For future reference, for the intellectual embetterment of others and for troubled souls searching for answers I commit this to digital bits.
I did a friend a favour the other day and helped him install some software on a phone using a SD card. Unfortunately his SD card had a virus on it (my first since, ooh, about 1993 I think) that my AV software didn't know about.
I first started noticing that things were a bit sluggish although this was Windows so ... then I did what actually turned out to be the dumb thing and rebooted.
At this point I started noticing that I was getting pop ups for WinSysProtect or similar. "Hmm," I thought. Then I started getting Error 216 dialogs everywhere. I disconnected the machine from the network immediately and went searching for answers using a handy Mac.
It appeared I had picked up a trojan called Vundo which seemed to be fairly well known. Most sites on the matter recommended a piece of software called VundoFix which I transferred using a USB key (which I promptly burnt, encased in molten glass and then dumped in a cave somewhere at sea) and sure enough it found the infected files.
The only problem was that this variant of Vundo had attached itself to the winlogon process which meant I couldn't delete it since it was "In Use". Unfortunately winlogon is practically the first thing to start up and therefore booting into SafeMode or similar doesn't help.
At this point I was facing either reformatting or risking using a Knoppix Live cd with Captive NTFS or NTFS-3G both of which made me nervous.
However I found a bit of software called Avenger which allows you to write a small script and then reboot. The script is then executed before winlogon.
This worked a treat and a subsequent thorough scan with every bit AV and Anti-Malware software I could lay my hands on indicated I was now squeaky clean.
So, if you end up in the same situation then I can recommend the above.