At the highest level, a computer virus just like a biological one requires human interaction to spread. A Worm is like an advanced virus in that doesn’t require any further human interaction to spread. A Trojan is the legitimate-looking ‘packaging’ they are delivered in, such as a word document or pdf.
To unpack this high level understanding, a virus requires human contact to spread. For example, a human sends an email with an infected link or attachment. Another human opens that attachment and their computer becomes infected. For it to spread from there, that human has to include the infected attachment or provide the link in say another email, and another human has to open it and so on.
A worm does not need human interaction to spread. It tunnels through computer systems and networks independently, similarly to how a live worm tunnels independently through wood or the ground. A worm can be thought of as an advanced virus. Like a virus, which runs a malicious set of code, a worm’s code additionally includes instructions to replicate itself onto other vulnerable machines.
The effect of the virus or worm (malicious payload) can range from nil to destructive, again just like a biological one, depending on what it is designed to do. It may do anything from steal to corrupt to delete or lock off files by encrypting them, take over our machine’s resources to use as part of a grid or army of computing power to use in attacks against others (botnet), or alter the functioning of the machine or device, and even stop it functioning.