This is the general process I currently follow to clean up a spyware/virus infested computer.
Obviously this can be changed to suit your preferences/situation.
I welcome any suggestions for other free programs to add to the toolkit.
Note that some of these have commercial versions and some that don't have a place to donate, so if you find yourself using these on your own machines regularly, you might want to consider supporting the developers.
I will typically run each program several times until it either doesn't find anything, or until I find that it is finding something that it can't remove.
I will usually skip to HijackThis and SystemRescueCD if this happens and try to remove the deep infection before moving to the next scanner in the list.
I. Download all programs I. Install all programs I. Run AVG Anti-Rootkit I. Run AVG Anti-Spyware I. Run AVG Anti-Virus I. Run Spybot S&D I. Run Ad-Aware I. Run HijackThis I. Run SystemRescueCD I. Wash, Rinse, Repeat as necessary
I figure this is the proper place to start, since rootkits are very dangerous and can be used to load other nasty things.
Next we scan for spyware, tracking cookies, etc. and delete/quarantine everything found.
Note that you need to check the default selected action in the list for things as some spyware programs default to Ignore Once instead of delete/quarantine.
Now we run a full system virus scan.
Make sure to change the Complete Scan settings to scan All Files to be safe.
At this point the victim patient should be mostly or completely clean.
However, we can never be too sure as often one scanner will catch things another doesn't.
When setting up Spybot S&D, make sure to *enable teatimer* (and teach the user to use it properly) and *immunize the system*.
You need to re-immunize after updating Spybot S&D to protect against new threats.
These will help immensely in keeping the system from being re-infected.
One more scanner to make sure we really do have everything found.
If you are at this point, the computer is/was probably in bad shape.
HijackThis is a deep scanner that lists programs running on startup, browser plugins, etc.
It is a valuable tool for removing some deeply hooked spyware.
This is not to be used carelessly!
There are several forums where you can post your logs if you are unsure what is safe to remove.
SystemRescueCD is a Linux LiveCD that has a multitude of useful programs and boot images.
This CD is a core part of my IT toolkit.
Typically I use this for virus scanning the host if a virus scanner won't run in windows, manually deleting files that the windows programs can't, and for backing up and restoring data or partitions when needed.
Note that it is fairly easy to build a customized version of this CD or to make a DVD (simply follow the procedure for a custom CD but burn to a DVD instead - this gives you space for extra stuff like windows utilities or disk images).
There are also instructions for setting up a USB device (flash drive/hard disk) to boot SystemRescueCD (I have done this with my flash drive).
Just remember that the computer needs to be able to boot the disc/USB device.