Everyone who uses computers has heard of and understands the word VIRUS, also a growing number now know the term MALWARE… But what about ROOTKITS?
We first started to see these in Windows computers almost a decade ago, but when we say the term to our customers we quite often get a blank look, or a look that might say “yeah your making that up”.
What is a Rootkit?
The term comes from old legacy access to UNIX computer systems, where the absolute top level of system security was called the “root” and once you had access to the root you had 100% full control of everything on that computer system.
The “kit” is just that, these Rootkit’s are bundles into “kits” with other pieces of software (in this case Virus, Malware, Ransomeware etc).
What does a Rootkit do?
They allow infections on your system to hide in plain sight, making it very hard and sometimes impossible for your security software to identify them. Even though you can see the warnings, the pop ups the fake web pages and strange behaviour, every scan you do says everything is fine!
Even if your computer finds the virus and reports it as cleaned, it doesn’t mean a thing. In a few minutes, hours or days, it will return. This is because the ROOTKIT is still running and reinstalling the virus after reboot or after a curtain amount of time.
What can I do about it?
All is not lost, there are techniques to remove a majority of them, the hard part is identifying which one you have! Because they, by definition, hide and it can be hard to pinpoint the type of Rootkit infection.
The safest way to remove them will always be a complete re-install of your operating system, taking everything back to factory defaults. This is the fastest way too, only taking a few hours if no data backup and restore is needed: