Rootkit Removal, Why It’s Needed
Rootkits are a particularly nasty piece of malware which operate at the administrator level of a computer or network of computers. Owing to their privileged level of access to your computer’s software and hardware, they can cause some serious damage.
If your computer is completely frozen or if it experiences constant mysterious crashes you can’t fix, you may be dealing with a rootkit infection. stick around and we’ll describe what they are, how they differ from other malware and what to do if you’re worried your computer may be infected.
There’s also the nerdish shortcut! If you want a black belt in nerd-fu to check your system for rootkit infection, you can contact us on 1-800-919-6373 or reach us through our contact form.
Rootkit is a weird name. What does it mean?
Let’s start by breaking the words down. ‘Root’ is a term that hearkens back to the early days of computing. The computer user who had administrator-level access was the “root” user. The administrator has the greatest level of control over how a computer operates, including its hardware.
The term ‘kit’ simply refers to a toolkit of programs which can operate on your computer (in this case at that powerful administrator level).
So, a rootkit is a piece of software which has the same access and control over a computer as an administrator-level user.
How are they different from other malware?
The way a rootkit finds its way to your computer is similar to other kinds of malware. They’re typically installed when the user accidentally clicks on a malicious link, either in an email or on a website. However, this is where the similarity ends.
They’re unusually sneaky
Rootkits are unusually sneaky. Where a normal piece of malware sits inside your operating system and can easily be detected using anti-malware software, it’s not so easy with a rootkit. By hiding at the root/administrator level, they operate outside the standard scope of anti-malware software. Some varieties can even hide inside the firmware of your computer’s hardware and can survive a complete reinstall of your computer’s operating system.
They’re therefore extremely difficult to detect and destroy. Think post-apocalyptic irradiated cockroaches and you’re getting close.
They’re extremely nasty
They’re also more powerful than other kinds of malware. Imagine the kind of damage a particularly malicious human could do if they sat down at your computer, logged in as the administrator and began to mess with its deepest settings. Nothing would be off-limits. Of course, this malicious person could delete files, alter software settings and generally disrupt your entire operating system.
But it gets worse. They’d also have administrator-level access to how your hardware works. Your computer’s RAM, its hard drive, its processor; all these essential physical components would be within this horrible person’s grasp. This, in a nutshell, is exactly what a rootkit is. It’s a software version of a malicious human sitting at your computer, making things not work.
If that sounds scary to you, you’re not alone! All but the most intrepid of nerds are likely to quake at the thought of a rootkit infection. Luckily, we at Nerds On Call aren’t just run-of-the-mill nerds. Contact us at 1-800-919-6373 or drop us a line using our contact form.
How do I know if I have one?
If the above description wasn’t unsettling enough, the short answer is you might not be able to know if you have a rootkit infection, at least in the early stages. Because they exist outside your operating system, standard anti-malware software will not always be able to find it.
Unfortunately, signs of a rootkit’s presence on your computer are usually some kind of catastrophic failure. If your computer locks up completely and does not respond to any input, this may be caused by a rootkit. If your computer’s hardware and peripherals cease to function entirely, again this could be the result of rootkit activity on your computer.
However, there are a few early warning signs to look out for:
- If you notice that basic settings to your operating system are changing
- Your anti-malware software suddenly deactivates or becomes corrupted
- If your computer runs extremely slowly for no identifiable reason
Any of these red flags may indicate the presence of a rootkit on your computer.
What to do if you are worried your computer may have a rootkit infection (rootkit removal)
You wouldn’t get involved in a land war in Asia. You wouldn’t go in against a Sicilian when death is on the line. Don’t make the third classic blunder of not taking a rootkit very, very seriously. (Extra points for any true kindred nerds who got that reference!)
Make sure your data is safe
With a situation as serious as rootkit infection, step one has to be damage control. It’s important to get a copy of your precious data backed up as soon as possible. There’s a very real chance your hard drive could be compromised extensively so grabbing a copy and separating it from your computer is an important first step.
Run all the usual anti-malware software
While anti-malware is not going to detect and eradicate all rootkits, running a malware scan may reveal what is happening on your computer. This may be useful data for any expert tasked with dealing with a rootkit problem.
Also, while no perfect solution exists, some anti-malware software packages are beginning to introduce scans designed specifically to combat rootkits. Malwarebytes, for example, has a beta (meaning it is a pre-release version for testing) anti-rootkit tool which shows promise.
Specialist rootkit removal software
Specialist rootkit detection and eradication software is also available. While we would love to give you a link to a package which will deal with all rootkits, unfortunately, it’s not that simple. The kind of software you’ll need depends on what kind of rootkit your system is infected by and identifying one rootkit from another is a difficult process in itself. If you’d like more information about rootkit removal software, your best bet is to call us on 1-800-919-6373.
When it comes to rootkits, the bottom line is that if you aren’t 100% sure of what you are doing, we recommend you get a professional to help. These things are not to be messed with. If you’d like our help, you can call us on 1-800-919-6373 or reach us through our quick and easy contact form.
Knowledge is power! Looking for a general guide to malware and how to get rid of it? Then look no further. Our goal is to spread the nerd savvy far and wide.