Wow, heaps of advice! Lots to get through too.
Obviously my intention is to get the machine clean, without having to reinstall the OS. My fear is busting the OS in the middle of trying one of the repairs.
I'm going to try the advised steps in the following sequence:
Essexboy's advice:
1. gmer's mbr.exe
2. avz, but I'll just create a report file first.
3. sophos rootkit tool - see what it detects first.
based on the outcome of 2 and 3, I'll choose which to use - and I'll do some research on them both first too.
4. Then I'll run avz or sophos in repair mode, depending on which looks most likely to work. If it doesn't work I'll try the other one
5. If neither of them work, I'll go to the rescue cd's.
Anything about that plan seem stupid to anyone?