How to understand the meaning of virus and malware names [Guide]

Virus_BlasterWhen your antivirus program returns a list of possible threats or infections on your computer to you, do you understand what the file names mean?  Most people aren’t aware that they even have a meaning, but in fact, you can analyze them to find a lot of useful information about the viruses that the antivirus program or scanner has found.

There are tens of thousands of computer viruses in the virtual world. It is already hard to memorize the categories of the general viruses, let alone all the virus derivatives. It is not necessary for you to grasp all the names of all the viruses, but it would be useful to know the naming rule of viruses so that we can easily identify computer viruses from your antivirus software threat report.


Previously, we talked about the signs of your computer infected with viruses to help you diagnose if there is virus in your computer. The next step should be getting to know these viruses in order to get an idea of what they do and how they damage your computer. The general format of a virus name is as follows: “Type:Platform/Type/Family/Variant Letter/Information”.

  • “Type” stands for the type of a virus. For instance, it might start with Trojan., Worm, Script., Macro., Backdoor, Harm., Joke., Binder., DoS., Exploit., HackTool., etc.
  • “Platform” stands for the system that the virus is designed to work on. For example, Win32, PE, Win95, Win32, and so forth.
  • “Family” stands for a group of threats with the same name. The viruses from the same family have the same character. For example, “Sasser” is a family of viruses belong to “Worm” that spreads through network ports and can be stopped by firewalls.
  • “Variant Letter” stands for each different version or member of a family. Generally, viruses use an English letter to represent a different member, i.e., “Worm.Sasser.b” is a member of the “Sasser” family falling into the “Worm” virus category.
  • “Information” is used to describe a certain file which is threatened by a virus, such as .dll (Dynamic Link Library), .gen (generic signature), .plugin (plug-in component), and so forth.


As you can see, virus names, which at first look like a random jumble of made-up words and letters, can actually tell you a lot of useful information about them.  Once you become familiar with virus types, platforms, families, letters, and information, you can easily estimate whether a particular virus you find during a scan is likely to cripple your computer, and what the most effective method to stop or disable it is. Now, when you see a virus, you can easily refer to this article and use it to identify computer viruses and look up data for the specific viruses you run into in the future.

Related Posts