Virus Naming
Posted by Gunnar Þór Jónsson on 08/04/2013 16:38

How do I read a virus name?


When searching for a virus name, you should be aware of the naming conventions used. Virus names consist of a Prefix, a Name and often a Suffix.

  • The PREFIX denotes the platform on which the virus replicates or the type of virus. A DOS virus usually does not contain a PREFIX
  • The NAME is the family name of the virus
  • The SUFFIX may not always exist. SUFFIXES distinguish among variants of the same family and are usually numbers denoting the size of the virus letters.
  • They are formatted as PREFIX.NAME.SUFFIX

Example: WM.Cap.A would be the A variant of the Cap family. The WM means the virus is a Word macro virus

