Removing a Fake-antivirus / Spyware

So this Saturday I noticed that my Eee PC Acer Netbook-laptop (running windows-XP) got infected by one of those nasty Fake-Antiviruses. Having worked for over a year @ the Loughborough UNI PC-Clinic, I knew straight away what to do, but this one was a nasty one and it did take me over 6 hours to clean and repair my system. Having a complicated programming environment set-up on my laptop I really didn't feel like re-installing everything, and I decided to identify and eliminate the virus carefully. I briefly share my experience here since it could help some other poor soul with the same problem.

1. ...as soon as you notice the annoying pop-ups and fake/suspiciously-looking security centre warnings, restart your system and boot it up into "Safe-Mode with Networking". On most laptops you need to press/hold F8 to get the screen from which to choose Safe-Mode...
2. ...the problem usually is, that the spyware will de-associate .exe files and you wont be able to start any programs, such as command line, reg-edit or even a browser (browsers start-up page and proxy-settings are also changed, so be careful to fix your browser settings). If you are lucky safe-mode will prevent the spyware running, but in my case safe-mode didnt help. But there's a surprisingly simple trick: If you have numerous accounts on your XP system and you usually use only one of them select the one that you use rarely or never (quite often this is the administrator account), and if you are lucky it turns out that the anti-virus will not have infected that user-account!
3. ...I was lucky that my Admin-user account wasn't infected and from there I was able to manually look for the process in windows task manager and search my system for such files and delete them manually [be careful not to delete system files - also most likely you will have to enable the viewing of system files under win-xp].
4. ...in safe-mode I was also able to run the following tools: Malwarebytes, SpyBot Search & Destroy and SUPERAntySpyware. The reason for running "Safe-Mode with Networking" is you can connect to the internet to update to the latest anti-spyware/virus definition files. If a connection to internet cannot be established make sure to install the latest versions and for SpyBot Search & Destroy you can install the latest definition files separately, which is very handy. Run all the tools in sequence (rebooting - back into safe-mode [this is important!!]) Each software found different elements of the spyware and were able to remove most of it. This will take a lot of time, each scan can take much more than an hour (I tend to set the process priority for the scan to "Real Time" as the OS scheduler this way allocates more CPU time to the process & the scan will run quicker). 
5. ...once I was relatively sure the system was clean, I run the fullest possible scan with SUPERAntySpyware again, this detected a few more issues and only when I was pretty sure the system could be clean I then booted up normal win-xp.

You might be done now! - but in my case my exe file associations were still broken (the fake-anti-virus devastation it left behind). In order to fix-this you can manually edit the registry, download registry entries to merge with your registry or simply run a tool for XP which is what I've done this time and worked like a treat.

I recommend you also do your own research, I found many useful articles online, such as this one, and depending on the version of spyware/anti-virus you might need to take a slightly different approach. Good luck!