step 2. everything in the log contained either desktop.ini, Desktop.ini, or DESKTOP.INI.
Yes, that's a given, since we were looking for those. But are they in folders that also have these unwanted hidden files? A long shot, I admit.
Let me go back and take another look at the OT log. Some malware settings just getting overlooked here.
Check this in the meantime please.
Go to Start Search, type regedit, and when that shows at the top of the menu right click it, and select "Run as administrator".
In the Registry Editor display, navigate to the following Registry key:
HKEY_USERS\S-1-5-21-1343024091-484061587-1801674531-1004
Most of the numbers in your Registry Editor will be different, except for the parts I hilighted.
Under that, see if something like this is there:
HKEY_USERS\S-1-5-21-1343024091-484061587-1801674531-1004\Software\Classes\.exe
For now just let me know.