There are several types of trojans that differ in the way they act on an infected computer. According to Kaspersky classification, there are Backdoor trojans, Password-Stealing-Ware (PSW) Trojans, Trojan Clickers, Trojan Downloaders, Trojan Droppers, Trojan Proxies, Trojan Spies, Combined-action trojans, Rootkits, ArcBombs, and Trojan-Notifiers.

Backdoor Trojans
These are meant to grant a hacker remote access to an infected computer. Its only destructive function consists in executing different kinds of installations without warning the user. This way many a file can be downloaded, deleted and copied, other malware can easily be downloaded and executed. User may be completely unaware of the trojan existence, until he or she uses an anti-spyware software.

Password-Stealing-Ware (PSW) Trojans
This class of trojans steals user's system passwords, like passwords for MS Office, MS Windows. They may also steal online game passwords, IP address, type of mail client, phone numbers and other data stored in Outlook contacts. Numerous PSW trojans that steal information about AOL netowork access codes form a separate group of Trojans-AOL.

Trojan Clickers
This is a group of programs whose main function is to make unauthorised requests to web pages. These trojans either send the corresponding commands to the browser, or replace system files containing "standard" web addresses (like hosts in MS Windows).

Trojan Downloaders
These trojans serve as download bots that copy and install new trojans or adware to the infected computer. Downloaded malware may be executed immediately after it has been copied to the hard drive, or sometimes at the system startup after being placed to the autorun section in the registry, without user's knowing about it.

Trojan Droppers
Such trojans are devised to secretly install viruses or other trojans on an infected computer while distracting user's attention by displaying the "working" part of the program. The main code extracts its component files, writes them on to the hard drive and runs them, while the "bait" is working. Some anti-virus and anti-spyware programs have difficulty identifying such trojans because of their structural complexity.

Trojan Proxies
These trojans usually gain anonymous access to web resources by setting up connections via proxy servers. Trojan Proxies are often used to send out spam.

Trojan Spies
Keyloggers may be the synonym of this class of trojans. They spy on the user: keyboard input, screenshots, active program list  and user actions may be stolen and are occasionally sent to the hacker. These are very common trojans used for stealing personal data and passwords for online payment processors and bank accounts.

Rootkits
Originally used to describe a set of tools to gain root permissions on UNIX systems, rootkits came to denote programs that hide object presence on the infected system. Thus, bad processes, registry keys and files can be easily hidden from the user's and anti-virus eyes.

ArcBombs
ArcBombs are "archive bombs" that cause unexpected behavior of archive software, which may result in disk filling and degrading of computer performance. If a mail or file server catches the trojan, it may go out of order for quite a long time. An archive may be an arcBomb if it has an incorrect archive header, repeated data and identical files. To think of it, 5 GB data may be packed to a 200 KB RAR archive or 480 KB ZIP archive! Moreover, you can pack identical 10¹⁰⁰ files to 30 KB RAR and 239 KB ZIP archive!


Trojan-Notifiers
These programs notify their "host" about a successfully infected computer. When notifying, the trojan may also send private data like IP address, open port number, e-mail address, etc. The host may be notified either via e-mail, or a special request to a web page, or ICQ/AIM message.