Security & Anti-Malware Terminology

By /

🧭 Introduction

When analyzing antivirus logs or researching malware, you’ll encounter countless technical terms, acronyms, and security-related abbreviations. This guide on Security & Anti-Malware Terminology aims to make sense of those terms. While not exhaustive, it includes many of the most common malware categories and system-level definitions used in security analysis.

This reference also complements related SM-U guides, including How to Research for Virus and Malware Analysis, Learning HijackThis!, and Rootkits 101.

🦠 Malware Classifications & Abbreviations

Antivirus tools often categorize threats using shorthand labels. Recognizing these will help you interpret logs and reports effectively:

  • Troj (Trojan) – Malware disguised as legitimate software to trick users.
  • Vir (Virus) – Self-replicating code that spreads by infecting files.
  • Malware – Any software designed to cause harm to a system.
  • Rootkit – Conceals its presence and gains deep system-level access.
  • Worm – Self-spreading malware that propagates through networks.
  • Adw (Adware) – Displays unwanted advertisements.
  • Spyware – Monitors user activity and collects data.
  • Keylogger – Records keystrokes to steal credentials.
  • Bootkit – A rootkit variant targeting the boot sector.
  • Backdoor – Opens unauthorized remote access to the system.
  • Ransomware – Encrypts files and demands a ransom for decryption.

Additional Malware Types

  • Banker Trojan – Designed to steal online banking credentials.
  • Browser Helper Object (BHO) Infection – Malicious browser add-ons.
  • Master Boot Record (MBR) Infection – Infects the MBR to load early.
  • Bot Trojan – Turns a device into a remotely controlled botnet node.
  • Cookie Tracker – Tracks browsing for advertising or data collection.
  • Dialer Trojan – Connects to premium-rate phone lines.
  • Dropper Trojan – Installs other malicious components.
  • EICAR Test File – Harmless file to test antivirus response.
  • Exploit Malware – Leverages system vulnerabilities.
  • Hoax Malware – Fake threats that scare users into installing malware.
  • Hijacker – Alters browser/system settings (e.g., homepage redirects).
  • Hack Tool – Software used for unauthorized access or exploitation.
  • Heuristic Detection (Heur) – Identifies threats based on behavior.
  • IRC Trojan – Targets Internet Relay Chat activity.
  • Macro Virus – Targets macros in apps like Microsoft Office.
  • Password Stealing Trojan – Collects saved login credentials.
  • Phishing Malware – Mimics trusted services to harvest data.
  • Polymorphic Virus – Constantly changes code to evade detection.
  • Process Killer – Disables security software.
  • Redirect Trojan – Forces browsers to load malicious sites.
  • Remote Access Trojan (RAT) – Gives full remote control of the system.
  • Spamming Malware – Sends spam from infected devices.
  • Scamming Malware – Defrauds users using deception.
  • Rogue Malware (ROGUE) – Fake antivirus software.

For more tools and research resources, visit Malware & Virus Analysis Resources.

πŸ” Security Concepts & System Terms

Understanding the terms below will improve your ability to analyze system behavior, troubleshoot threats, and understand security logs.

  • ActiveX – Internet Explorer component used to extend browser functions.
  • Administrator – A user account with full system control.
  • Algorithm – A defined method used for calculations, encryption, or automation.
  • Alias – An alternate name for malware (e.g., TDL4 = Alureon).
  • Anti-Malware / Anti-Spyware / Antivirus – Tools used to detect and remove malicious software.
  • Application Programming Interface (API) – Connects apps to system functions.
  • Armoring (Crypting) – Obfuscates malware to avoid detection.
  • ASCII – A standard for encoding characters.
  • Attributes – File or folder properties (e.g., hidden, read-only).
  • BAT (Batch File) – Scripting file used to run command sequences.
  • BIOS – Firmware that initializes hardware on startup.
  • Botnet – A group of infected computers controlled remotely.
  • Cache – Temporary storage to speed up system or web performance.
  • Cookie – Text files used by websites to store user preferences.
  • Debugger / Decompiler – Tools used to analyze or reverse-engineer code.
  • Denial of Service (DoS) / DDoS – Overwhelms services to disrupt functionality.
  • DNS – Resolves domain names into IP addresses.
  • Driver – Software enabling communication between OS and hardware.
  • DLL – Shared library files containing executable code.
  • Emergency Rescue Disk / Recovery USB – Tools for offline system recovery.
  • Encryption / Decryption – Secures or reveals encoded data.
  • Exceptions – Whitelisted items excluded from security scans.
  • FAT (File Allocation Table) – Disk structure storing file locations.
  • Firewall – Filters and protects network traffic.
  • FTP (File Transfer Protocol) – Transfers files across networks.
  • Hacker – Someone who accesses systems without authorization.
  • Header – Initial file data describing its format.
  • Host – The source system hosting services or files.
  • HTTP / HTTPS – Protocols for loading websites (HTTPS is encrypted).
  • Identity Theft – Fraudulent use of someone’s personal data.
  • ISP (Internet Service Provider) – Company providing internet access.
  • LAN (Local Area Network) – A private network in a small location.
  • MIME – Internet standard for sending varied content types.
  • Mutex – Prevents multiple apps from accessing the same resource simultaneously.
  • Partition – Disk segment treated as a separate drive.
  • Payload – The part of malware that executes malicious activity.
  • PE (Portable Executable) – Windows file format for executables.
  • PUP – Potentially Unwanted Program; not always malware.
  • P2P – Peer-to-peer file-sharing software.
  • Protocol – Communication rules between systems (e.g., TCP/IP).
  • Proxy – Intermediary between device and internet, often for anonymity.
  • Quarantine – Isolates suspicious files to prevent spread.
  • Redirect – Changes a browser’s navigation path.
  • Sector – A physical segment of storage media.
  • Patch – Fixes software bugs or vulnerabilities.
  • String – A sequence of characters, often found in code.
  • Services – Programs or drivers running in the background.
  • Signature – Malware’s unique fingerprint used for detection.
  • Variant – A modified strain of known malware.
  • Volume – A logical storage unit such as a disk or partition.
  • UPX – A tool for compressing executables.
  • WAN – A large, distributed network (e.g., the internet).
  • Windows Explorer – Interface for navigating files and folders.
  • Windows Registry – Stores configuration settings for Windows and software.

🧠 Conclusion

This Security & Anti-Malware Terminology guide can help you better understand what you’re seeing in system logs, malware reports, and threat alerts. With these definitions, you’ll be equipped to handle advanced malware detection, system hardening, and log analysis.

As malware evolves, so must your understanding. Whether it’s learning about File Padding Techniques, investigating a Chrome CVE, reviewing a Tomcat vulnerability, or ensuring Windows 10 privacy, this foundation prepares you to take action.

Don’t forget to bookmark Free Virus and Malware Removal for practical tools and scanning advice, and keep building your skills across our malware and forensic categories.

Stay curious, stay secureβ€”and revisit this Security & Anti-Malware Terminology guide anytime you need a refresher. You can find another database of words at Malwarebytes.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top