My recommendation is to avoid getting your box compromised in the first place. This necessitates, at the very least, not giving admin accounts or your accounts out to other people.
It is in general very difficult (at best) to be completely certain that a system that was once compromised fully has been cleaned completely.
Barring avoiding getting yourself into such a situation in the first place, I'd be inclined towards blowing away and rebuilding a system that had been compromised. I tend to take a dim view of most "personal security" type software, however (perhaps being jaded by the fact that they tend to introduce security holes, and the futility of signature-based detection schemes in general against anything that isn't just "mass-market" malware).