tlw
Some low-level root-kit malware takes over the boot drive's boot sector and sometimes can survive a simple disk format, it can also infect any writable media, disk, stick etc. that is connected to the PC and lurk there waiting for a chance to re-infect everything.

 
Good advice!
 
I ran into this once helping a friend fix his PC.  I struggled with a particular nasty that kept coming back, and I threw everything known to man up against it.
 
What finally stopped it was using a Windows recovery boot disk and re-writing the MBR (Master Boot Record).  After that I was able to clean the malware off the hard drive. 
 
Did not need to re-install Windows, however that is always recommended.  Fix the problem, then back up your data and wipe the disk.  Re-install Windows fresh!
 
I think I finally used a combination of HitmanPro http://www.surfright.nl/en/hitmanpro and ComboFix to eliminate all of the malware fragments.  Disclaimer: ComboFix should only be used with the assistance of a malware removal expert, it can make changes to your system. 
 
FRST (Farbar Recovery Scan Tool) seems to be the most recommended current tool to gather logs for malware cleanup.
http://www.geekstogo.com/...ar-recovery-scan-tool/

fireberd
A "clean" install will be required.  That means reformatting the hard drive and then installing Windows (and all other software).
 
 

 You need to zero out the hard drive, that removes everything... formatting alone will not work if there is something hiding on the drive... the hidden file may be designed to hide from a format as well... you need to get the tools to zero the hard drive from the manufacturer of the drive... BUT  it's been some time, maybe any hard drive tools will work...   zero out the hard drive then a full format...

Dave000

fireberd
A "clean" install will be required.  That means reformatting the hard drive and then installing Windows (and all other software).
 
 

 You need to zero out the hard drive, that removes everything... formatting alone will not work if there is something hiding on the drive... the hidden file may be designed to hide from a format as well... you need to get the tools to zero the hard drive from the manufacturer of the drive... BUT  it's been some time, maybe any hard drive tools will work...   zero out the hard drive then a full format...

A couple passes of Darik's Boot & Nuke should be sufficient :-)
http://www.dban.org/
 
Simple. Download, burn the .iso to a cd, and boot from it.  Just follow the prompts to zero the drive ...

For the work it is, and the price of hard drives, I just pull it and buy a new one. 

For the work it is, and the price of hard drives, I just pull it and buy a new one. 
 
Excellent point and one I would definitely agree with!
 
A company I do some work with got hit by the Ransom ware scam - their virus software did not update quickly enough and it missed the "vary" latest version of the virus - needless to say they have now changed virus software provider!! luckily they were properly backed up but it was still a major mission for them - took their software guys quite a few goes to get rid of the virus once and for all - I think on reflection, whilst it may have been more expensive initially to have just gone and replaced the server hard drives, bet it would have been cheaper in the long run when you consider the time they spent trying to stamp out the virus once and for all.
Nigel
 
 
 

Bajan Blue
For the work it is, and the price of hard drives, I just pull it and buy a new one. 
 
Excellent point and one I would definitely agree with!
 
A company I do some work with got hit by the Ransom ware scam - their virus software did not update quickly enough and it missed the "vary" latest version of the virus - needless to say they have now changed virus software provider!! luckily they were properly backed up but it was still a major mission for them - took their software guys quite a few goes to get rid of the virus once and for all - I think on reflection, whilst it may have been more expensive initially to have just gone and replaced the server hard drives, bet it would have been cheaper in the long run when you consider the time they spent trying to stamp out the virus once and for all.
Nigel
 

Throwing away your drives is unnecessary.  It is like burning down your house to kill a few spiders, LOL!!!
 
Even if you plan to replace, while it is your choice, you still need to zero them to wipe personal data.  Or else physically destroy them.
 
A wipe (not a format or re-partition) is all that is needed.  It writes zeros or random data over every sector of the drive including the boot sector, MBR, etc.  It's good enough for the DOD.  It clears EVERYTHING.
 
Most large corporate IT teams use the wipe and re-image method to clean virus.  Saves them time & money.

Some PCs come with a recovery partition that allows you to restore it to "factory default condition".  Many users don't even know they have it.
 
Go into Windows Explorer (Hit the Windows and "E" key simultaneously).  Do you see a drive with the word "Recovery" in it?

JonD
Some PCs come with a recovery partition that allows you to restore it to "factory default condition".  Many users don't even know they have it.
 
Go into Windows Explorer (Hit the Windows and "E" key simultaneously).  Do you see a drive with the word "Recovery" in it?

If you don't already have a recovery partition or use a disk backup program such as Acronis or Macrium (free) to create image backups, you can always use the built in tools in Windows 7/8.1/10 to take a drive image to a 2nd hard drive or an external USB drive.  http://www.howtogeek.com/...em-image-in-windows-7/
 
The cool thing about the Windows system image backup file, is that it can also be mounted in Windows as a Virtual Hard Drive(VHD) that you can mount with a drive letter, then browse and copy files from just like any other mounted drive. Without any 3rd party software needed.  Disk Management > Action > Attach VHD and browse to the backup image file.
 
That VHD comes in handy if you decide to "clean install" Windows and you forgot to copy some files before doing so, or due to corruption, were unable to.  It is also a great archive for your old build.  For example, when you replaced your mobo (and are not running Windows 10) and want to look at some old config file buried in there somewhere :-)

It is my fervent hope to someday run into someone who is an author of one of these ransom viruses, so that I can later explain to the judge WHY I did so many things to to the body.....
 
There used to be a fairly sizable PC component store in the Chicago area, and they manufactured and sold their own 3.5" pre-formatted floppy discs, until one day, when thousands of people suddenly got infected PC's, and it was traced back to the fact that someone that worked there had deliberately infected the process so that every disc they sold was infected.  THAT was quite the nightmare.  That company is no longer in business, by the way.
 
I agree on the wipe and reload approach.

An ounce of prevention ... this stops the stuff designed to get past your primary antivirus/anti-malware protection.
 
Stop those nasty drive-by ransomware attacks!!!
 
https://www.malwarebytes.com/antiexploit/
The premium trial reverts to the "Free" version after 14 days, and still protects your browsers from web based exploits!!!  I have seen zero performance impact while running this on my PC.  Very light footprint.

Malwarebytes Anti-Exploit (Free)

Benefits

Instant exploit protection - Provides four layers of protection that work together to block exploits instantly. This happens in both in the first stage of the attack, preventing shell code execution, and the second stage, memory calls and sandbox escapes, and memory mitigation bypasses.

Doesn't slow computer - Doesn't require frequent updates because it doesn't use a signature database like traditional antivirus solutions. And it only takes up 3 MBs on your hard drive—the size of one high-resolution photo.

Protects vulnerable programs - Secures programs associated with older operating systems like Microsoft Windows XP that are no longer patched and protected by their makers. So you can keep the operating system you like without being exposed.

Works with other security solutions - Operates at a different level from and independently of anti-malware and antivirus programs, so you can install it without worrying about conflicting with other security solutions.