Hey there jpmartin.
I spent a lot of time last winter detecting and removing viruses from computers. These viruses I came to learn later on were mostly variants of the malware that came to be accorded the conficker tag(s), and not really rightly so, but mainly through Microsoft desperately needing to operationalise a defence plan for its software range, particularly for Internet Explorer. Microsoft needed an all-encompassing criterion for malware in general, and over time conficker type effects of various sorts provided as useful sounding board for the many viral like infections that have customarily been identified as malware. This included categories identified as not conficker (example Gumblar can be categorised by what it is not, Conficker). Microsoft was not alone in setting a criterion against which type effects could be measured, and must bear in mind that they were mostly applauded for their effort. We are now in a position where we are far more knowing and practiced about malware, but the situations that we face with viral type infections are still difficult to deal with. And they are even more difficult to put into writing (as opposed to being there with all sensory abilities at work). There are no sure-fire situations, and no sure-fire solutions, until after a job has been satisfactorily completed, when it becomes easy to say that it was this, that, or the other, or whatever.
What I have generally settled on, and mostly as a result of work last winter, is to make sure things are always as much as possible in my favor and against the virus. I don't mess with my system and that includes Window Registry, which I regard as being balanced in my favor (despite whatever shortcomings it may have - let's say, for example, its reliance on .dll dependencies). I try as much as possible not to have programs running, because viral infections(=malicious code) feed off programs running. You may notice if you let a computer sit for a while (say, a few days), then return and switch on, the system runs okay, then progressively gets worse, until locks up. I try to set up for good runs at the malware - prepare in Safe Mode, load up my attack, then try to hit hard and fast, try to catch malware unawares with clean sweep. Much can be achieved this way, even by 'accidental' catches, luck on your side. So take the ground when you gain it, and always keep virus on back foot, securing your achievements, don't wilfully run programs that aren't anti-malware tools, keep at the job. Let computer sit again, then back with whammy hard and fast, gain more ground. I know this all sounds a bit dramatic, but because I have to put it in writing, I make it more like a battleground (and really, as far as I'm concerned, there is no computer game as exciting as fighting it out tooth and nail with a virus, and winning).
I have to put it in writing, unfortunatly, so it cannot be perfect as being there doing it, so I can make errors also how I might put it. Can't be helped. What you will find, however, is that you will pick up yourself what to do, through your own good sense. And that also can't be helped. You will start to pick up a good practice, that no matter all the words I use, I cannot do for you. That is why I always come back to the clean the slate again (uninstall / re-install in Safe Mode - secure ground gained), prepare next step (set up the next whammy - again in Safe Mode if need be), hit hard and fast with boot-time scan (before programs start running), and then secure ground gained once again (don't wilfully run programs). But should most of the time gain real good ground with first good run at the malware.
I also think that a first run with MBAM (in Safe Mode if want), then remove any infections found, can be a good start point before bringing in your avast AV, which really should always be relied upon to do the heavy work. Last winter, before November reworking by Microsoft, I was doing all my detection and removal using only avast AV - granted that by November difficulties were probably rising (with USBs anyway - reformat was no longer adequate defence). But now it is necessary to have a layered, more arrayed, defence plan.
Also. I go to Registry to remove all leftover remnants of programs that I have uninstalled. I have a routine that I use, which people who know the Registry will also know. But I say this with some reserve, I have not said it in the forum before, and I would not recommend to anyone at all, and then if only necessary. The Registry is a no-go zone. I have time in years under my belt with Registry allows me to go there.
And finally. When you get the better of your infection and clean up your system to your satisfaction, then set up your layered defence plan for reason that one ounce of prevention is worth a pound of cure.
Regards, and sorry for being so long winded, but I would really like to see people get the better of the infections that can plague their computers.