Trojan horse-------------------> really hard to face this virus

In the context of computing and software, a Trojan horse, or simply trojan, is a piece of software which appears to perform a certain action but in fact performs another. Contrary to popular belief, this action, usually encoded in a hidden payload, may or may not be acutely malicious, but Trojan horses are notorious today for their use in the installation of backdoor programs. Simply put, a Trojan horse is not a computer virus. Unlike such badware, it does not propagate by self-replication but relies heavily on the exploitation of an end-user (see Social engineering). It is instead a categorical attribute which can encompass many different forms of codes. Therefore, a computer worm or virus may be a Trojan horse. The term is derived from the classical myth of the Trojan Horse.
In the field of computer architecture, 'Trojan Horse' can also refer to security loopholes that allow kernel code to access anything for which it is not authorized
------------------------------------------------------------------------------------------------

Types of Trojan horse payloads
Trojan horse payloads are almost always designed to do various harmful things, but can also be harmless. They are broken down in classification based on how they breach and damage systems. The nine main types of Trojan horse payloads are:
Remote Access.
Email Sending
Data Destruction
Downloader
Proxy Trojan (disguising others as the infected computer)
FTP Trojan (adding or copying data from the infected computer)
Security software disabler
Denial-of-service attack (DoS)
URL trojan (directing the infected computer to only connect to the internet via an expensive dial-up connection)
Some examples of damage are:
erasing or overwriting data on a computer
encrypting files in a cryptoviral extortion attack
corrupting files in a subtle way
upload and download files
allowing remote access to the victim's computer. This is called a RAT (remote administration tool)
spreading other malware, such as viruses: this type of Trojan horse is called a 'dropper' or 'vector'
setting up networks of zombie computers in order to launch DDoS attacks or send spam.
spying on the user of a computer and covertly reporting data like browsing habits to other people (see the article on spyware)
making screenshots
logging keystrokes to steal information such as passwords and credit card numbers
phishing for bank or other account details, which can be used for criminal activities
installing a backdoor on a computer system
opening and closing CD-ROM tray
harvesting e-mail addresses and using them for spam
restarting the computer whenever the infected program is started
deactivating or interfering with anti-virus and firewall programs
deactivating or interfering with other competing forms of malware
randomly shutting off your computer
Methods of infection
The majority of Trojan horse infections occur because the user was tricked into running an infected program. This is why it is advised not to open unexpected attachments on emails -- the program is often a cute animation or an image, but behind the scenes it infects the computer with a Trojan or worm. The infected program doesn't have to arrive via email; it can be sent in an Instant Message, downloaded from a Web site or by FTP, or even delivered on a CD or floppy disk. (Physical delivery is uncommon, but if one were the specific target of an attack, it would be a fairly reliable way to infect a computer.) Furthermore, an infected program could come from someone who sits down at a computer and loads it manually. However, receiving a Trojan in this manner is very rare. It is usually received through a download.

Road apple
A road apple is a real-world variation of a Trojan Horse that uses physical media and relies on the curiosity of the victim. The attacker leaves a malware-infected floppy disc, CD ROM or USB flash drive in a location sure to be found or that is commonly visited, gives it a legitimate looking label and then waits in the hopes that someone will eventually use it. An example of this would be to get the corporate logo from the web site of the software that is infected and affixing a legitimate-looking label (e.g. "Employee Salaries Summary FY06") for the infected physical media.

Methods of deletion
Since Trojan horses have a variety of forms, there is no single method to delete them. The simplest responses involve clearing the temporary internet files on a computer, or finding the file and deleting it manually. Normally, anti-virus software is able to detect and remove the trojan automatically. If the antivirus cannot find it, Rebooting the computer in Safemode (with or without networking) and running an antivirus scan may find the Rat and then the trojan could be deleted.[edit] Types of Trojan horse payloads
Trojan horse payloads are almost always designed to do various harmful things, but can also be harmless. They are broken down in classification based on how they breach and damage systems. The nine main types of Trojan horse payloads are:
Remote Access.
Email Sending
Data Destruction
Downloader
Proxy Trojan (disguising others as the infected computer)
FTP Trojan (adding or copying data from the infected computer)
Security software disabler
Denial-of-service attack (DoS)
URL trojan (directing the infected computer to only connect to the internet via an expensive dial-up connection)
Some examples of damage are:
erasing or overwriting data on a computer
encrypting files in a cryptoviral extortion attack
corrupting files in a subtle way
upload and download files
allowing remote access to the victim's computer. This is called a RAT (remote administration tool)
spreading other malware, such as viruses: this type of Trojan horse is called a 'dropper' or 'vector'
setting up networks of zombie computers in order to launch DDoS attacks or send spam.
spying on the user of a computer and covertly reporting data like browsing habits to other people (see the article on spyware)
making screenshots
logging keystrokes to steal information such as passwords and credit card numbers
phishing for bank or other account details, which can be used for criminal activities
installing a backdoor on a computer system
opening and closing CD-ROM tray
harvesting e-mail addresses and using them for spam
restarting the computer whenever the infected program is started
deactivating or interfering with anti-virus and firewall programs
deactivating or interfering with other competing forms of malware
randomly shutting off your computer

Methods of infection
The majority of Trojan horse infections occur because the user was tricked into running an infected program. This is why it is advised not to open unexpected attachments on emails -- the program is often a cute animation or an image, but behind the scenes it infects the computer with a Trojan or worm. The infected program doesn't have to arrive via email; it can be sent in an Instant Message, downloaded from a Web site or by FTP, or even delivered on a CD or floppy disk. (Physical delivery is uncommon, but if one were the specific target of an attack, it would be a fairly reliable way to infect a computer.) Furthermore, an infected program could come from someone who sits down at a computer and loads it manually. However, receiving a Trojan in this manner is very rare. It is usually received through a download.

Road apple
A road apple is a real-world variation of a Trojan Horse that uses physical media and relies on the curiosity of the victim. The attacker leaves a malware-infected floppy disc, CD ROM or USB flash drive in a location sure to be found or that is commonly visited, gives it a legitimate looking label and then waits in the hopes that someone will eventually use it. An example of this would be to get the corporate logo from the web site of the software that is infected and affixing a legitimate-looking label (e.g. "Employee Salaries Summary FY06") for the infected physical media.

Methods of deletion
Since Trojan horses have a variety of forms, there is no single method to delete them. The simplest responses involve clearing the temporary internet files on a computer, or finding the file and deleting it manually. Normally, anti-virus software is able to detect and remove the trojan automatically. If the antivirus cannot find it, Rebooting the computer in Safemode (with or without networking) and running an antivirus scan may find the Rat and then the trojan could be deleted.