So good news, I think. I started to follow your latest instructions and found that the “Microsoft Securities Essentials” screen was gone. It looks like one of the earlier steps must have worked – just took some time to take effect. The last thing I ran was Combofix. It did not seem to do much and no log was created. I don’t remember if I rebooted just after this. I did reboot before starting the last steps and found the Malware window gone. I ran through the 3 steps anyway and have attached the logs. I hope this means the Malware is gone and not laying dormant. Please let me know if this make sense to you.
Thanks
exeHelper by Raktor
Build 20100414
Run at 14:46:58 on 09/28/10
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4717
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
9/28/2010 2:51:12 PM
mbam-log-2010-09-28 (14-51-12).txt
Scan type: Full scan (C:\|)
Objects scanned: 251814
Time elapsed: 1 hour(s), 0 minute(s), 7 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Documents and Settings\Margaret\Application Data\hotfix.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.