I had no help from anyone ... I consider my self "middling" as far as tech expertise is concerned ... not a pro by any stretch of the imagination, but far more savvy than "the average" user.
Based on symptoms from Dad's machine I was convinced he had some sort of virus. I ran MS Security Essentials, Malwarebytes Anti-Malware, and Super AntiSpyware -- all were run in Safe Mode on the Windows 7 machine.
All three products mentioned above FOUND NOTHING. That's when I decided to use a "rescue disc" -- weapon of choice was a free (downloaded from Internet) Avira Bootable rescue CD. This process found, and removed SOME portions of a trojan it called FakeSysdef.jh.2. When scan completed, I was informed it was unable to completely remove the trojan (four individual files were found, and while it renamed two of the files successfully the other two remained intact).
I Googled the name of the trojan and that is when I discovered Microsoft Saftey Scanner. That product was able to completely remove the files associated with the trojan.
I then rescanned with the original 3 pieces of software, MS Security Essentials, Malwarebytes, and Super AntiSpyware. Again they detected nothing.
After this there was some cleanup to do, it looks like the Trojan hijacked dad's browser so all his favorites had to be recovered. Also a few other miscellaneous odds and sods.
MS Security Essentials was still acting a "little hinky" -- nothing specific I could put my finger on but things just still seemed "odd". Because one of the four files discovered and removed was actually resident in a MS Security Essentials directory ( C:/Program Data/Microsoft/Microsoft Security Essentials ) I decided to be on the safe side and completely un-install and then re-install MS Security Essentials.
As soon as this was done Security Essentials identified a new threat - Alurea.E (not sure of correcvt spelling here) RootKit.
Again, Googling the rootkit name came to my rescue and led me to the "aswMBR" tool. This tool identified and confirmed (albeit a different version) of the Alurea rootkit. The software tried to fix the problem with an in-built Fix MBR component but re-running the scan showed the rootkit to still be present - although now inactivated. Reading at the aswMBR (actually Avast - provider of the tool) website explained how the rootkit worked, how to find and identify it with partitioning software and how to remove it.
Simply, rootkit creates a new HIDDEN partition (very small - about 1-3 MB) at the very end of the existing Windows partition. I simply used Partition Wizard to find and delete the hidden partition and everything thereafter was fine.
When I read my words above, it all sounds so simple, but in actuality it took me about 20 hours over 2 days to do this all.
Bottom line, for me anyways (with my existing skill level), it all turned out to be the oft repeated lesson - Google Is Your Friend