1. Overview
2. What does a Trojan do?
3. Detecting and Removing Trojans
4. Protecting against Trojans

1. Overview

   There are several common questions people ask about Trojans, and some common mistakes that they make when talking about malware in general, so I'll try to deal with those first.
   
   i. What is malware?
   
   Malware is the generic term often used to loosely describe all classes of "unwelcome" software. This basically can be said to include : Viruses, Worms, Trojans, and more recently Spyware.
   
   Sometimes the word malware is used interchangeably with any of these terms, but most commonly with the class of programs called Trojans. For the purposes of this article, I will deal exclusively with Trojans.
   
   ii. What is a Trojan?
   
   A Trojan, more properly a "Trojan horse" is a program that is usually delivered under the guise of another innocent program. It may or may not be malicious, damaging, compromising to security, annoying, or any number of things. Often they can combine any or all of those attributes. They can be carried by viruses, but it is important to realize that they are not in themselves viral.
   
   iii. Why isn't a Trojan a virus?
   
   Viruses can also be Trojans, but Trojans are not viruses.
   
   Confused yet? So is much of the world, and with more and more viruses being released with Trojan components - a good example is the Iworm.Badtrans virus - the distinction gets harder to define all the time.
   
   Basically, to be a virus, there must be a replicating portion of code.
   
   Trojans do not replicate, ergo, they are not viruses. If they did replicate they would be viruses!
   
   iv. Why is it called a Trojan?
   
   A long time ago in a galaxy far far...oops, sorry wrong story. Well, anyway, a long time ago, a writer called Homer, not the bald yellow guy, a different one, wrote a book called the Iliad.
   
   In the book he relates the story of the fall of Troy. What happened was this:
   
   The Greeks, deciding that they wanted to invade Troy, came up with an idea how to accomplish this. Troy was a strong city, and they knew that there was little point holding it to siege, so they built a big wooden horse and sent it to Troy as a gift. The people of Troy, the Trojans, thought this was a lovely gesture, and brought the horse into their city. Later that night, a couple of Greek warriors crawled from their hiding place in the belly of the wooden horse, and opened the gates of Troy to allow access to their buddies waiting outside. The Greek armies rushed in and captured the city.
   
   

2. What does a Trojan do?

   By definition a Trojan Horse does something other than it is advertised to. They arrive looking like something harmless and without asking or informing you, "drop" their "payload".
   
   A trojan's "payload" can be any number of things, the most "popular" Trojans are a class called "Backdoors". Without your knowledge, this type of Trojan opens up a "door" or "hole" in the security of your computer. (Often they exploit known vulnerabilities in common software)
   
   This can allow anything from your keystrokes being logged and sent to someone, your passwords or Credit Card details transmitted to third parties, to allowing someone to remotely control your machine across the Internet. These are probably the most common Trojans, and some well known "Backdoor" Trojans include SubSeven, Keylogger, BackOrifice (BO2K), and AOL Password Stealer.
   
   There are literally hundreds of such Trojans, a good listing can be found at the bottom of this page. There are other types of Trojans, with functions ranging from randomly opening folders or moving your mouse, to deleting random files or formatting your hard drives.
   
   This is another good reason that Trojans are distinguished from Viruses, to exist Viruses need to replicate, they don't wish to destroy themselves, Trojans have no such qualms, and will quite happily wipe themselves out along with all your data.
   
   

3. Detecting and Removing Trojans

   Detecting and Removing Trojans is often a tricky business. Some of them hook themselves deeply into the operating system, making them hard to remove safely.
   
   In recent times more and more companies have caught onto the idea that viruses are not the only threat to computer users, but that many viruses are now carrying Trojan portions.
   
   However, it's still probably wise to use a specific Trojan detector / cleaner to find or get rid of Trojans. There are a few of these programs about.
   
   For more information read Generic Detection Software in this site.
   
   Removal Tools for Viruses / Malware - Vendor List
   
   

4. Protecting against Trojans

   The best way to protect your computer from Trojans is not to do anything likely to allow one on to your system. Basically, if you don't run one, it won't compromise you. Have a look at the Safe-Hex guidelines on this site, diligent following of these rules will almost certainly ensure that you don't fall victim to a Trojan (or virus). If you do happen to pick one up, then having a personal firewall in place can help alert you to the fact, it can also prevent the Trojan from being effective by blocking access to it from external sources. Have a look at the firewall page on this site for more info.

Detection and Removal Instructions for Trojans [1] [2]