the macrovision, or a "video stabaliser" costs about 30UKP from Maplin (

NTSC and PAL are the two main standards used across the world. NTSC has a higher frame rate than pal (29fps compared to 25fps) but PAL has an increased resolution, and gives off a generally sharper picture. Playing NTSC discs on PAL systems seems a lot easier than vice-versa, which is good news for the Brits An RGB enabled scart lead will play an NTSC picture in full colour on most modern tv sets, but to record this to a VHS tape, you will need to convert it to PAL50 (not PAL60 as the majority of DVD players do.) This is either achieved by an expensive converter box (in the regions of £200+) an onboard converter (such as the Dansai 852 / certain Daewoos / Samsung 709 ) or using a World Standards VCR which can record in any format.

News Sites -
There are generally 2 news sites for film release for p2p and they are:

nforce - VCD Help


About Release Files

RARset -
The movies are all supplied in RAR form, whether its v2 (rar>.rxx) or v3 (part01.rar > partxx.rar) form.

VCD and SVCD films will extract to give a BIN/CUE. Load the .CUE into notepad and make sure the first line contains only a filename, and no path information. Then load the cue into Nero/CDRWin etc and this will burn the VCD/SVCD correctly. TV rips are released as MPEG. DivX files are just the plain DivX - .AVI

An NFO file is supplied with each movie to promote the group, and give general iNFOrmation about the release, such as format, source, size, and any notes that may be of use. They are also used to recruit members and acquire hardware for the group.

Also supplied for each disc is an SFV file. These are mainly used on site level to check each file has been uploaded correctly, but are also handy for people downloading to check they have all the files, and the CRC is correct. A program such as pdSFV or hkSFV is required to use these files.

Usenet Information

Access -
To get onto newsgroups, you will need a news server. Most ISPs supply one, but this is usually of poor retention (the amount of time the files are on server for) and poor completition (the amount of files that make it there). For the best service, a premium news server should be paid for, and these will often have bandwidth restrictions in place.

Software -
You will need a newsreader to access the files in the binary newsgroups. There are many different readers, and its usually down to personal opinion which is best. Xnews / Forte Agent / BNR 1 / BNR 2 are amongst the popular choices. Outlook has the ability to read newsgroups, but its recommended to not use that.

Format -
Usenet posts are often the same as those listed on VCDQUALiTY (i.e., untouched group releases) but you have to check the filenames and the description to make sure you get what you think you are getting. Generally releases should come down in .RAR sets. Posts will usually take more than one day to be uploaded, and can be spread out as far as a week.

PAR files -
As well as the .rxx files, you will also see files listed as .pxx/.par . These are PARITY files. Parity files are common in usenet posts, as a lot of times, there will be at least one or two damaged files on some servers. A parity file can be used to replace ANY ONE file that is missing from the rar set. The more PAR files you have, the more files you can replace. You will need a program called SMARTPAR for this.

Scene Tags

Due to scene rules, whoever releases the first Telesync has won that race (for example). But if the quality of that release is fairly poor, if another group has another telesync (or the same source in higher quality) then the tag PROPER is added to the folder to avoid being duped. PROPER is the most subjective tag in the scene, and a lot of people will generally argue whether the PROPER is better than the original release. A lot of groups release PROPERS just out of desperation due to losing the race. A reason for the PROPER should always be included in the NFO.

In the case of a VCD, if a release is subbed, it usually means it has hard encoded subtitles burnt throughout the movie. These are generally in malaysian/chinese/thai etc, and sometimes there are two different languages, which can take up quite a large amount of the screen. SVCD supports switch able subtitles, so some DVDRips are released with switch able subs. This will be mentioned in the NFO file if included.

When a film has had a subbed release in the past, an Unsubbed release may be released

A limited movie means it has had a limited theater run, generally opening in less than 250 theaters, generally smaller films (such as art house films) are released as limited.

An internal release is done for several reasons. Classic DVD groups do a lot of .INTERNAL. releases, as they wont be dupe'd on it. Also lower quality theater rips are done INTERNAL so not to lower the reputation of the group, or due to the amount of rips done already. An INTERNAL release is available as normal on the groups affiliate sites, but they can't be traded to other sites without request from the site ops. Some INTERNAL releases still trickle down to IRC/Newsgroups, it usually depends on the title and the popularity. Earlier in the year people referred to Centropy going "internal". This meant the group were only releasing the movies to their members and site ops. This is in a different context to the usual definition.

Straight To Video. Was never released in theaters, and therefore a lot of sites do not allow these.


*WS* for widescreen (letterbox)
*FS* for Fullscreen.

A recode is a previously released version, usually filtered through TMPGenc to remove subtitles, fix color etc. Whilst they can look better, its not looked upon highly as groups are expected to obtain their own sources.

If a group releases a bad rip, they will release a Repack which will fix the problems.

A film can be nuked for various reasons. Individual sites will nuke for breaking their rules (such as "No Telesyncs") but if the film has something extremely wrong with it (no soundtrack for 20mins, CD2 is incorrect film/game etc) then a global nuke will occur, and people trading it across sites will lose their credits. Nuked films can still reach other sources such as p2p/usenet, but its a good idea to check why it was nuked first in case. If a group realise there is something wrong, they can request a nuke.

NUKE REASONS :: this is a list of common reasons a film can be nuked for (generally DVDRip)

** BAD A/R ** :: bad aspect ratio, ie people appear too fat/thin
** BAD IVTC ** :: bad inverse telecine. process of converting framerates was incorrect.
** INTERLACED ** :: black lines on movement as the field order is incorrect.

Dupe is quite simply, if something exists already, then theres no reason for it to exist again without proper reason.



Wednesday, May 30, 2012


Like any other field in computer science, viruses have evolved -a great deal indeed- over the years. In the series of press releases which start today, we will look at the origins and evolution of malicious code since it first appeared up to the present.

Going back to the origin of viruses, it was in 1949 that Mathematician John Von Neumann described self-replicating programs which could resemble computer viruses as they are known today. However, it was not until the 60s that we find the predecessor of current viruses. In that decade, a group of programmers developed a game called Core Wars, which could reproduce every time it was run, and even saturate the memory of other players’ computers. The creators of this peculiar game also created the first antivirus, an application named Reeper, which could destroy copies created by Core Wars.

However, it was only in 1983 that one of these programmers announced the existence of Core Wars, which was described the following year in a prestigious scientific magazine: this was actually the starting point of what we call computer viruses today.

At that time, a still young MS-DOS was starting to become the preeminent operating system worldwide. This was a system with great prospects, but still many deficiencies as well, which arose from software developments and the lack of many hardware elements known today. Even like this, this new operating system became the target of a virus in 1986: Brain, a malicious code created in Pakistan which infected boot sectors of disks so that their contents could not be accessed. That year also saw the birth of the first Trojan: an application called PC-Write.

Shortly after, virus writers realized that infecting files could be even more harmful to systems. In 1987, a virus called Suriv-02 appeared, which infected COM files and opened the door to the infamous viruses Jerusalem or Viernes 13. However, the worst was still to come: 1988 set the date when the “Morris worm” appeared, infecting 6,000 computers.

From that date up to 1995 the types of malicious codes that are known today started being developed: the first macro viruses appeared, polymorphic viruses … Some of these even triggered epidemics, such as MichaelAngelo. However, there was an event that changed the virus scenario worldwide: the massive use of the Internet and e-mail. Little by little, viruses started adapting to this new situation until the appearance, in 1999, of Melissa, the first malicious code to cause a worldwide epidemic, opening a new era for computer viruses.

This second installment of ‘The evolution of viruses’ will look at how malicious code used to spread before use of the Internet and e-mail became as commonplace as it is today, and the main objectives of the creators of those earlier viruses.
Until the worldwide web and e-mail were adopted as a standard means of communication the world over, the main mediums through which viruses spread were floppy disks, removable drives, CDs, etc., containing files that were already infected or with the virus code in an executable boot sector.

When a virus entered a system it could go memory resident, infecting other files as they were opened, or it could start to reproduce immediately, also infecting other files on the system. The virus code could also be triggered by a certain event, for example when the system clock reached a certain date or time.  In this case, the virus creator would calculate the time necessary for the virus to spread and then set a date –often with some particular significance- for the virus to activate. In this way, the virus would have an incubation period during which it didn’t visibly affect computers, but just spread from one system to another waiting for ‘D-day’ to launch its payload. This incubation period would be vital to the virus successfully infecting as many computers as possible.

One classic example of a destructive virus that lay low before releasing its payload was CIH, also known as Chernobyl. The most damaging version of this malicious code activated on April 26, when it would try to overwrite the flash-BIOS, the memory which includes the code needed to control PC devices. This virus, which first appeared in June 1998, had a serious impact for over two years and still continues to infect computers today.

Because of the way in which they propagate, these viruses spread very slowly, especially in comparison to the speed of today’s malicious code. Towards the end of the Eighties, for example, the Friday 13th (or Jerusalem) virus needed a long time to actually spread and continued to infect computers for some years. In contrast, experts reckon that in January 2003, SQLSlammer took just ten minutes to cause global communication problems across the Internet.

Notoriety versus stealth

For the most part, in the past, the activation of a malicious code triggered a series of on screen messages or images, or caused sounds to be emitted to catch the user’s attention.  Such was the case with the Ping Pong virus, which displayed a ball bouncing from one side of the screen to another. This kind of elaborate display was used by the creator of the virus to gain as much notoriety as possible. Nowadays however, the opposite is the norm, with virus authors trying to make malicious code as discreet as possible, infecting users’ systems without them noticing that anything is amiss.

This third installment of ‘The evolution of viruses’ will look at how the Internet and e-mail changed the propagation techniques used by computer viruses.

Internet and e-mail revolutionized communications. However, as expected, virus creators didn’t take long to realize that along with this new means of communication, an excellent way of spreading their creations far and wide had also dawned. Therefore, they quickly changed their aim from infecting a few computers while drawing as much attention to themselves as possible, to damaging as many computers as possible, as quickly as possible. This change in strategy resulted in the first global virus epidemic, which was caused by the Melissa worm.

With the appearance of Melissa, the economic impact of a virus started to become an issue. As a result, users -above all companies- started to become seriously concerned about the consequences of viruses on the security of their computers. This is how users discovered antivirus programs, which started to be installed widely. However, this also brought about a new challenge for virus writers, how to slip past this protection and how to persuade users to run infected files.

The answer to which of these virus strategies was the most effective came in the form of a new worm: Love Letter, which used a simple but effective ruse that could be considered an early type of social engineering. This strategy involves inserting false messages that trick users into thinking that the message includes anything, except a virus. This worm’s bait was simple; it led users to believe that they had received a love letter.

This technique is still the most widely used. However, it is closely followed by another tactic that has been the center of attention lately: exploiting vulnerabilities in commonly used software. This strategy offers a range of possibilities depending on the security hole exploited. The first malicious code to use this method –and quite successfully- were the BubbleBoy and Kakworm worms. These worms exploited a vulnerability in Internet Explorer by inserting HTML code in the body of the e-mail message, which allowed them to run automatically, without needing the user to do a thing.

Vulnerabilities allow many different types of actions to be carried out. For example, they allow viruses to be dropped on computers directly from the Internet -such as the Blaster worm-. In fact, the effects of the virus depend on the vulnerability that the virus author tries to exploit.

In the early days of computers, there were relatively few PCs likely to contain “sensitive” information, such as credit card numbers or other financial data, and these were generally limited to large companies that had already incorporated computers into working processes.

In any event, information stored in computers was not likely to be compromised, unless the computer was connected to a network through which the information could be transmitted. Of course, there were exceptions to this and there were cases in which hackers perpetrated frauds using data stored in IT systems. However, this was achieved through typical hacking activities, with no viruses involved.

The advent of the Internet however caused virus creators to change their objectives, and, from that moment on, they tried to infect as many computers as possible in the shortest time. Also, the introduction of Internet services -like e-banking or online shopping- brought in another change. Some virus creators started writing malicious codes not to infect computers, but, to steal confidential data associated to those services.  Evidently, to achieve this, they needed viruses that could infect many computers silently.

Their malicious labor was finally rewarded with the appearance, in 1986, of a new breed of malicious code generically called “Trojan Horse”, or simply “Trojan”. This first Trojan was called PC-Write and tried to pass itself off as the shareware version of a text processor. When run, the Trojan displayed a functional text processor on screen. The problem was that, while the user wrote, PC-Write deleted and corrupted files on the computers’ hard disk.

After PC-Write, this type of malicious code evolved very quickly to reach the stage of present-day Trojans. Today, many of the people who design Trojans to steal data cannot be considered virus writers but simply thieves who, instead of using blowtorches or dynamite have turned to viruses to commit their crimes. Ldpinch.W or the Bancos or Tolger families of Trojans are examples of this

Even though none of them can be left aside, some particular fields of computer science have played a more determinant role than others with regard to the evolution of viruses. One of the most influential fields has been the development of programming languages.

These languages are basically a means of communication with computers in order to tell them what to do. Even though each of them has its own specific development and formulation rules, computers in fact understand only one language called "machine code".

Programming languages act as an interpreter between the programmer and the computer. Obviously, the more directly you can communicate with the computer, the better it will understand you, and more complex actions you can ask it to perform.

According to this, programming languages can be divided into "low and high level" languages, depending on whether their syntax is more understandable for programmers or for computers. A "high level" language uses expressions that are easily understandable for most programmers, but not so much for computers. Visual Basic and C are good examples of this type of language.

On the contrary, expressions used by "low level" languages are closer to machine code, but are very difficult to understand for someone who has not been involved in the programming process. One of the most powerful, most widely used examples of this type of language is "assembler".

In order to explain the use of programming languages through virus history, it is necessary to refer to hardware evolution. It is not difficult to understand that an old 8-bit processor does not have the power of modern 64-bit processors, and this of course, has had an impact on the programming languages used.

In this and the next installments of this series, we will look at the different programming languages used by virus creators through computer history:

- Virus antecessors: Core Wars

As was already explained in the first chapter of this series, a group of programs called Core Wars, developed by engineers at an important telecommunications company, are considered the antecessors of current-day viruses. Computer science was still in the early stages and programming languages had hardly developed. For this reason, authors of these proto-viruses used a language that was almost equal to machine code to program them.

Curiously enough, it seems that one of the Core Wars programmers was Robert Thomas Morris, whose son programmed -years later- the "Morris worm". This malicious code became extraordinarily famous since it managed to infect 6,000 computers, an impressive figure for 1988.

- The new gurus of the 8-bits and the assembler language.

The names Altair, IMSAI and Apple in USA and Sinclair, Atari and Commodore in Europe, bring memories of times gone by, when a new generation of computer enthusiasts "fought" to establish their place in the programming world. To be the best, programmers needed to have profound knowledge of machine code and assembler, as interpreters of high-level languages used too much run time. BASIC, for example, was a relatively easy to learn language which allowed users to develop programs simply and quickly. It had however, many limitations.

This caused the appearance of two groups of programmers: those who used assembler and those who turned to high-level languages (BASIC and PASCAL, mainly).

Computer aficionados of the time enjoyed themselves more by programming useful software than malware. However, 1981 saw the birth of what can be considered the first 8-bit virus. Its name was "Elk Cloner", and was programmed in machine code. This virus could infect Apple II systems and displayed a message when it infected a computer.

Computer viruses evolve in much the same way as in other areas of IT. Two of the most important factors in understanding how viruses have reached their current level are the development of programming languages and the appearance of increasingly powerful hardware.

In 1981, almost at the same time as Elk Kloner (the first virus for 8-bit processors) made its appearance, a new operating system was growing in popularity. Its full name was Microsoft Disk Operating System, although computer buffs throughout the world would soon refer to it simply as DOS.

DOS viruses

The development of MS DOS systems occurred in parallel to the appearance of new, more powerful hardware. Personal computers were gradually establishing themselves as tools that people could use in their everyday lives, and the result was that the number of PCs users grew substantially. Perhaps inevitably, more users also started creating viruses. Gradually, we witnessed the appearance of the first viruses and Trojans for DOS, written in assembler language and demonstrating a degree of skill on the part of their authors.

Far less programmers know assembler language than are familiar with high-level languages that are far easier to learn. Malicious code written in Fortran, Basic, Cobol, C or Pascal soon began to appear. The last two languages, which are well established and very powerful, are the most widely used, particularly in their TurboC and Turbo Pascal versions. This ultimately led to the appearance of “virus families”: that is, viruses that are followed by a vast number of related viruses which are slightly modified forms of the original code.

Other users took the less ‘artistic’ approach of creating destructive viruses that did not require any great knowledge of programming. As a result, batch processing file viruses or BAT viruses began to appear.

Win16 viruses

The development of 16-bit processors led to a new era in computing. The first consequence was the birth of Windows, which, at the time, was just an application to make it easier to handle DOS using a graphic interface.

The structure of Windows 3.xx files is rather difficult to understand, and the assembler language code is very complicated, as a result of which few programmers initially attempted to develop viruses for this platform. But this problem was soon solved thanks to the development of programming tools for high-level languages, above all Visual Basic. This application is so effective that many virus creators adopted it as their ‘daily working tool’. This meant that writing a virus had become a very straightforward task, and viruses soon appeared in their hundreds. This development was accompanied by the appearance of the first Trojans able to steal passwords. As a result, more than 500 variants of the AOL Trojan family -designed to steal personal information from infected computers-  were identified.

This seventh edition on the history of computer viruses will look at how the development of Windows and Visual Basic has influenced the evolution of viruses, as with the development of these, worldwide epidemics also evolved such as the first one caused by Melissa in 1999.

While Windows changed from being an application designed to make DOS easier to manage to a 32-bit platform and operating system in its own right, virus creators went back to using assembler as the main language for programming viruses.

Versions 5 and 6 of Visual Basic (VB) were developed, making it the preferred tool, along with Borland Delphi (the Pascal development for the Windows environment), for Trojan and worm writers. Then, Visual C, a powerful environment developed in C for Windows, was adopted for creating viruses, Trojans and worms. This last type of malware gained unusual strength, taking over almost all other types of viruses. Even though the characteristics of worms have changed over time, they all have the same objective: to spread to as many computers as possible, as quickly as possible.

With time, Visual Basic became extremely popular and Microsoft implemented part of the functionality of this language as an interpreter capable of running script files with a similar syntax.

At the same time as the Win32 platform was implemented, the first script viruses also appeared: malware inside a simple text file. These demonstrated that not only executable files (.EXE and .COM files) could carry viruses. As already seen with BAT viruses, there are also other means of propagation, proving the saying "anything that can be executed directly or through a interpreter can contain malware." To be specific, the first viruses that infected the macros included in Microsoft Office emerged. As a result, Word, Excel, Access and PowerPoint become ways of spreading ‘lethal weapons’, which destroyed information when the user simply opened a document.

Melissa and self-executing worms

The powerful script interpreters in Microsoft Office allowed virus authors to arm their creations with the characteristics of worms. A clear example is Melissa, a Word macro virus with the characteristics of a worm that infects Word 97 and 2000 documents. This worm automatically sends itself out as an attachment to an e-mail message to the first 50 contacts in the Outlook address book on the affected computer. This technique, which has unfortunately become very popular nowadays, was first used in this virus which, in 1999, caused one of the largest epidemics in computer history in just a few days. In fact, companies like Microsoft, Intel or Lucent Technologies had to block their connections to the Internet due to the actions of Melissa.

The technique started by Melissa was developed in 1999 by viruses like VBS/Freelink, which unlike its predecessor sent itself out to all the contacts in the address book on the infected PC. This started a new wave of worms capable of sending themselves out to all the contacts in the Outlook address book on the infected computer. Of these, the worm that most stands out from the rest is VBS/LoveLetter, more commonly known as ‘I love You’, which emerged in May 2000 and caused an epidemic that caused damage estimated at 10,000 million euros. In order to get the user’s attention and help it to spread, this worm sent itself out in an e-mail message with the subject ‘ILOVEYOU’ and an attached file called ‘LOVE-LETTER-FOR-YOU.TXT.VBS’. When the user opened this attachment, the computer was infected.

As well as Melissa, in 1999 another type of virus emerged that also marked a milestone in virus history. In November of that year, VBS/BubbleBoy appeared, a new type of Internet worm written in VB Script. VBS/BubbleBoy was automatically run without the user needing to click on an attached file, as it exploited a vulnerability in Internet Explorer 5 to automatically run when the message was opened or viewed. This worm was followed in 2000 by JS/Kak.Worm, which spread by hiding behind Java Script in the auto-signature in Microsoft Outlook Express, allowing it to infect computers without the user needing to run an attached file. These were the first samples of a series of worms, which were joined later on by worms capable of attacking computers when the user is browsing the Internet.



Monday, May 28, 2012


No Text Icons

If you would like your desktop Icons to have no text underneath then try this tweak:

Right click the icon and select "Rename"

Now hold the "Alt" key and type "255" and hit Enter

NOTE : It may only work with the keypad numbers and not the number keys on top of the keyboard.



How To: Change Your Ip In Less Then 1 Minute

How To: Change Your Ip In Less Then 1 Minute

1. Click on "Start" in the bottom left hand corner of screen
2. Click on "Run"
3. Type in "command" and hit ok

You should now be at an MSDOS prompt screen.

4. Type "ipconfig /release" just like that, and hit "enter"
5. Type "exit" and leave the prompt
6. Right-click on "Network Places" or "My Network Places" on your desktop.
7. Click on "properties"

You should now be on a screen with something titled "Local Area Connection", or something close to that, and, if you have a network hooked up, all of your other networks.

8. Right click on "Local Area Connection" and click "properties"
9. Double-click on the "Internet Protocol (TCP/IP)" from the list under the "General" tab
10. Click on "Use the following IP address" under the "General" tab
11. Create an IP address (It doesn't matter what it is. I just type 1 and 2 until i fill the area up).
12. Press "Tab" and it should automatically fill in the "Subnet Mask" section with default numbers.
13. Hit the "Ok" button here
14. Hit the "Ok" button again

You should now be back to the "Local Area Connection" screen.

15. Right-click back on "Local Area Connection" and go to properties again.
16. Go back to the "TCP/IP" settings
17. This time, select "Obtain an IP address automatically"
18. Hit "Ok"
19. Hit "Ok" again
20. You now have a new IP address

With a little practice, you can easily get this process down to 15 seconds.

NOTE:This only changes your dynamic IP address, not your ISP/IP address. If you plan on hacking a website with this trick be extremely careful, because if they try a little, they can trace it back



Sunday, May 27, 2012

Standard Original IBM POST Error Codes

After repeated requests for beep codes i have decided to post them here maybe they could be pinned

Standard Original IBM POST Error Codes
Code Description

1 short beep System is OK
2 short beeps POST Error - error code shown on screen No beep Power supply or system board problem Continuous beep Power supply, system board, or keyboard problem Repeating short beeps Power supply or system board problem
1 long, 1 short beep System board problem
1 long, 2 short beeps Display adapter problem (MDA, CGA)
1 long, 3 short beeps Display adapter problem (EGA)
3 long beeps 3270 keyboard card
IBM POST Diagnostic Code Descriptions
Code Description
100 - 199 System Board
200 - 299 Memory
300 - 399 Keyboard
400 - 499 Monochrome Display
500 - 599 Colour/Graphics Display
600 - 699 Floppy-disk drive and/or Adapter
700 - 799 Math Coprocessor
900 - 999 Parallel Printer Port
1000 - 1099 Alternate Printer Adapter
1100 - 1299 Asynchronous Communication Device, Adapter, or Port
1300 - 1399 Game Port
1400 - 1499 Colour/Graphics Printer
1500 - 1599 Synchronous Communication Device, Adapter, or Port
1700 - 1799 Hard Drive and/or Adapter
1800 - 1899 Expansion Unit (XT)
2000 - 2199 Bisynchronous Communication Adapter
2400 - 2599 EGA system-board Video (MCA)
3000 - 3199 LAN Adapter
4800 - 4999 Internal Modem
7000 - 7099 Phoenix BIOS Chips
7300 - 7399 3.5" Disk Drive
8900 - 8999 MIDI Adapter
11200 - 11299 SCSI Adapter
21000 - 21099 SCSI Fixed Disk and Controller
21500 - 21599 SCSI CD-ROM System

AMI BIOS Beep Codes
Code Description

1 Short Beep System OK
2 Short Beeps Parity error in the first 64 KB of memory
3 Short Beeps Memory failure in the first 64 KB
4 Short Beeps Memory failure in the first 64 KB Operational of memory
or Timer 1 on the motherboard is not functioning
5 Short Beeps The CPU on the motherboard generated an error
6 Short Beeps The keyboard controller may be bad. The BIOS cannot switch to protected mode
7 Short Beeps The CPU generated an exception interrupt
8 Short Beeps The system video adapter is either missing, or its memory is faulty
9 Short Beeps The ROM checksum value does not match the value encoded in the BIOS
10 Short Beeps The shutdown register for CMOS RAM failed
11 Short Beeps The external cache is faulty
1 Long, 3 Short Beeps Memory Problems
1 Long, 8 Short Beeps Video Card Problems

Phoenix BIOS Beep Codes
Note - Phoenix BIOS emits three sets of beeps, separated by a brief pause.

Code Description
1-1-3 CMOS read/write failure
1-1-4 ROM BIOS checksum error
1-2-1 Programmable interval timer failure
1-2-2 DMA initialisation failure
1-2-3 DMA page register read/write failure
1-3-1 RAM refresh verification failure
1-3-3 First 64k RAM chip or data line failure
1-3-4 First 64k RAM odd/even logic failure
1-4-1 Address line failure first 64k RAM
1-4-2 Parity failure first 64k RAM
2-_-_ Faulty Memory
3-1-_ Faulty Motherboard
3-2-4 Keyboard controller Test failure
3-3-4 Screen initialisation failure
3-4-1 Screen retrace test failure
3-4-2 Search for video ROM in progress
4-2-1 Timer tick interrupt in progress or failure
4-2-2 Shutdown test in progress or failure
4-2-3 Gate A20 failure
4-2-4 Unexpected interrupt in protected mode
4-3-1 RAM test in progress or failure>ffffh
4-3-2 Faulty Motherboard
4-3-3 Interval timer channel 2 test or failure
4-3-4 Time of Day clock test failure
4-4-1 Serial port test or failure
4-4-2 Parallel port test or failure
4-4-3 Math coprocessor test or failure
Low 1-1-2 System Board select failure
Low 1-1-3 Extended CMOS RAM failure



Wednesday, May 23, 2012


In this post I will show you how to change the background color and text letters in cmd(command prompt)

Open cmd by pressing WIN + R or RUN command and type cmd

Command prompt will be opened and in that type color z and hit enter

A list of commands will appear select the command for the desired color and press enter