Back to Insights

Difference Between Viruses, Worms, and Trojan Horse

Cyber security 08/11/2020 - 12:24 by Swami Nathan

What is the Difference Between Viruses, Worms, and Trojan

If the subject of a computer virus comes up, the most popular blunder people make is to refer to a worm or trojan horse as a virus. Although the terms Trojan, worm, and virus are often used interchangeably, they are not similar. Viruses, worms, and trojan horses are all malicious programs that can damage your computer, but there are differences between the three, and knowing these differences can help you better protect your computer from their often-harmful effects.

What is a Virus?

A computer virus is a small program written to modify the function of a machine, without the user’s permission or knowledge. A virus must fulfill two criteria:

  1. It must work itself out. Sometimes, it can put its code in another program's execution path.
  2. It has got to reproduce itself. It may, for instance, replace other executable files with a copy of the infected virus file. Viruses may infect both desktop computers and network servers.

Many viruses are engineered by modifying programs, removing files, or reformatting the hard drive to destroy the computer. Others are not intended to do any harm, but simply to replicate themselves and make their presence known through the presentation of text, video, and audio. Only these innocuous viruses can cause computer users problems. Typically, they suck up machine memory that legitimate programs use. Consequently, they often cause erratic behavior and can lead to system crashes. Moreover, many viruses are bug-ridden, and these bugs can lead to machine crashes and data loss.

Five types of viruses are recognized –

1. Master boot to file viruses

Master boot record viruses are memory-resident Viruses that infect discs in the same way as viruses in the boot field. The distinction between those two forms of the virus is the position of the viral code. Master boot recording infectors usually save in a different location a valid copy of the master boot record. Windows NT computers which are compromised either by viruses in the boot sector or by viruses in the master boot sector do not boot. This is because of the difference in the way the OS accesses its boot information compared to Windows 95/98. Typically, you can uninstall the virus by booting to DOS and using antivirus software when your Windows NT systems are configured with FAT partitions. If the partition for booting is NTFS, the device must be recovered using the three Windows NT Setup discs. The NYB, AntiExe, and Unashamed are examples of master boot record infectors.

2. Macro-virus

Viruses of these types infect data files. We are the most successful and spend the most money and resources attempting to restore the businesses. With the advent of Visual Basic in Microsoft’s Office 97, it is possible to write a macro virus that not only infects data files but can also infect other files. Macro viruses attack Microsoft Office files such as Word, Excel, PowerPoint, and Access. Fresh strains are now also found in other programs. Both viruses use the internal programming language of another program which was designed to allow users to automate certain tasks within the program.

3. File viruses with an infector

Infector viruses infect files with the software. These viruses usually attack executable code, such as files from.com and.exe. They can infect other files when a program is running from a floppy, hard drive, or network connection. Many of these viruses are resident in memory. Any uninfected executable that becomes infected after the memory becomes infected. Types of infector viruses with known files include Jerusalem and Cascade.

4. Viruses in the Boot Sector

Viruses in the boot sector infect a disc system area — that is, the boot record on floppy discs and hard discs. All floppy disks and hard discs (including data-only discs) contain a small program in the boot record running when the computer starts. Boot sector viruses bind to this section of the disc and trigger when the user attempts to boot from the infected disc. Such viruses are still in fact resident in memory. Most were written for DOS, but all PCs are possible targets of this type of virus, irrespective of the operating system. All you need to get infected is to try to start your machine with an infected floppy disc afterward because the virus stays in memory, all non-writing-protected floppy discs will get infected when you touch the floppy disc. Examples of viruses in the boot sector include Form, Disk Killer, Michelangelo, and Stoned.

5. Multisectoral viruses

Multipartite viruses (also called polypartite) infect all boot records and program files. They are particularly tough to fix. The boot area will be reinjected if the boot area is cleaned but the files are not. The same applies to the cleaning up of contaminated files. If the virus is not removed from the boot region it will reinject any files you have cleaned. One Half, Emperor, Anthrax, and Tequilla are examples of multipartite viruses.

What is a Worm?

By design, a worm is like a virus and is considered to be a virus subclass. Worms spread from computer to computer, but they can travel without any human action, unlike a virus. A worm takes advantage of your system’s file or information transport features, which is what allows it to travel unassisted.

The greatest danger with a worm is its ability to reproduce itself on your machine, so it could send hundreds or thousands of copies of itself, rather than your computer sending out a single worm, causing a massive devastating effect. For example, a worm will send a copy of itself to everyone mentioned in your e-mail address book. The worm then replicates and sends itself out to everybody listed in the address book of each receiver, and the manifest continues down the line.

Because of a worm’s copying nature and its ability to travel across networks, in most cases the result is that the worm consumes too much system memory (or network bandwidth), Stopping Web Servers, Network Servers, and Human Computers. In recent worm attacks like the much talked about Blaster Worm, the worm is designed to tunnel into your machine and allow malicious users to remotely control your computer.

What is a Trojan horse?

A Trojan Horse is capable of just as much trickery as it was called after the mythological Trojan Horse. The Trojan Horse will appear to be useful software at first glance but will do damage once it has been installed or running on your computer. Those on a Trojan Horse’s receiving end are usually tricked into opening them because they seem to receive legitimate software or files from a legitimate source.

The results can vary when a Trojan is enabled on your computer. Some Trojans are designed to be more annoying than to be malicious (such as changing your desktop or adding stupidly active desktop icons) or they can cause serious damage by deleting files and destroying your system’s information. Trojans are also known to create a backdoor on your computer that allows malicious users to access your system and potentially lead to compromising confidential or personal information. Unlike viruses and worms, Trojans neither reproduce nor self-replicate by infecting other files.

Difference between Virus, Worm, and Trojan Horse:

VirusWormTrojan Horse

  1. The rate of viral spread is moderate.
  2. A virus lets itself replicate.
  3. Viruses are transmitted into an executable format.
  4. TAvirus is a computer program or software that connects to another software or computer program to damage the computer system.
  5. Viruses' main purpose is to modify information.
  6. The virus is not remote-controllable.

Worm

  1. While worm spread rate is faster than viruses and Trojan horses.
  2. Worms replicate themselves, as well.
  3. Worms are executed in the system through weaknesses.
  4. Worms duplicate themselves to allow computer systems to slow down.
  5. The key aim of worms is to consume food from the environment.
  6. Worms are remote-controllable.

Trojan Horse

  1. And Trojan horse spreading rate is slow as compared to both viruses and worms.
  2. But the Trojan horse is not self-replicating.
  3. Trojan horse runs through a system and interprets it as applications for utility use.
  4. Trojan Horse collects any valuable knowledge about an operating program or computer network, rather than replicating it.
  5. The Trojan Horse's main purpose is stealing information.
  6. Like worms, Trojan horses can also be remotely controlled.

The only way to protect what you’ve worked hard to build is to be vigilant when it comes to cybersecurity. If you’d like to know more about how your business can benefit from managed services, just give us a call, we are here to help.

Trojan horses are impostors--files that claim to be something desirable malicious. A very imp distinction virusesdo not replicate themselves, as viruses do.