Brochure
U S E R G U I D E
76
D A T A B A S E S
These databases contain information on the computer security threats known to Kaspersky Lab by the time of database
release. Records that are contained in databases allow detecting malicious code in scanned objects. The databases are
created by Kaspersky Lab specialists and updated hourly.
D I G I T A L S I G N A T U R E
An encrypted block of data embedded in a document or application. A digital signature is used to identify the document
or application author. To create a digital signature, the document or application author must have a digital certificate
proving the author's identity.
A digital signature lets you verify the data source and data integrity and protect yourself against counterfeits.
D I S K B O O T S E C T O R
A boot sector is a particular area on a computer's hard drive, floppy, or other data storage device. It contains information
on the disk's file system and a boot loader program that is responsible for starting the operating system.
There exist a number of viruses that infect boot sectors, which are thus called boot viruses. The Kaspersky Lab
application allows scanning of boot sectors for viruses and disinfecting them if an infection is found.
F
F A L S E A L A R M
A situation when a Kaspersky Lab application considers a non-infected object to be infected because its code is similar
to that of a virus.
F I L E M A S K
Representation of a file name using wildcards. The standard wildcards used in file masks are * and ?, where * represents
any number of any characters and ? stands for any single character.
H
H E U R I S T I C A N A L Y Z E R
A technology for detecting threats information about which has not yet been added to Kaspersky Lab databases. The
heuristic analyzer detects objects which activities in the system can pose security threat. Objects detected by the
heuristic analyzer are considered probably infected. For example, an object may be considered probably infected if it
contains sequences of commands that are typical of malicious objects (open file, write to file).
I
I C H E C K E R T E C H N O L O G Y
A technology that allows increasing the speed of anti-virus scanning by excluding objects that have remained unchanged
since their last scan, provided that the scan parameters (the databases and the settings) have not been altered. The
information for each file is stored in a special database. This technology is used in both real-time protection and on-
demand scan modes.
For example, you have an archive file that was scanned by a Kaspersky Lab application and assigned not infected
status. The next time the application will skip this archive unless it has been altered or the scan settings have been
changed. If you have changed the archive content by adding a new object to it, modified the scan settings, or updated
the application databases, the archive will be re-scanned.
Limitations of iChecker technology:
this technology does not work with large files, since it is faster to scan a file than check whether it was modified
since it was last scanned;
the technology supports a limited number of formats.