You might need a nerd if…
- Your antivirus software suddenly stops working or disappears
- Your computer locks up and doesn’t respond to any input even when you reboot
- You notice that settings on your computer are changing without your permission
- Your computer becomes gradually slower
A rootkit is a piece of software that runs at the same level as your operating system's administrator
Rootkit is a weird name. What does it mean?Let’s start by breaking the words down. ‘Root’ is a term that hearkens back to the early days of computing. The computer user who had administrator-level access was the “root” user. The administrator has the greatest level of control over how a computer operates, including its hardware. The term ‘kit’ simply refers to a toolkit of programs which can operate on your computer (in this case at that powerful administrator level). So, a rootkit is a piece of software which has the same access and control over a computer as an administrator-level user.
How are they different from other malware?The way a rootkit finds its way to your computer is similar to other kinds of malware. They’re typically installed when the user accidentally clicks on a malicious link, either in an email or on a website. However, this is where the similarity ends.
They’re unusually sneakyRootkits are unusually sneaky. Where a normal piece of malware sits inside your operating system and can easily be detected using anti-malware software, it’s not so easy with a rootkit. By hiding at the root/administrator level, they operate outside the standard scope of anti-malware software. Some varieties can even hide inside the firmware of your computer’s hardware and can survive a complete reinstall of your computer’s operating system. They’re therefore extremely difficult to detect and destroy. Think post-apocalyptic irradiated cockroaches and you’re getting close.
They’re extremely nastyThey’re also more powerful than other kinds of malware. Imagine the kind of damage a particularly malicious human could do if they sat down at your computer, logged in as the administrator and began to mess with its deepest settings. Nothing would be off-limits. Of course, this malicious person could delete files, alter software settings and generally disrupt your entire operating system. But it gets worse. They’d also have administrator-level access to how your hardware works. Your computer’s RAM, its hard drive, its processor; all these essential physical components would be within this horrible person’s grasp. This, in a nutshell, is exactly what a rootkit is. It’s a software version of a malicious human sitting at your computer, making things not work. If that sounds scary to you, you’re not alone! All but the most intrepid of nerds are likely to quake at the thought of a rootkit infection. Luckily, we at Nerds On Call aren’t just run-of-the-mill nerds. Contact us at 1-800-919-6373 or drop us a line using our contact form.
How do I know if I have one?If the above description wasn’t unsettling enough, the short answer is you might not be able to know if you have a rootkit infection, at least in the early stages. Because they exist outside your operating system, standard anti-malware software will not always be able to find it. Unfortunately, signs of a rootkit’s presence on your computer are usually some kind of catastrophic failure. If your computer locks up completely and does not respond to any input, this may be caused by a rootkit. If your computer’s hardware and peripherals cease to function entirely, again this could be the result of rootkit activity on your computer. However, there are a few early warning signs to look out for:
- If you notice that basic settings to your operating system are changing
- Your anti-malware software suddenly deactivates or becomes corrupted
- If your computer runs extremely slowly for no identifiable reason
What to do if you are worried your computer may have a rootkit infection (rootkit removal)You wouldn’t get involved in a land war in Asia. You wouldn’t go in against a Sicilian when death is on the line. Don’t make the third classic blunder of not taking a rootkit very, very seriously. (Extra points for any true kindred nerds who got that reference!)
Make sure your data is safeWith a situation as serious as rootkit infection, step one has to be damage control. It’s important to get a copy of your precious data backed up as soon as possible. There’s a very real chance your hard drive could be compromised extensively so grabbing a copy and separating it from your computer is an important first step.
Run all the usual anti-malware softwareWhile anti-malware is not going to detect and eradicate all rootkits, running a malware scan may reveal what is happening on your computer. This may be useful data for any expert tasked with dealing with a rootkit problem. Also, while no perfect solution exists, some anti-malware software packages are beginning to introduce scans designed specifically to combat rootkits. Malwarebytes, for example, has a beta (meaning it is a pre-release version for testing) anti-rootkit tool which shows promise.
Specialist rootkit removal softwareSpecialist rootkit detection and eradication software is also available. While we would love to give you a link to a package which will deal with all rootkits, unfortunately, it’s not that simple. The kind of software you’ll need depends on what kind of rootkit your system is infected by and identifying one rootkit from another is a difficult process in itself. If you’d like more information about rootkit removal software, your best bet is to call us on 1-800-919-6373.
When it comes to rootkits, the bottom line is that if you aren’t 100% sure of what you are doing, we recommend you get a professional to help. These things are not to be messed with. If you’d like our help, you can call us on 1-800-919-6373 or reach us through our quick and easy contact form. Knowledge is power! Looking for a general guide to malware and how to get rid of it? Then look no further. Our goal is to spread the nerd savvy far and wide.
Nerds Price List
Now you too can get the answer to our most frequently asked question, “How much do you charge?” Just enter your email address and we’ll send you our Nerds on Call Price Chart.
Questions nerds often hear about Rootkit Removal
What does ‘rootkit’ mean?
Basically, it’s a set of malicious software (a kit) which operates at the most basic level of your computer (the root). It can do a lot of damage, is very hard to detect and very hard to remove.
Will my anti-malware software protect me from a rootkit?
Unfortunately, rootkits operate at a level that your anti-malware can’t typically see or effect. It’s quite possible for a rootkit to be infecting your computer without any kind of warning signs from your anti-malware software. Most of the time, specialist software and a lot of know-how are needed to deal with them.