Difference between virus and trojan?

Question

To my current understanding:

• A virus is a program that does not self replicate and relies on the host file being spread. It has malicious intent.

• A trojan is a program that is run by deceiving the user into appearing to be something legitimate, but has malicious intent.

How are these different? To get a user to install a virus doesn't it always require appearing as something legitimate?

Or does a trojan program run as expected so for example if it was a game it would work fine but have done something malicious without the user knowing, whereas a virus wouldn't?

Can anybody clarify this for me?

Answer 1

Traditionally a virus is malware which uses the infected host to replicate itself to other systems, i.e. by infecting files which might get shared, copying itself to network drives or USB sticks. It gets usually not knowingly executed by the user but gets executed when the user opens an infected file, runs an infected program etc.

A trojan is a malware which claims to be something different, like some malware claiming to be a virus scanner. It counts on the user to execute it knowingly by believing what the software claims to be.

In common language often any kind of malware is simply called virus, i.e. real viruses, trojans, ransomware etc. For example a virus scanner also cares about all types of malware, not only viruses.

Answer 2

These terms have a great deal of overlap and should not be understood to be mutually exclusive of each other.

The vocabulary used to describe different forms of malicious software developed organically as researchers described what they were finding to each other as well as distilling the concepts into recognizable terms for people unfamiliar with computers.

Answer 3

In simple words,

What Is a Virus?

It's a piece of code that attaches itself to a program or file enabling it to spread to several computers, and infecting computers as it spreads. Like a human virus basically.

What is a Trojan

A Trojan is a harmful piece of software that looks legitimate. Users are typically tricked into loading and executing it on their systems. After it is activated, it can achieve any number of attacks on the host. Trojans are also known to create back doors to give malicious users access to the system.

Answer 4

If you intentionally download something that turns out to be harmful or not what you were expecting, it's generally considered a Trojan. This is on account of the fact that you invited it inside your perimeter, as in the story of the Trojan Horse. This type of (potentially harmful) program is commonly downloaded via email attachment or sometimes attached to fake or pirated commercial software. It's often some form of key-logger or improvised remote administration tool designed to subvert the victims personal or financial privacy.

A virus is basically is generally semi-autonomous, self replicating, and usually designed to spread to as many machines as possible. It's not necessarily even harmful to infected hosts.

Viruses and Trojans aren't necessarily exclusive factions either. Theoretically, its possible to be both, if the criteria is met. They're just names assigned to generalised groups of attributes to facilitate easier communication of ideas.

Hope that helps.

Answer 5

A computer virus is malware that's capable of infecting a computer but has to rely on some other means to propagate. A true virus can spread from the infected computer to a non-infected computer only by attaching to some form of executable code that's passed between them. For example, a virus could be hidden in a PDF file attached to an e-mail message.

It's difficult to come up with a better definition for Trojan horse malware than Ed Skoudis and Lenny Zelter did in their book Malware: Fighting Malicious Code:

"A trojan horse is a program that appears to have some useful or benign purpose, but really masks some hidden malicious functionality." Trojan horse malware cloaks the destructive payload during installation and program execution, preventing anti-malware from recognizing the malcode. Some of the concealment techniques include:

Renaming the malware to resemble files that are normally present. Corrupting installed anti-malware to not respond when malware is located.

Using Polymorphic code to alter the malware's signature faster than the defensive software can retrieve new signature files.

Vundo is a prime example; it creates popup advertising for rogue anti-spyware programs, degrades system performance, and interferes with Web browsing. Typically, a malware scanner installed on a LiveCD is required to detect and remove it.

Answer 6

Viruses : Computer viruses attach themselves to files or programs, infecting each computer it comes across as it spreads –often through email attachments. They replicate themselves, and most come attached to an executable file, which means a person has to actually run the program for the virus to become active and spread. Some viruses are merely annoying and slow down your computer, while others can wreak havoc on your system.

Trojan Horses: Trojan Horses are sneaky: while they appear harmless, they really are programs that hide all sorts of malicious goodies, just like when the Greeks gave a huge wooden horse to their foes, the Trojans. After the horse was within the walls of their city, Greek soldiers came out of the hollow horse belly and they were able to capture Troy. Yikes. In computers, these horses are usually very successful in duping us, because at first glance they seem to be legitimate software. Once installed however, they can make mildly annoying changes to your computer, or they can go through and delete your files. Trojan Horses do not replicate themselves the way viruses and worms do

Answer 7

Trojan is a malicious program that doesn't have self replicating or spreading functions. It doesn't infect files and doesn't make copies to infect another computers. Tojans are usually delivered to victim's computer with other malicious programs, spam, exploits, worms, etc.

Virus is a self replicating program that attaches itself to common user executable files (applications, scripts, MS document, whatever) and changes its start code. So when you run infected file attached virus code will be executed at first and then original. It's one of possible scenarios.

Now answering you questions:

a virus is a program that does not self replicate and relies on the host file being spread, it has malicious intent.

No, viruses are always self replicating

A trojan is a program that is run be deceiving the user into appearing to be something legitimate and has malicious intent.

Not always.

How are these different? To get a user to install a virus doesn't it always require appearing as something legitimate.

Both malicious, but virus self replicates and trojan is spread by another ways(sometimes pretending to be a legitimate program).

Or does a trojan program run as expected so for example if it was a game it would work fine but have done something malicious without the user knowing. Where as a virus doesn't?

That is more like viruses do. You expect that you run for example Calculator and it runs, but before it starts virus does its "dirty" work.