Welcome to the new guide, from HACKERDEVIL on how do fucking trojans work... (Educational Porpuses Only) Well, to say the thruth trojans are shit, they are not used by hackers so if you enter some lamer pc, it doesn't mean u are an Elite or smth, it means you are beging to enter the great world of hackers, and u start here , as we all did. A trojan it is sometimes the same as trojan horse and sometimes not, because horse trojans may sometimes be a file that replaces for expample dd.exe(his) with dd.exe (yours), and when he executs dd.exe it will run a virus or something bad, but there are cases that the replaced file may also be a server file.... hard to understand... exaples and ingo trojan has 2 parts, a server & a client part, when u download a trojan, www.angelfire.com/ar/HDanzi/index.html you will notice that has 2 files, yeah right the server & the trojan, So you give the fucking server (which is called smth.smth and tell them to execute it so he will become the server part, like in a network the server gives the client part access to other or own server computer, so you use the client to gain access to the lamer's pc. there are many trojans the best known are: Netbus v1.56 v1.60 v1.70 Back Orifice Unix and Win95 Master's paradise and blalala well... rememer that there are always some lamer that puts a trojan section on his page, and puts only the server part so u as a lamer, download it and execute him, and he will enter, your pc. but perhaps you are wondering why he is knowing to know that i executed the server and my ip and who am i.. There are many plugins too: and they are going to tell, by using a little attachment to the server part by e-mail that u have executed it and your ip..... so when u download ensure the zip has at least 2 filez.......... there are tramps too, like netbuster this is a program that simulates smth, for exaple when someone intends to enter ur pc, with netbus (only), the program will simulate that the user has entered your pc, but instead the program will let you flood him with messages etc. or smth. when u execute the damn server, of course it will be hidden in order to make it difficult to the user to delete the server if he discoveres the trojan. in order to make the troajn/server loads every time the machines boot, the server load part is done by a line in the regestry, take a look.... being off line execute a trojan and i will explain ya how to remove it... 1st.execute the server part 2nd.go to run in the start menu 3erd.type regedit and go to =========================================== HKEY_LOCAL_MACHINE | | >Software | | microsoft < | >windows>current version>RUN =========================================== you will find a line with the trojan name, delete it, but by the time the server will still run, but when u reboot the server will not load, but to complete the operation go to (depending the trojan you execute) most of the trojans like netbus and others, install itself like explore.exe, patch.exe or something with a VB icon, in the c:\windows and delete it from d.o.s bec'u can't from win. but when you meet more intelligent guys like Cdc creators of back orifice, the server will install itself in a more difficult to find directory. c:\windows\system\ .exe so u also delete this, depending the trojan the file will always, with bo calls himself " .exe". another way to remove this fuckin are anti-virus. Go to my page at protection and there are many anti-virus free, and detects the trojan and remove it. there are many tecnics, but this one works too, download from h/p/v/a/c pages protecion programs against these trojans, anti-gen is the best. but the 1st way, to enter the regestry and deleting the line and file, is the best way, as i say knowledge is power that means that it is better to do things manually than to use another person's programme. www.angelfire.com/ar/HDanzi/index.html hackerdevil@iname.com By Hackerdevil