fixing files modified by malware

Two days ago my computer suffered a malware attack, but it seems to be working again. Yet there are unresolved issues, perhaps critical ones, and I really need some expertise now. This is what happened:

While reading a blog two days ago, I got sudden and repeated screen messages about saving changes to files that were closing down. This all happened rather quickly, but I did briefly see a message that something was trying to install some software.

The system rebooted on its own, then showing a bogus, misspelled message -- "Your computer is infected..." -- coming from a red tray icon with a white X. Over the course of the evening I lost control of both of my browsers (IE and FireFox) - either I would get redirected to an arbitrary website or, when trying to get anti-virus software updates, the browser could not locate the requested page.

Yesterday I looked at the files that had been modified during and after the attack, and did some research on my husband's uninfected computer. Below is an overview of modified files: I have inserted questions about some files and would appreciate advice about what to do next. It looks like the malware attack started on 11/16/2008 at 9:05 PM.

9:05 PM - - something generated C:\WINDOWS\system32\drivers\svchost.exe (34KB) -- I later renamed this file
>>>QUESTION - MBAM ignores this renamed file - should I manually delete it?
9:06 PM - - something modified C:\WINDOWS\system32\termsrv.dll (289KB) -- and saved the original as C:\WINDOWS\system32\termsrv.old
>>>QUESTION - how do I return to the original termsrv.dll file?
9:06 PM - - something modified C:\WINDOWS\system32\winlogon.exe (496KB) -- and saved the original as C:\WINDOWS\system32\winlogon.old
>>>QUESTION - how do I return to the original winlogon.exe file?
9:06 PM - - something modified C:\WINDOWS\system32\drivers\beep.sys (28KB) -- somehow I was able to restore the original file with the XP install disk
9:08 PM - - something modified C:\WINDOWS\wiadebug.log (1KB) -- this file was removed when I ran CCleaner
9:08 PM - - something modified C:\WINDOWS\system32\wpa.dbl (14KB) - I suppose this is not a problem
9:09 PM -- something generated C:\WINDOWS\system32\TDSSblat.dat - there was a series of TDSS files that I overlooked at the time - Ad-Aware and MBAM removed all but this one, which I renamed
>>>QUESTION - MBAM ignores this renamed file - should I manually delete it?
9:10 PM - - something modified C:\WINDOWS\system32\perfc009.dat (62KB) - this files appears to be explanatory text
9:10 PM - - something modified C:\WINDOWS\system32\perfh009.dat (62KB) - this files appears to be explanatory text
9:10 PM - - something modified C:\WINDOWS\system32\PerfStringBackup.INI - I suppose this could be a problem, since it contains so many settings
>QUESTION - should I be concerned about changes to this INI file?
1>>2:25 AM - - something modified C:\install.dat (1KB) when I installed SpySweeper - I don't know why this 10-line text file is just hanging out by itself in C:\ directory
12:32 AM - - something modified C:\WINDOWS\setupapi.log (553 KB) when I installed SpySweeper -- this file was removed when I ran CCleaner

In the morning I scanned with ewido_micro.exe, which identified C:\WINDOWS\system32\drivers\svchost.exe as a problem. However, when I tried to remove it with ewido_micro.exe, I got a blue screen and the computer rebooted. This perhaps generated the next set of file changes:

9:33 AM - - something modified C:\pagefile.sys (2,095,104KB) -- I set the system so that no paging file is used
>>>QUESTION - should I reset my system to use a paging file? How do I know that this file is okay?
9:33 AM - - something modified C:\WINDOWS\bootstat.dat (2KB) - I suppose this is okay
9:33 AM - - something modified C:\WINDOWS\0.log (0KB) -- this file was removed when I ran CCleaner
9:33 AM - - something generated C:\WINDOWS\brastk.exe (10KB) - - I later renamed this _brastk.exe
>>>QUESTION - MBAM ignores this renamed file - should I manually delete it?
9:33 AM - - something generated C:\WINDOWS\karna.dat (6KB) - I later renamed this _karna.dat and later MBAM removed it
9:33 AM - - something generated C:\WINDOWS\system32\brastk.exe (10KB) - - I renamed this _brastk.exe
>>>QUESTION - MBAM ignores this renamed file - should I manually delete it?
9:33 AM - - something generated C:\WINDOWS\system32\karna.dat (6KB) - I renamed this _karna.dat and later MBAM removed it
9:33 AM - - something generated or modified C:\WINDOWS\system32\nvapps.xml (178KB) -- I renamed this _nvapps.xml - later something generated a NvApps.xml file, perhaps when I rebooted the computer
9:33 AM - - something modified C:\WINDOWS\WindowsUpdate.log (1,632KB) - I suppose this is okay
9:44 AM - - something generated C:\WINDOWS\system32\KGyGaAvL.sys (2KB) -- I later renamed this
>>>QUESTION - MBAM ignores this renamed file - should I manually delete it?

In the afternoon I discovered that I could use a scheduled recovery point from a program called Fix-It 7. I selected a recovery point from last week and rebooted. This got rid of the irritating red icon and I was able to use my browsers. Nonetheless, this step did NOT fix everything. I ran Adware, which had previously found squat, and identified and deleted two big, fat malware dlls:
WINDOWS\system32\TDSSkfkl.dll
WINDOWS\system32\TDSSurkv.dll

I was surprised that I had missed these files when I had looked earlier for changed files. I also noticed other files in this folder with TDSS in their names. I later downloaded and ran MBAM, which found a slew of probelms, including the TDSS files. I have run MBAM twice since then and got clean reports. I also ran CCleaner, which eliminated three of the log files described above.

HOWEVER, I am still concerned about some of the files that got modified, especially winlogon.exe and termsrv.dll. What should I do about the modified files?

I appreciate all feedback and advice! Please let me know if you need more information. (Also, does anyone know how reliable the tasklist.org website is?)

Thanks!