Unsolicited program that "spies" on computer activity, including keystrokes, websites visited, passwords entered and other similar activities.
Unsolicited program that delivers advertisements to a desktop.
Unsolicited program that interferes with proper computer functionality, including crashing the system, redirecting to unintended website destinations and other similar functions.
Unsolicited program that performs any number of functions and disturbances, including installing any of the above types of program, sending bulk email from your computer to an address list gleaned from your computer's contents and many other similar functions. A virus is distinct from the other families of "attack programs" (as above) in that it is designed to propagate itself in one or more of a number of ways, including attaching a clone of itself to the above-mentioned bulk emails and other methods.
Program (not necessarily unsolicited) that often performs similarly to a virus with one main difference: where a virus relies on a fair amount of luck in propagating (i.e. it needs valid email addresses and people willing to activate the program on receipt in order to grow), a worm is more directed in that it will typically include an algorithm in its programming that allows it to successfully target a network.
For example, a virus attaches itself to an outgoing email sent to who-knows-who in the hopes that the recipient will launch the attached application and continue its propagation. A worm will typically attempt to send clones of itself to specific network addresses within the range of its current host, i.e. host 188.8.131.52 is infected with the worm, which tries to send itself to every other machine on that network (184.108.40.206, 220.127.116.11, etc.). Otherwise, a worm is just as capable of delivering a nasty "payload" as is a virus.
The first "attack program" ever launched was a worm-type program written and released onto the fledgling network on November 1, 1988 (Black Thursday) by a guy who just wanted a program to keep his computer memory clean. His program went through his filesystem, disk by disk, deleting files that were over a certain age. Simple enough. He "accidentally" released the "Internet Worm" onto the network by loading it from a floppy (5-1/4") disk into the public M.I.T. Arpanet interface in Massachusetts, where it proceeded to move through the network ... deleting files that were over a certain age ... and crippling over 10% of the servers connected at the time. A good example of a worm written for valuable purposes but poison in any other environment.