Sign in with
Sign up | Sign in
Your question

Root kit removal from HHD/SSD

Tags:
  • Desktops
  • Hard Drives
  • Storage
  • Browsers
  • SSD
  • Root
Last response: in Storage
Share
October 7, 2014 8:39:14 PM

I have a root kit on my desktop that redirects my browser to trovi.com. I've researched it extensively and tried every known solution to remove it, up to and including reformatting both my HDD and SSD. It persisted. I'm going to zero my HDD soon in hopes of eradicating it, but I'm afraid that it will remain because it's rooted into my OS which is only on my SSD. Does anyone have experience with this or any other persistent rootkits? Any suggestions or guidance at this point would be greatly appreciated.

More about : root kit removal hhd ssd

a b G Storage
October 7, 2014 9:14:17 PM

So you have completely reformatted the HDD and SSD and then reinstalled Windows and it is still there?

m
0
l
Related resources
October 7, 2014 10:46:03 PM

Yes, I have completely reformatted both drives, then reinstalled Windows from a disk, and it's still there. I've used every free anti virus program I can find, and nothing has worked yet
m
0
l
a b G Storage
October 7, 2014 10:47:33 PM

And did you run tdsskiller its for rootkits
m
0
l
a b G Storage
October 8, 2014 6:46:59 AM

Do you have any other computers on your network, wired or wireless? Even a phone/ipod/ipad anything like that.
m
0
l
October 8, 2014 9:22:26 AM

Yes, I've run tdss killer, it didn't work. Yes, there are two phones and a laptop on my network
m
0
l
a b G Storage
October 8, 2014 10:28:42 AM

You need to remove ALL internet connections from the computer and try again with the reformat and reinstall. DO NOT connect ANY type of internet to the machine at all and see if the rootkit is still there. If it is NOT there this time, we have BIG problems on our hands.
m
0
l
a b G Storage
October 8, 2014 11:50:19 AM

*
m
0
l
a b G Storage
October 8, 2014 11:51:20 AM

Well most places say its a browser hijacker, which can act like a rootkit. It doesnt mean it is one
m
0
l
a b G Storage
October 8, 2014 12:13:54 PM

Try a new HDD. It might be time to smack the HDD/SSd with a hammer and start fresh.
m
0
l
October 8, 2014 2:42:26 PM

My biggest question is if the problem is in my SSD. If I zero my hard drive, it should be ok, but I'm not entirely sure how to fully wipe a solid state drive since its digital. Even if I get a completely new hard drive, will I need a new SSD as well?
m
0
l
a b G Storage
October 8, 2014 2:45:55 PM

If the OS was installed on the SSD, that MUST be replaced as well.

None of the other devices on the network have this issue?
m
0
l
October 8, 2014 3:01:23 PM

No, nothing else had been effected. I haven't turned my desktop on since the wipe/reload of Windows. Just got a bit of advice from a micro center chat about flashing the BIOS, which I'll explore tonight. Hopefully I won't have to replace the mobo, hdd and ssd, which is what it's looking like right now.
m
0
l
a b G Storage
October 8, 2014 4:27:49 PM

Flashing the BIOS wont fix this prob
m
0
l
October 8, 2014 4:31:16 PM

Why not?
m
0
l
a b G Storage
October 8, 2014 4:32:29 PM

Agreed. Flashing the BIOS will do nothing. It does not reformat or change anything. The rootkit cannot be "stored" on the motherboard.
m
0
l
a b G Storage
October 8, 2014 4:41:06 PM

You didnt get anything from cnet did you??

Because this site will give you ad-infested downloads, if youre not careful. inc programs that install rubbish that redirect you to trovi.com

And it looks like people using Chrome had the same prob. This thing is like a malware magnet !

If youre going to cnet.com. download.com or filehippo for files, AVOID all of them. They'll give you downloads with malware in the installers

So if you installed Chrome after reformatting , I wouldnt be surprised if thats where it came from

m
0
l
October 8, 2014 5:04:36 PM

I installed chrome after reformatting, but I got it directly from the Google website. The root kit came from a family member stupidly downloading some movie player, I'm not sure where from. The point is that I'll try anything to fix it. So if flashing the BIOS, then reformatting again is with a shot, I'll take it.
m
0
l
a b G Storage
October 8, 2014 5:06:28 PM

It won't do anything. I would try to zero the HDD and then install windows to the HDD and forget the SSD for now. If that works. throw the SSD away and LABEL IT AS VIRUS CONTAINING and buy a new SSD.
m
0
l
a b G Storage
October 8, 2014 5:17:59 PM

I still doubt thats its a rootkit. Its probably some malware/adware you installed from somewhere. Or from some drive by site
m
0
l
October 8, 2014 6:25:41 PM

Paul, regardless of what it is, it's survived a full reformatting, plus every free anti virus tool available. I just want it gone
m
0
l
a b G Storage
October 8, 2014 6:27:22 PM

Like I said I doubt it
m
0
l
October 8, 2014 6:39:56 PM

.......you're not helping. The point isn't what it is, it's how to get rid of it. What can survive a zeroing out? If it does, that's out question. If not, it doesn't matter
m
0
l
a b G Storage
October 8, 2014 7:31:46 PM

If it survives zeroing out then we need to look at your network as another one of your devices could have a bock door installed by this thing.
m
0
l
!