I remove viruses and malware from between 20-50 computers a year, on average.
 
What I find to be the quickest method is to physically remove the hard drive(s) from the infected machine, then load each drive, one at a time, to another computer that is clean and running good antivirus software.  Boot up that computer, and it will see the 'boot drive' from the other computer only as a data drive on this computer, which makes it MUCH faster and MUCH easier to scrub, since nothing from that drive boots up into memory and all that.
 
If a 2nd clean computer is available, I suggest the above approach to scrubbing an infected drive from a different computer.  I do this technique all the time.
 
You will also want to run something like MalwarBytes too.  And, my antivirus software of choice is Avast.
 
Bob Bone
 

robert_e_bone
What I find to be the quickest method is to physically remove the hard drive(s) from the infected machine, then load each drive, one at a time, to another computer that is clean and running good antivirus software.

+1 that's usually what I do too.  There are a number of very good unix low level disk drives tools which can help clean up (or rebuild) the boot sector (MBR, volume boot record etc.)  If you really want a 'start over' solution, then DBAN is probably the way to go.

This bit one of my customers a couple years ago. They sent me what they thought was a corrupted MS Access database. Restoring corrupt Access databases is one of my specialties, and I've had a 99.9% success rate, so I assured them I could fix it and recover the data. That turned out not to be the case, as the malware (CryptoLocker) had encrypted the file and was demanding $500 for the decryption key. 
 
Fortunately, they had a fairly recent backup, but it took a couple of weeks of data entry to bring it up to date. Needless to say, they do backups more frequently now!
 
Backups are the best insurance against this sort of thing. Even if your computer isn't on the internet, even if it's only connected to an internal LAN, this kind of malware can still get you if ANY workstation on your local network has internet access. After doing its thing on the infected computer, the virus then searches out additional files on the LAN.
 
Taking a DAW completely off all networks isn't practical, as it makes backups and software authorization difficult. You can, however, reduce your vulnerability by disabling the network most of the time and turning it on only when you need it.  This has the added benefit of reducing overhead and making more CPU cycles available to the DAW.

How would just physically removing his hard drives and tossing them, then putting new drives in, formatting and re-installing software be?  Would that work?  That would seem to be his cheapest option now.
 

Jeff Evans
Keep your DAW computer off the net

+1
For me, it's worth the extra hassle to keep my DAW computer free of all that garbage.

My DAW has been on the 'net for 7 years. I must be either lucky, or very careful.

Now that I can afford to, I keep my DAW offline 99% of the time - unless I want to transfer a mixdown to my laptop via AirDrop or need to download/authorize something. 
 
But no e-mail, no browsing internet, no FB. 
 
I've been lucky in the past but I'd rather not push my luck if I don't have to.

It's getting harder and harder to keep DAWs off the net completely.  The compromise I have taken is to connect but only go to sites that are 100% relevant like software support and such. It's highly unlikely updating my vsts will give me a virus. When i want to surf the net, i use my tablet or linux box. Even when on DAW computers, I use products like noscript to account for the occasional typo that ends up going to wrong site.

Why isn't an act like you described not considered theft over $1,000? It should be a felony IMHO. 

I'm sure it is a felony, but good luck finding the guys doing this.  odds are good they are in a country where catching these guys is not a priority.