[jr2]

Just in case it helps anyone (copied from my previous post):

A good few programs to use:

First, if you can't load anything (all programs besides IE being blocked as "infected"):
-boot to safe mode (tap F8 as soon as the computer powers on until you get a menu)

Use SAS Portable (it will be named .com or you can try .scr so it's not an "executable")

SUPERAnti-Spyware portable

Then, use these:

MalwareByte's Anti-Malware
Spybot Search & Destroy

These programs below you have to be careful with as they can detect stuff that isn't viruses, (they detect rootkits that the others can't see while the rootkit is still active in the system, like a rootkit I found infecting the atapi.sys file that was re-directing search results) you have to use your head if it's a virus or not:

GMER
IceSword
DarkSpy
 -- (mirror as v1.0.5 link is broken)

After it's cleaned up, I use AVG Free Edition as my active protection, with periodic scans from MBAM & Spybot S&D

[Nuke]

i normally just format if i get a virus that does anything majorly inconvenient. finding a virus in files usually means it hasn't been activated yet and is fairly easy to remove. but if one takes hold, i just reinstall everything. there are very few real viruses anyway.

[jr2]

Yeah.. that can however be a pain if you've customized your settings and installed quite a few apps you use all the time after install and haven't imaged it. 

Nuke & pave (no pun intended, Nuke) is the easiest and most sure malware removal route, true.

[Nuke]

im a minimalist, so i tend to use as little software as possible.

[JGZinv]

Eset's online scanner I've found to find quite a bit more than installed scanners
due to the nature of bugs to hide during searches lately.

[jr2]

Yeah they do that... somehow they set up a filter where the virus scanner requests the file for scanning and the virus gives it a clean version that passes detection.  That atapi.sys passed quite a few online scans + MBAM & SpybotSD, but GMER noted a "suspicious modification of atapi.sys" somehow (I guess it bypasses normal means of scanning the file.)  I renamed atapi.sys to atapi.bak in the recovery console, replaced with clean versions (one for system32\drivers\ and one for \system32\dllcache) and when re-booted, the virus scanners and anti-malware pretty much all picked up the atapi.bak as an infected file.