From what I understand, antiviruses hook to a file, accesses it and scan the files, and if necessary, make the file inaccessible to protect the system. Is this done via API hooking or some other methodology?
Free Guide: Managing storage for virtual environments
Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!