December 29, 2015

Rootkit Infections

rootkit-623x409

Everyone who uses computers has heard of and understands the word VIRUS, also a growing number now know the term MALWARE… But what about ROOTKITS?

We first started to see these in Windows computers almost a decade ago, but when we say the term to our customers we quite often get a blank look, or a look that might say “yeah your making that up”.

What is a Rootkit?

The term comes from old legacy access to UNIX computer systems, where the absolute top level of system security was called the “root” and once you had access to the root you had 100% full control of everything on that computer system.

The “kit” is just that, these Rootkit’s are bundles into “kits” with other pieces of software (in this case Virus, Malware, Ransomeware etc).

What does a Rootkit do?

They allow infections on your system to hide in plain sight, making it very hard and sometimes impossible for your security software to identify them. Even though you can see the warnings, the pop ups the fake web pages and strange behaviour, every scan you do says everything is fine!

Even if your computer finds the virus and reports it as cleaned, it doesn’t mean a thing. In a few minutes, hours or days, it will return. This is because the ROOTKIT is still running and reinstalling the virus after reboot or after a curtain amount of time.

What can I do about it?

All is not lost, there are techniques to remove a majority of them, the hard part is identifying which one you have! Because they, by definition, hide and it can be hard to pinpoint the type of Rootkit infection.

The safest way to remove them will always be a complete re-install of your operating system, taking everything back to factory defaults. This is the fastest way too, only taking a few hours if no data backup and restore is needed:

For a factory reset we charge £30, this includes everything re-installed to its factory condition, All current windows updates installed, any supplied software to be installed and on top of this full security and office software installed. This process will normally take only 24 hours.

Should a data backup be required, we charge an extra £10 to backup your data, scan it for any infections and then copy your data back across.

If you can’t have a reinstall due to irreplaceable software on your systems, we can remove your Rootkit. This can be quite a time consuming process (sometimes as long as 3-5 days), but it can be done.