Getting Started: identify viruses from virus naming

Scanning and killing with anti-virus softwareVirusOften find someVirusThey all have a long string of names, such as worm. padobot. U and backdoor. rbot. ABC. They do not understand what it means or what it means.Virus? ActuallyVirusThe name already contains thisVirusType and features.

Next we will introduceVirusHow is the name named? Also fromVirusHow can I see this in the name?Virus.

VirusNaming rules

VirusThere is no uniform rule for naming.VirusThe naming rules of the company are not the same, but they are basically named by prefix and suffix. They can be a combination of multiple prefixes and suffixes, separated by decimal places. The general format is: [prefix]. [VirusName]. [suffix]

1.VirusPrefix

VirusPrefix refers toVirusThe commonTrojanVirusThe prefix is "Trojan", WormVirusThe prefix is "worm". other prefixes include "macro", "backdoor", and "script.

2.VirusName

VirusName refers toVirusName, such as the famous CIHVirusIt is the same as some of its variants as the "CIH", as well as the ripple worm.Virus, ItsVirusThe name is "Sasser ".

3.VirusSuffix

VirusA suffix refers toVirusThe variant features are generally represented by 26 English letters. For example, "worm. Sasser. c" refers to the worm.VirusC. IfVirusThere are too many variants, which can also be represented by a mix of numbers and letters.Virus.

VirusNaming explanation

1.TrojanVirus

TrojanVirusThe prefix is Trojan.TrojanVirusIt is characterized by network or systemVulnerabilitiesGo to the user's system and hide it, And then disclose the user's information to the outside world. AverageTrojanFor example, QQ message tail Trojan. qqpsw. R, online gamesTrojanVirusTrojan. startpage. FH.VirusPsw or PWD in the name indicates thisVirusStolenPasswordAll suchVirusPay special attention to this.

2. ScriptVirus

ScriptVirusThe prefix is script. ScriptVirusIt is written in script language and transmitted through web pages.Virus, Such as redCodeScript. redlof. Some scriptsVirusThere will also be prefix such as vbs and HTML, which indicates the script used, such as Happy Time vbs. happytime, HTML. Reality. D, etc.

3. SystemVirus

SystemVirusPrefix: Win32, PE, Win95, W32, w95, etc. TheseVirusWindows can be infected.Operating System*. EXE and *. DLL files, and spread through these files, such as the famous CIHVirusIt belongs to the system.Virus.

4. MacroVirus

MacroVirusOr a script.VirusBecause of its particularity, it is considered as a class. MacroVirusThe prefix is macro. The second prefix is word, word97, Excel, and excel97. Select the second prefix Based on the infected document type. This classVirusIs infected with documents of the Office series, and then spread through common office templates, such as the famous MishaVirusMacro. Melissa.

5. WormsVirus

WormVirusThe prefix is worm. ThisVirusIt can be accessed through the network or system.VulnerabilitiesMost of the wormsVirusAll of them have the characteristics of sending out emails with viruses and blocking the network.VirusThere are shock waves, shock waves, and so on.

6. Bundling MachineVirus

Bundling MachineVirusThe prefix is: binder.VirusThe author will use a specific bundleProgramSetVirusBundled with some applications (such as QQ and other commonly used software), it seems to be a normal file on the surface, but when the user runs these applications, it also runs the bundledVirusFile to cause harm to the user. Such as the system killer binder. killsys.

7. BackdoorVirus

BackdoorVirusThe prefix is backdoor. This classVirusIt is characterized by network communication to open backdoors for the poisoning system and bring security risks to users' computers. Such as love BackdoorVirusWorm. lovgate. A/B/C.