CompTIA Security+ Question L-70

A computer is found to be infected with malware and a technician re-installs the operating system. The computer remains infected with malware. This is an example of:

A. a rootkit.
B. a MBR infection.
C. an exploit kit.
D. Spyware.

Answer: B

Explanation:
An MBR infection is malware that is installed into the Master Boot Record (MBR) of a hard disk. Reinstalling the operating system does not remove the malware from the MBR. A ‘Bootkit’ is a rootkit that infects the Master Boot Record. Bootkits are an advanced form of rootkits that take the basic functionality of a rootkit and extend it with the ability to infect the master boot record (MBR) or volume boot record (VBR) so that the bootkit remains active even after a system reboot. Bootkits are designed to not only load from the master boot record but also remain active in the system memory from protected mode through the launch of the operating system and during the computer’s active state.