Actions by Trojans
Most malware and Trojan horses have one thing in common when they succeed in infecting Windows, Mac or Linux operating systems, and that is to steal personal and valuable information. They log or record the activity on the computer when browsing, playing games, chatting or any computing activity that uses login credentials. Note that some Trojans targets online banking activities only while others will target specific online games.
When a Trojan is executed, it performs some actions on the operating system and starts to infect the computer. The actions by Trojans may vary because there are several types of Trojan horses. In most cases, they will add as startup item, install a rootkit which is a hidden file, and add a value in the Winlogon registry keys so that it will load as soon as Windows loads the desktop--and then attempt to make a network connection to the attacker’s location.
Another action by some Trojans is to modify current settings in Windows such as changing the desktop background, disabling access to important utilities in Windows [Task Manager, Startup Configuration (MSCONFIG) and Registry Editor], disable antivirus and firewall protections, inserts browser add-ons, hijacks the home and search pages, and changes the settings on how files and folders are displayed by hiding where the Trojan adds itself.