Teceze Blog
Trojan vs Virus vs Worm | What is the difference?
If the subject of a computer virus comes up, the most popular blunder people do is to refer to a worm or trojan horse as a virus. Although the terms Trojan, worm and virus are often used interchangeably, they are not similar. Viruses, worms, and trojan horses are all malicious programs that can damage your computer, but there are differences between the three, and knowing these differences can help you better protect your computer from their often-harmful effects.
What is a Virus?
A computer virus is a small programme written to modify the function of a machine, without the user’s permission or knowledge. A virus must fulfil two criteria:
- It must work itself out. Sometimes, it can put its own code in another programme's execution path.
- It has got to reproduce itself. It may, for instance, replace other executable files with a copy of the infected virus file. Viruses may infect both desktop computers and network servers.
Many viruses are engineered by modifying programmes, removing files, or reformatting the hard drive to destroy the computer. Others are not intended to do any harm, but simply to replicate themselves and make their presence known through the presentation of text, video, and audio. Only these innocuous viruses can cause computer users problems. Typically, they suck up machine memory that legitimate programmes use. Consequently, they often cause erratic behaviour and can lead to system crash. Moreover, many viruses are bug-ridden, and these bugs can lead to machine crashes and data loss.
There are five types of viruses which are recognised –
1. Master boot to file viruses
Master boot record viruses are memory-resident viruses that infect discs in the same way as viruses in the boot field. The distinction between those two forms of the virus is the position of the viral code. Master boot recording infectors usually save in a different location a valid copy of the master boot record. Windows NT computers which are compromised either by viruses in the boot sector or by viruses in the master boot sector do not boot. This is because of the difference in the way the OS accesses its boot information compared to Windows 95/98. Typically, you can uninstall the virus by booting to DOS and using antivirus software when your Windows NT systems are configured with FAT partitions. If the partition for booting is NTFS, the device must be recovered using the three Windows NT Setup discs. The NYB, AntiExe, and Unashamed are examples of master boot record infectors.
2. Macro-virus
Viruses of these types infect data files. We are the most successful and spend the most money and resources attempting to restore the businesses. With the advent of Visual Basic in Microsoft’s Office 97, it is possible to write a macro virus that not only infects data files but can also infect other files. Macro viruses attack Microsoft Office files such as Word, Excel, PowerPoint, and Access. Fresh strains are now also found in other programmes. Both viruses use the internal programming language of another programme which was designed to allow users to automate certain tasks within the programme.
3. File viruses with an infector
Infector viruses infect files with the software. These viruses usually attack executable code, such as files from.com and.exe. They can infect other files when a programme is running from a floppy, hard drive, or network connexion. Many of these viruses are resident on memory. Any uninfected executable which runs becomes infected after the memory becomes infected. Types of infector viruses with known files include Jerusalem and Cascade.
4. Viruses in the Boot Sector
Viruses in the boot sector infect a disc system area — that is, the boot record on floppy discs and hard discs. All floppy disks and hard discs (including data-only discs) contain a small programme in the boot record running when the computer starts. Boot sector viruses bind to this section of the disc and trigger when the user attempts to boot from the infected disc. Such viruses are still in fact resident in memory. Most were written for DOS, but all PCs are possible targets of this type of virus, irrespective of the operating system. All you need to get infected is to try to start your machine with an infected floppy disc afterward because the virus stays in memory, all non-writing-protected floppy discs will get infected when you touch the floppy disc. Examples of viruses in the boot sector include Form, Disk Killer, Michelangelo, and Stoned.
5. Multisectoral viruses
Multipartite viruses (also called polypartite) infect all boot records and programme files. They are particularly tough to fix. The boot area will be reinjected, if the boot area is cleaned but the files are not. The same applies to the cleaning up of contaminated files. If the virus is not removed from the boot region it will reinject any files you have cleaned. One Half, Emperor, Anthrax, and Tequilla are examples of multipartite viruses.
What is a Worm?
By design, a worm is like a virus and is considered to be a virus subclass. Worms spread from computer to computer, but it has the ability to travel without any human action, unlike a virus. A worm takes advantage of your system’s file or information transport features, which is what allows it to travel unassisted.
The greatest danger with a worm is its ability to reproduce itself on your machine, so it could send hundreds or thousands of copies of itself, rather than your computer sending out a single worm, causing a massive devastating effect. For example, a worm will send a copy of itself to everyone mentioned in your e-mail address book. The worm then replicates and sends itself out to everybody listed in the address book of each receiver, and the manifest continues down the line.
Because of a worm’s copying nature and its ability to travel across networks, in most cases the result is that the worm consumes too much system memory (or network bandwidth), Stopping Web Servers, Network Servers and Human Computers. In recent worm attacks like the much talked about Blaster Worm, the worm is designed to tunnel into your machine and allow malicious users to remotely control your computer.
What is a Trojan horse?
A Trojan Horse is capable of just as much trickery as it was called after the mythological Trojan Horse. The Trojan Horse will appear to be a useful software at first glance but will do damage once it has been installed or running on your computer. Those on a Trojan Horse’s receiving end are usually tricked into opening them, because they seem to receive legitimate software or files from a legitimate source.
The results can vary when a Trojan is enabled on your computer. Some Trojans are designed to be more annoying than to be malicious (such as changing your desktop, adding stupidly active desktop icons) or they can cause serious damages by deleting files and destroying your system’s information. Trojans are also known to create a backdoor on your computer that allows malicious users to access your system and potentially lead to compromising confidential or personal information. Unlike viruses and worms, Trojans neither reproduce nor self-replicate by infecting other files.
Difference between Virus, Worm and Trojan Horse:
| Virus | Worm | Trojan Horse |
|---|---|---|
The rate of viral spread is moderate. | While worm spread rate is faster than virus and Trojan horse. | And Trojan horse spreading rate is slow as compared to both viruses and worms. |
Virus lets itself replicate. | Worms replicates themselves, as well. | But Trojan horse is not self-replicating. |
Viruses are transmitted into an executable format. | Worms are executed in system through weaknesses. | Trojan horse runs through a system and interprets it as applications for utility use. |
Virus is a computer programme or software that connects to another software or computer programme to damage the computer system. | Worms duplicate themselves to allow computer system to slow down. | Trojan Horse collects any valuable knowledge about an operating programme or computer network, rather than replicating it. |
Virus' main purpose is in modifying information. | The key aim of worms is to consume food from the environment. | Trojan horse's main purpose is stealing the information. |
Virus is not remote-controllable. | Worms are remote-controllable. | Like worms, Trojan horse can also be remotely controlled. |
The only way to protect what you’ve worked hard to build is to be vigilant when it comes to cybersecurity. If you’d like to know more about how your business can benefit from managed services, just give us a call, we are here to help.
