Those of us who spend time online will need to be aware of potential dangers so that we can remain safe in this world. One of the biggest threats to our safety will be malware such as viruses or spyware, and this is why it is important to have some type of antivirus software. A problem that many of us face, when evaluating our online safety requirements, is the jargon used by the experts. What follows is a glossary of the most common terminology you are likely to come across when investigating your antivirus options.



– refers to software that causes advertisements to appear on the screen. Adware may be legitimately downloaded as part of an agreement whereby the individual is provided some free software in exchange for allowing these ads. There are many other forms of adware whereby the individual is tricked into downloading this software, and the ads become a real nuisance.


– this refers to any technology that is used to defend against malicious software. In most cases it will involve a computer program that is designed to spot threats and eliminate these threats.

Antivirus virus

– this malicious code is designed to interfere with antivirus software in order to make the system vulnerable to attack.


– a file that is attached to an email.


– this is the process by which the user proves their identity to the computer program. It will usually involve providing a user name and password. If the individual is unable to provide this authentication, they might not be allowed to use the program.


– this contains a series of steps that tells a computer how to perform a certain task. The instructions in the algorithm determine how the computer will behave.


Back door

– it is usual for computer programmers to create a backdoor into their program. This means that they are able to bypass the usual security features such as authentication, and they may have special privileges not available to normal users. If hackers are able to find this back door, they can exploit it for their own purposes.

Background scanning

– this is when the antivirus software automatically scans files as they are opened, closed, or created.

Background task

– this can refer to any task that the computer performs where it is hidden from the user.


– is a safeguard against loss or damage to data. It means that a second copy of the data has been created.

Backup agent

– this is a host that takes on the responsibility for backing up the data.

Behavior blocking

–is an instruction to the system to prevent certain actions from occurring. For example, it could mean that certain programs are prevented from making any changes to the registry.

Boot sector virus

– this virus is activated any time the boot sector on the hard drive is accessed.

Browser cookies

– see cookie


Cavity virus

– is where a malicious code is added onto an existing program without interfering with the functionality of this program.


– means that a file or disk is free of viruses.

Cluster virus

– is able to become active when any program on the computer is started. It only actually exists in one part of the system, but it acts as if it has infected every program.

Cookie (aka browser cookies)

– this refers to a file that can be placed in a computer’s hard drive by a website that the user has visited. These files are then used to identify the user the next time they visit. Most cookies are harmless, but they can be used for malicious purposes because they collect information about the internet user.


– refers to any type of malicious program that is used to commit crimes. It includes software such as Trojans or spyware.

Cyber criminals

– these are individuals who commit crimes in cyberspace. If there is a group of these people working together, they will be referred to as a cyber-gang.


Denial of Service (DoS)

– is one of the most common ways that hackers will cause problems for a computer system. The most usual way that this type of attack operates is that the hackers overwhelm the system with requests, so that the system becomes overloaded and unable to function properly.

Direct action virus

– takes action as soon as it is executed, and as soon as it has caused damage on the system it disappears.


– the removal of a virus and the recovery of any infected data (if possible).


Encrypted virus

– this can be a particularly difficult virus to spot because it can keep on changing its appearance. It is usually when the program decrypts that antivirus software can spot it.

Executable files (.exe file)

– is any file that can be directly executed by the computer system. This type of file is the usual target for computer viruses.


File viruses (file infecting viruses)

– a virus that can either replace a file or that attaches itself onto a file. The most common file to be attacked would be those with the extension .exe.


– this is used to keep a system secure, and it works by controlling the network traffic that comes in and out of the computer. A firewall can be created using software or hardware.



– this is a type of program that does not fall into the category of malware, but it can still be a nuisance when downloaded onto a computer.



– this can refer to any individual who tries to exploit weaknesses in a computer system. The individual may be doing this for fun or to cause mischief, but in many instances the motive will be to make a profit illegally.


– a weakness that a hacker can exploit to gain entry into a system.


– the file that the virus has managed to compromise.



– the activities of a virus once it has gained access to a system.

In the wild

– this is malware that has managed to begin infecting computers.



– this is a type of malware that can record the keystrokes that people are making on their computer. It can mean that criminals are able to get hold of passwords and other sensitive information.


Logic bomb

– this refers to a type of Trojan virus that waits patiently in the system until certain conditions are met. It will not cause any harm until it is triggered.


Macro virus

– is able to infect a program such as Microsoft Word. Every time this program is opened, it will trigger the virus. This type of virus is usually spread via email.

Mail bomb

– this is an email that contains so much data that is causes the system to crash.

Malicious code

– can be any code that is used to cause mischief on a computer system.


– refers to any type of malicious software.

Memory resident virus

– this is a virus that lives in the memory of the computer and it is able to infect all files from this location.

Mutating virus

– is a type of virus that keeps on changing, and this means that it can be particularly tricky to remove. Many of the most famous mutating viruses were never intended to mutate by the original creators of the program.


Not in the wild

– malware that has been unable to spread successfully.


On access scanner

– an antivirus program that is always working in the background to scan for threats to the system.

On demand scanner

– this is an antivirus program that is only activated when the user wants to scan their system.

Overwrite virus

– a virus that replaces the content in a file without changing the size of that file.


Password attack

– this is where hackers attempt to obtain passwords used by people online.

Password sniffing

– usually involves using software to detect and store passwords used on a network. This is usually done by searching all the emails sent by this network for password information.

Peer to Peer (P2P)

– this is a way of sharing files such as movies and music. It is relatively easy for cyber criminals to spread malware by hiding them in this type of file.

Pretty good privacy (PGP)

–is one of the most effective ways to encrypt files and emails, so that the data is kept safe.


– this refers to criminal activity where the goal is to obtain personal information about an individual. This type of attack will usually occur via email, and the criminals can be very convincing in their request for things like bank details. One of the most common ways of doing this is that the email appears to come from somewhere like a bank, and the individual is asked to change their password (of course they will be expected to provide their old password and account number as part of this process).



– is a type of malware that encrypts the hard drive so that the user cannot gain access. The cyber criminals will then demand money in order to decrypt the data.

Real time scanner

– refers to antivirus software that operates continuously as a background task.

Redirect virus

– this causes a command to be redirected to another location. This means that the system will be given a different instruction than the one the user intended.


– the process by which a virus can make copies of itself.

Resident virus

– this is a virus that remains in the system.


– this will usually be referring to the Window’s registry which contains almost all the information about everything that happens on the computer.

Rogue program

– this refers to any malware where the intention is to damage the system.



– is any antivirus software that scans for viruses.


– this refers to a unique string or a binary pattern that can be used to identify a virus. The antivirus software scans for these signatures, so that it is able to pick out these threats. The virus signature is similar to a fingerprint.


– emails that are not desired or solicited.

Spam filter

– program that are used to detect and remove spam before it appears in the email inbox.

Spoofed website

– refers to any website that is designed to look like a well-known legitimate site, but where the goal is to steal information from visitors or infect their computer. Phishing emails can be used to trick people into visiting this type of website.


– this is software that is used to gather information about the users of the computer without their permission. This type of malware can also be used to take control of the computer’s assets


Time bomb

– this is a virus that will be triggered at a certain time in the future.

Trojan horse

– is any type of program that initially appears harmless when it is downloaded but later causes problems.


– refers to a virus designed to bypass antivirus software. It usually does this by preventing this software from functioning properly.



– is a type of malicious code that is able to infect computers and replicate.

Virus hoaxes

– this is a type of hoax email that is designed to worry people about viruses that do not exist.

Virus signature

– see signature above.


Zombie computer

– is where a computer has been hijacked by a cyber-criminal, so that they can use it for their own purposes.


– a collection of viruses that are kept in a laboratory setting for testing purposes.