Alexander's Blog

Sharing knowledge with the global IT community since November 1, 2004

What Is A Rootkit Virus? Review

Rootkits often intercept standard operating system requests (APIs). If an antivirus scanner asks the OS for a list of running programs, the rootkit intercepts the answer and removes its own malicious files from the list before the antivirus sees it.

These replace or infect the computer's Master Boot Record (MBR) or Volume Boot Record (VBR). They activate before the operating system even loads. What Is a Rootkit Virus?

Rootkits operate at different layers of a computer's architecture. The deeper they reside, the harder they are to find. the harder they are to find.