I disagree with all of the above.
Download and run THIS
Looks like it's gone now. Scans from MS, Malwarebytes, and TDSSKiller have come up clean. Antivirus updates are now unimpeded.
The TDSSKiller and ComboFix scans actually found the rootkit.
My concern is the user recontacting something... I've gone with the massive hosts blacklist file provided by MS to keep the machine a little safer.
And yes, it would have been easier to reload XP, but I've learned some new tricks along the way. Thanks to all the commenters for your help.