Dennis Foote - Systems Engineer
A client this week had a virus that kept rebuilding itself. I found through trial and error in my past that the bad ones should be dealt with by removing the hard drive from the notebook. I removed the drive and then proceeded to hook it up to my IDE/SATA reader to run a scan with Symantec Antivirus and Malwarebytes. Once the drive was fully scanned, I placed the hard drive back into the notebook where it came from and then started it back up without giving it a chance to boot normally.
I still wanted to make sure all was okay with the drive and the virus would not rebuild itself. So when starting the notebook, I made sure to get it into safe mode right away so I could run Combo fix to see if the notebook was in fact cleaned of any and all malicious software. I suggest you run Combo fix more than once. It may tell you it deleted something but once the notebook is back up and running, the root kill that was thought to be deleted can reinsert itself back into your windows and cause you to end up back in the same place.
I suggest that you run all your malware and antivirus software multiple times before calling your hard drive clean of all and every virus and malware.