http://securityresponse.symantec.com...vnameinfo.html
PREFIXES A2KM
Access macro viruses that are native to Access 2000.
A97M
Access macro viruses that are native to Access 97.
AM
Access macro viruses that are native to Access 95.
AOL
Trojan horses that are specific to America Online environments and usually steal AOL password information
BAT
Batch file threats.
Backdoor
Threats may allow unauthorized users to access your computer across the Internet.
Bloodhound
Bloodhound is the name of the Norton AntiVirus heuristic scanning technology for detecting new and unknown viruses
DDos
Distributed Denial of Service threats. Distributed Denial of Service involves using zombie computers in an attempt to flood an Internet site with traffic.
DoS
Denial of Service threats. Not to be confused with DOS viruses, which are named without prefixes.
HLLC
High Level Language Companion viruses. These are usually DOS viruses that create an additional file (the companion) to spread.
HLLO
High Level Language Overwriting viruses. These are usually DOS viruses that overwrite host files with viral code.
HLLP
High Level Language Parasitic viruses. These are usually DOS viruses that attach themselves to host files.
HLLW
A worm that is compiled using a High Level Language. (NOTE: This modifier is not always a prefix, it is only a prefix in the case of a DOS High Level Language Worm. If the Worm is a Win32 file, the proper name would be W32.HLLW.)
HTML
Threats that target HTML files.
IRC
Threats that target IRC applications.
JS
Threats that are written using the JavaScript programming language.
Java
Viruses that are written using the Java programming language.
Linux
Threats that target the Linux operating system.
O2KM
Office 2000 macro viruses. May infect across different types of Office 2000 documents.
O97M
Office 97 macro viruses. May infect across different types of Office 97 documents.
OM
Office macro viruses. May infect across different types of Office documents.
PWSTEAL
Trojan horses that steal passwords.
Palm
Threats that are designed to run specifically on the Palm OS.
Trojan/Troj
These files are not viruses, but Trojan horses. Trojan horses are files that masquerade as helpful programs, but are actually malicious code. Trojan horses do not replicate.
UNIX
Threats that run under any UNIX-based operating system.
VBS
Viruses that are written using the Visual Basic Script programming language.
W2KM
Word 2000 macro viruses. These are native to Word 2000 and replicate under Word 2000 only.
W32
32-bit Windows viruses that can infect under all 32-bit Windows platforms.
W95
Windows 95 viruses that infect files under the Windows 95 operating system. Windows 95 viruses often work in Windows 98 also.
W97M
Word 97 macro viruses. These are native to Word 97 and replicate under Word 97 only.
W98
Windows 98 threats that infect files under the Windows 98 operating system. Will only work in Windows 98.
WM
Word macro viruses that replicate under Word 6.0 and Word 95 (Word 7.0). They may also replicate under Word 97 (Word 8.0), but are not native to Word 97.
WNT
32-bit Windows viruses that can infect under the Windows NT operating system.
Win
Windows 3.x viruses that infect files under the Windows 3.x operating system.
X2KM
Excel macro viruses that are native to Excel 2000.
X97M
Excel macro viruses that are native to Excel 97. These viruses may replicate under Excel 5.0 and Excel 95 as well.
XF
Excel formula viruses are viruses using old Excel 4.0 embedded sheets within newer Excel documents.
XM
Excel macro viruses that are native to Excel 5.0 and Excel 95. These viruses may replicate in Excel 97 as well.
SUFFIXES @m
Signifies the virus or worm is a mailer. An example is Happy99 (W32.Ska), which only sends itself by email when you (the user) send mail.
@mm
Signifies the virus or worm is a mass-mailer. An example is Melissa, which sends messages to every email address in your mailbox.
dam
Indicates a detection for files that have been corrupted by a threat, or that may contain inactive remnants of a threat, causing the files to no longer be able to execute properly or produce reliable results.
dr
Indicates that the detected file is a dropper for another threat.
Family
Indicates a generic detection for threats that belong to a particular threat family based on viral characteristics.
Gen
Indicates a generic detection for threats that belong to a particular threat type based on viral characteristics.
Int
Indicates an intended threat. Threats that are intended to spread, but don't due to bugs or errors in the viral code.
Worm
Indicates a worm, not a virus. Worms make copies of themselves that they send across a network or using email, or another transport mechanism