Antivirus Glossary


If you want to make informed choice when purchasing antivirus software, you are going to need to do a little bit of research into your options. One of the things that can make this a bit of a daunting task is you are likely to end up having to deal with a lot of new and strange vocabulary. This glossary can make the process of obtaining the information you need easier by explaining the meaning of the most commonly used words associated with computer security.

419 scam – involves an email claiming to provide a means to riches provided the receiver hands over some money first.


Administrative rights – refers to the ability to perform certain functions on a computer such as installing new programs.

Administrator – is the user who has administrative rights on a computer. It can also refer to the person who is in charge of an IT system.

Adware – is a type of malicious software that causes adverts to appear on a computer screen. These advertisements can be made to appear as if they are coming directly from the computer (for example, a fake warning of a virus in order to get you to purchase a security product). There is also a less malicious type of adware where you agree to adverts in exchange for some free software.

Anti-debugger – is a way that viruses can attempt to avoid detection.

Antivirus –refers to software that is used to combat malware. Antivirus products can usually also deal with threats such as Trojans, worms, and adware and not just viruses.

Antivirus virus – is code that is created to prevent the antivirus software from doing its job.

Appender – is a virus that works by placing in a file.

Armoring – is a trick that malware can use when trying to get past computer security.

Attachment – refers to files (usually documents, photos, spreadsheets) that are attached to email.

Authentication – is the process of providing a user name and password to gain access to a computer, software, or website.

Algorithm – refers to a set of instructions that lets a computer know how it should behave to complete a task.


Backdoor – is a gap in the computer’s security that allows user access without authentication. Cyber criminals can exploit a backdoor in order to take over a computer.

Background scanning – means that an antivirus product is working behind the scenes to analyze the files that are being used for any signs of infection.

Background task – refers to activities the computer is performing that the user is unaware of.

Backscatter scam – occurs when scammers generate automatic failure notices because they have been using a forged email account address.

Backup – is a copy of data that is stored in case the original data is compromised. It is now common for computer users to store a backup of all of their computer files in the cloud – some of the premium antivirus products provide this as a feature.

Backup agent – is the service responsible for providing backup of data.

Bayesian filter – works by blocking spam email on the basis of their being specific words usually found in spam.

Behavior blocking – is where an antivirus software product looks for suspicious behavior such as a program that is trying to rewrite executable files.

Blacklist – is a list of all the websites, files, and email servers that are known to be a threat.

Blue screen – is what appears on a Windows-based operating system when there has been some type of terminal error. It is often referred to as the ‘dreaded blue screen’.

Boot sector virus – is triggered when the boot sector on the hard driver is activated.

Bot – is a type of electronic robot that is designed to perform automated tasks such as adding new web pages to a search engine directory.

Browser cookie – is a type of file that is added to a computer after visiting a new website. The purpose of this file is usually to improve the user-experience for the person the next time he/she visits the same website (e.g. it can remember preferences).


Cavity filler – is a virus that is capable of taking over unoccupied space within files.

Chain letter – is an email that asks recipients to send it on to other people.

Challenge response – is a method of requiring confirmation from senders of email to reducing the likelihood of spam.

Clean – is the situation when a file is free of malware.

Cluster virus – is located in one part of the system, but it is capable of acting as if it has infected the whole computer.

Cookie (see browser cookie)

Crash – is where a program is unable to continue running.

Crimeware – is any malware that is used to commit crimes and not just designed to cause mischief.

Cybercrimes – are illegal acts committed online.

Cyber criminals – commit cybercrime


Data diddler – is malware that only makes small changes to files.

Denial of Service (DoS) – is a tactic used by hackers to bring down a system by overwhelming it with requests.

Dictionary attack – is an attempt to get past a password request by using a directory of possible words.

Direct action virus – causes immediate damage as soon as a program is opened.

Disinfection – is the process of removing a virus and the effects of this virus.

Drive-by download – is where a website infects a user’s browser just by visiting this site.


Encrypted virus – can change its appearance so that it is difficult to spot.

Executable file – is one that is directly executable by the computer (aka .exe file).

Exploit – is an attempt to access a computer using a weakness in the system.


File virus – either attaches itself to a file or replaces a file.

Firewall – refers to a security defense that can involve either hardware or software. It works a bit like a bouncer at a nightclubs by deciding who can or can’t gain access – only in this case it is data rather than people.

Freeze – is where a computer program becomes stuck after an error.


Greylisting – is a way to filter spam email by bouncing back suspicious messages to see if the sender returns it.

Greywear – is a type of nuisance program that is not dangerous enough to be classified as malware.


Hacker – is a person who tries to get past the security measures used by a computer system.

Hacker tool – is anything the hacker uses to gain access to a system.

Hole – refers to a weakness that a hacker can take advantage of.

Host – is the file on a system that a virus has been able to infect.


Infection – is what a virus does when it gets inside of a computer system

In the wild – covers all the malware that is currently capable of infecting computer systems.

Intended virus – is a failed virus.


Joe-job – is a type of spam email that uses a headline to embarrass the receiver (e.g. instructions for your blow-up doll).


Keylogger – is capable of recording keystrokes so this type of malware can be used for stealing passwords and other information.


Layered defense – means that a security system uses multiple methods for defending against attack.

Letter from Nigeria –see 419 scam

Logic bomb – is a type of malware known as a Trojan that does nothing on a system until it is triggered by certain conditions.


Macro virus – is a type of malware that is triggered every time a certain program is opened.

Mail bomb – refers to a particular nasty type of spam email that crash a system because it contains so much data.

Malicious code – is created to cause problems for computer users.

Malware – refers to any type of malicious software.

Mass mailer – is a type of virus that spreads using email.

Memory resident virus – infects files from its location in the computer’s memory.

Mutating virus – is able to keep changing and this makes it hard to spot.


Not in the wild – is any malware that has failed to spread (see intended virus).


On-access scanner – is constantly looking for threats on a computer system.

On-demand scanner – only works when the user activates it.

Overwrite virus – is capable of altering the content of a file without changing the size of this file.


Packer - is a type of software that works by compressing and encrypting data.

Password attack – is any attempt by cybercriminals to gain access to passwords in order to gain access to a system.

Password sniffing – is an attempt to find a password by searching email and other documents.

Peer to Peer (P2P) - is a common way of sharing files, and it is also a favorite resource for cyber criminals trying to trick people into downloading malware.

Pharming – is a way to redirect traffic to a malicious part of the web. It involves hacking a DNS system.

Phishing – usually involves email and it is an attempt to trick people into revealing information such as passwords.


Ransomware – is capable of taking over the computer in an attempt to extort money.

Real-time scanner – works continuously in the background to detect threats (see background scanning).

Redirect virus – changes commands so something different than what was intended by the user occurs.

Replication – is how a virus can infect a system.

Resident virus – is one that remains on a computer.

Regedit – is used to change information in the registry (see below).

Registry – is where information about what has been happening on the computer is kept.

Rogue program – is malware designed to cause damage.


Scanner – a type of antivirus product that scans for any signs of malware.

Signature – is a string of data that can be similar to a fingerprint. One of the ways that antivirus programs are capable of spotting viruses is by looking for signatures of known viruses.

Spam – can be any type of unwanted and unsolicited email.

Spam filter – is a process of finding and removing spam email.

Spoofed websites – are commonly used as part of a phishing scam (e.g. a website that looks the exact same as a login area for a popular online bank).

Spyware – is a capable of tracking the movements of people online, and it can also gather personal information.


Time bomb – is a type of malware that is programmed to go off at some point in the future.

Trojan horse – is like a wolf in sheep’s clothing. It is a program that looks like it is going to be an asset, but it is actually designed to cause problems.

Tunneling – is a way for a virus to bypass the security on a computer system.


Virus – is a type of malware that is able to replicate and infect a computer system.

Virus hoaxes – are a type of scam email or pop-up advert designed to frighten recipients into paying for additional security.

Virus signature directory – is a list containing the signatures of all the known malware in the wild.


Web bug – is able to gather data on visitors to a website.

Worm – spread by using backdoors into computer systems.


Zip bomb – a compressed file that contains such much data that it can cause problems when opened.

Zombie computer – can refer to any system that has been hijacked by cybercriminals.