Part of my duties at work is overseeing infected systems coming into the retail side of our business.
Keep in mind I am giving you a perspective on what's going on in U.S. infected systems. Exploits vary my country these days.
99% what I am seeing lately is exploit/repair ware. You know the screen that pops up and warns the user your machine is infected with blah-blah and to call a toll-free number for help.
As long as the user hasn't relinquished control of their system a couple of scans with adwcleaner and any other anti malware program usually does the trick. Check out Bleeping Computer for current reviews of anti-malware programs, things change and programs don't always keep up.
Malwarebytes is my old stand-by but whatever works for you, so be it.
If the user has allowed access remotely to their system, it's either Win 10 system reset, save files but scan them afterwards or reload Win 7. System restore has either been disabled or can't be trusted in all cases I have encountered.
I haven't seen a need for anti-rootkit programs since the Russians went crazy and were utilizing rootkit variations of code they purchased on IRC. Ironically that stopped in the U.S. after the 2016 elections, you draw your own conclusions but it's a fact.
I will try to check in if I encounter anything new worth mentioning.
Keep in mind, YMMV.