Manualshelf

User Guide

ManualsBrandsKaspersky Lab ManualsOtherAVP INSPECTOR FOR WEB SERVERS 1.0
60616263646566676869
AntiViral Toolkit Pro
- 61 -
Logical drive
A disk partition, containing a continuous block of disk sectors. A logical drive
consists of a boot sector, FAT sectors, the root directory and data areas. Sectors
in the data area are grouped into clusters. Logical drives are assigned letters (A:,
B:, C: etc.) Within a single logical drive logical sector addressing is possible.
Logical sector
see: Sector
Monitor (Monitor program, Blocker)
A memory resident utility that detects “suspicious” actions of user programs such
as the modification and renaming of executables (COM and EXE files), direct
writes to disk, attempts to format the disk and so on. Having detected a
“suspicious” function, the monitor program displays awarning or blocks
execution of the intercepted function.
Interrupt
A signal which makes the processor stop execution of the current program and
transfer control to an interrupt handler routine. The address of the interrupt
handler is determined using the interrupt vector table. An interrupt may be
initiated either by software or hardware.
Ghost (Ghost Viruses)
Viruses that take extra measures to avoid detection and analysis. They have no
signatures, i.e. they have no single constant fragment of code that can be used as
a means of identification. In most cases two instances of the same Ghost Virus
will have no bytes in common. This is achieved by encrypting the main virus
body and modifying the decryption code.
Fake Bad Cluster
Each cluster of a logical drive is marked in the FAT as free, occupied or bad. A
cluster is considered bad if it contains one or more bad sectors. Such a cluster is
not used by DOS. A fake bad cluster is a normal cluster (not containing bad
sectors) which is marked as bad in the FAT. It is possible to tell fake bad clusters
from genuine bad clusters by repeatedly reading the sectors included in the
cluster. If there are no errors during this process the cluster is fake. Some viruses
may mark good clusters as bad and then use them for their own purposes.
Resident (TSR – Terminate and Stay Resident)
Executable programs may be resident or non-resident. A resident program leaves