Antivirus Glossary


ActiveX: improves functionality of web pages by adding animations, video, 3D browsing, etc. These pages can be targets for viruses.

Address Book: used to store information about other users. It is a file with a WAB extension.

Administrator: the person or program that is given permission to manage and monitor an IT network.

ADSL: allows data to be sent across an internet connection quickly.

Adware: allows advertisements to appear on the screen. Adware displays pop-ups, banners, and changes to the browser home/search page. Sometimes, adware is accidentally installed by the user.

Algorithm: a set of rules used to calculate.

Alias: the known nickname that describes a certain feature of a virus.

American National Standards Institute (ANSI): the group that set standards for computer programming.

Anti-Debug: in order to avoid being detected, a virus uses these techniques.

Antivirus: technology that is used to defend against malicious software. Generally, it will involve a computer program that is designed to spot and eliminate threats.

Antivirus virus: malicious code that is designed to interfere with antivirus software in order to attack.

Armouring: term used to describe the technique used by viruses to avoid antivirus detection.

Attachment: a file that is attached to an email.

Attributes: certain file or directory characteristics.

Authentication: a process the user goes through to prove their identity to the computer program.

Autoencryption: the process in which a virus encrypts itself to make it difficult to analyze or detect.

AutoSignature: short text that is automatically added to email messages.


Back door: the ability to bypass the usual security features such as authentication, and they may have special privileges not available to normal users. While it is not typically found in most programs, if a hacker finds the back door, they will be able to gain access and cause problems.

Background Scanning: the process where antivirus software automatically scans files as they are opened, closed, or created.

Background task: tasks performed by the computer that is not known by the user.

Backup: a second copy of data is created to protect against lost or stolen files.

Backup agent: system that makes sure data is backed up.

Banker Trojan: steals private information from customers of online payment banks.

Banner: promotes a product or service that links directly to the advertiser.

Behavior blocking: system rules to prevent certain actions from happening.

Bit: smallest unit of digital information.

Boot Disk: a disk that allows a computer to start up.

Boot sector virus: a virus that is activated any time the boot sector on the hard drive is accessed.

Bot: allows a system to be remotely controlled without the user knowing or consenting.

Browser: program that lets users view pages on the internet.

Buffer: temporarily saves information.

Bug: an error in a program.

Byte: a measurement unit of digital information.


Cache: small section of the memory of a computer.

Category: viruses grouped in categories based on certain elements.

Cavity virus: code that is added onto an existing program without interfering with the functionality.

Clean: term used to describe a file or disk that is free of viruses.

Cluster virus: becomes active when any program on the computer is started, and although it only exists in one part of the system, it acts as if it has infected every program.

Code: a set of rules that have a given value within a system.

Common Name: the generally known name of a particular virus.

Cookie (aka browser cookies): a file that can be placed in a computer’s hard drive by a website the user visited. These files are then used to identify the user the next time they visit. Most cookies are harmless, but they can be used for malicious purposes because they collect information about the internet user.

Cracker: an individual who attempts to break into restricted computer systems.

Crimeware: a term used to describe any type of malicious program that’s primary function is to commit crimes. It includes software such as Trojans or spyware.

Cyber criminals: people who commit crimes in cyberspace. A group of these people working together is referred to as a cyber-gang.

Cylinder: refers to the section of a disk that is read in a single operation.


Damage Level: the measurement that shows the level of negative effects a virus could have on an infected computer.

Database: refers to the collection of data files and programs used to administer and organize them.

Debugger: used as a tool to read the source code of programs.

Denial of Service (DoS): a common way a hacker causes problems for a computer system. Typically, a hacker will overwhelm the system with requests so it overloads and is unable to function.

Dialer: often used to redirect internet connection.

Direct action virus: a virus that immediately starts to work, and when the damage is done, it disappears.

Disinfection: refers to the removal of a virus and the recovery of any infected data.


Encrypted virus: a virus that changes its appearance to avoid being detected by antivirus software.

Exceptions: a technique antivirus programs use to detect viruses.

Executable files (.exe file): a file that can be directly executed by the computer system.

Exploit: a program that uses vulnerability or security holes to work in their favor.


Family/Group: viruses that are similar are grouped into families or groups.

File viruses (file infecting viruses): a virus that can replace a file or even attach itself onto a file.

Firewall: software that controls and monitors the incoming and outgoing network traffic.

FireWire: a form of security that protects information in a system or network when it is connected to something like the internet.

Flooding: collapses systems by repeatedly sending a large message or text to a computer through messaging systems.

Format: refers to the structure of a disk that removes information that was previously stored on it.

Freeware: software legally distributed for free.


Gateway: a computer that permits communication between various platforms, networks, computers, programs, or systems.

Greywear: this is not necessarily malware, but it has similar functions when downloaded.

Groupware: a system that allows individuals on a LAN network to use various resources.


Hacker: an individual that attempts to exploit weaknesses in a computer for various motives.

Hardware: refers to the physical elements of an IT system.

Heuristic Scan: in order to detect unknown viruses, this technique problem solves though a series of trials and errors.

Hijacker: a change in the browser settings by a program different than the one set be the user.

Hoax: a message warning describing a virus that does not even exist.

Hole: refers to a weakness a hacker can exploit to gain entry into a system.

Host: a file that a virus managed to compromise.

Hyperlink: tools located on a web-page, file, or email that can be clicked on, and will in turn, take you directly to another page.

Hyper Text Transfer Protocol (HTTP): refers to the communication system that allows web pages to be viewed through the browser.


Identity Theft: cyber criminals will gain access to private and personal information and impersonate the user.

In Circulation: refers to the case in which a virus has been detected somewhere.

In the Wild: – a list of the malware/viruses that have been reported to begin infecting computers.

Infection: the activities of a virus once it has gained access to a computer or system.

Interface: a communication tool that allows users to interact with the software installed on the computer.

Interruption: when there is a temporary pause in microprocessor activity which results in a signal.

Interruption Vector: refers to the computer’s process to deal with the interruption on the microprocessor.


Java: the programming language that allows independent programs to run on any operating system or hardware.

Joke: similar to a hoax, a “joke” is not a virus. It is a trick that makes a user believe their computer has been infected.


Kernel: refers to the operating system’s central module.

Keylogger: a form of malware that saves all of a user’s keystrokes. This ultimately allows cyber criminals to gain access to private information or passwords.


Local Area Network (LAN): the network of interconnected computers in a defined area; firewall monitors this activity.

Logic bomb: a virus that waits until it is triggered before it begins an attack.

Loop: instructions designed for a program that are carried out continuously until a standard is reached.


Macro virus: a virus that targets programs in Microsoft Office, such as Microsoft Word, Excel, and Powerpoint. Generally is is spread through email.

Mail bomb: an email with so much data that it causes a system crash.

Malicious code: refers to a type of code that causes mischief on a computer system.

Malware: the term that refers to any type of malicious software.

Map: the assigning of a shared network disk a letter in a computer.

Memory resident virus: living in the computer’s memory, this virus is able to infect all files.

Microprocessor: refers to the integrated electronic heart of a computer or IT system.

Modem: transmits electronic signals between computers (most commonly used to connect internet and computers).

Multipartite: a virus that infects computers by using various techniques used by other viruses.

Mutating virus: this type of virus is difficult to remove because it continues to change.


Network: allows computers to communicate or exchange data.

Not in the wild: malware that was unsuccessful in its attempt to spread.


On Access Scanner: part of antivirus software that does background work by scanning for potential threats.

On Demand Scanner: refers to an antivirus feature that only works when the user tries to scan something into their system.

Operating System: refers to a set of programs that enables computer use.

Overwrite Virus: a virus that takes the place of a file without changing the size of the file.


Packaging: similar to compression, packaging takes a group of files and puts them into another file so that it occupies less space.

Parameter: indicates how a program is designed to behave in a given circumstance.

Partition: a division in the hard disk which allows the operating system to identify it as if it were a separate disk.

Password attack: when a hacker works to get passwords by people who are online.

Password sniffing: a form of software that has the ability to detect and store passwords.
Peer to Peer (P2P) – this is a way of sharing files such as movies and music. It is relatively easy for cyber criminals to spread malware by hiding them in this type of file.

Payload: a virus’ effects.

Pretty good privacy (PGP): refers to an effective way to encrypt files and emails to keep data safe.

Phishing: refers to the illegal action by a criminal who tries to obtain personal information about a user, generally through email. These criminals are strategic in their approach and can be very convincing in their pursuit to get you to tell them things like bank details.

Plataform: an operating system working in a specific environment under certain conditions.

Plugin: takes an existing system and adds a new functionality.

Program: elements that permit activities to be executed.

Protocol (data transfer): controls the communication between computers or IT devices.

Proxy: refers to the work done between an internal network and the connection to the internet.


Quick Launch Bar: the toolbar that contains shortcut icons to certain items and programs.


Ransomwear: a form of malware that encrypts the hard drive so the user can no longer access it. The cyber criminal will then demand money from the user before they can access the data again.

Real time scanner: refers to the continuous operation of antivirus software as a background task.

Redirect virus: a command that will be assigned to perform a different action than the user intended.

Replication: the copying of a virus.

Resident virus: refers to a virus that remains in the system.

Registry: the Window’s registry that has all of the information concerning what is happening on the computer.

Rogue program: a form of malware that works to damage the system.

Rookit: a program that hides processes, files, or Windows registry entries. This software is not known to be malicious, but hackers do use it to cover their tracks when they attack a system.

Routine: invariable sequence of instruction that can be used over and over again and make up part of a program.


Scam: any plot that is intended to trick a person into giving money under false pretenses.

Scanner: antivirus program that scans and looks for viruses.

Script: refers to files of code written in programing languages.

Sector: area of a disk.

Security Risk: refers to negative actions a user can fall into on a computer.

Server: Computer that provides services and tools to other computers that are connected via the network.

Shareware: basically a trial. Users are allowed to try out a software before purchasing it.

Signature: a specific patter that is used to identify viruses.

Software: refers to the files, programs, operating systems, and applications that give users the ability to work on a computer.

Spam: mass emails that are not asked for,

Spam filter: a feature or program of antivirus that is used to detect and remove spam emails from the user’s inbox.

Spoofed website: a website that looks real, but the intention is to steal information from visitors or infect their computer.

Spyware: refers to a software program that gathers a user’s information without their permission.


Targeted Attack: attacks specifically designed to target a specific user(s).

Time Bomb: a virus that begins to work once it has been triggered.

Trackware: programs that track a user’s activity on the internet.

Trigger: refers to the setting that causes a virus to activate.

Trojan horse: a program that appears to be harmless when first downloaded, but eventually causes issues.

Tunneling: a virus that is supposed to be able to bypass antivirus software.


Updates: newest information about the ever-changing viruses that exist.

URL: refers to the page address of an online destination.


Variant: an original virus that has been modified to infect a computer.

Virus a form of malicious code that has the ability to infiltrate computers and replicate.

Virus hoaxes: an email that a user receives telling them about viruses that don’t exist.

Volume: complete hard disk.

Vulnerability: flaws in an IT system.


Worm: a virus that duplicates itself.


Zombie computer: when a computer is taken over by a cyber-criminal to use for their own purposes.

Zoo: viruses that are kept in a lab for testing purposes.