Malware disabling Anti-virus programs

The problems started maybe a week or so ago. The first symptom was the firewall on McAfee Total Protection turned off. Even when it appears to be on, looking at the firewall settings shows it to be off and attempting to turn it back on results in it turning itself off again a split-second later. This symptom persists after following the instructions of this website.

At first McAfee Virtual Technician on their support site showed components that weren't running. Later scans turned up missing files. These problems persisted after reinstallations. Once McAfee scans proved fruitless, next we tried Spyware Doctor (real-time protection not enabled with McAfee real-time protection enabled). Intelli-Scans turned up mostly low priority infections, with some higher priority infections such as Trojan.Generic and Suspicious.Cloud.7.L. The scan would ask for a reboot and most of the infections would still be there.

At one point, an intelli-scan was stopped and we ran a full scan instead. After a scan or 2, a full scan came out clean and we had thought the source of the problem gone. McAfee tech support was able to re-enable the firewall, but it didn't last. Now, in addition, Spyware Doctor full scans freeze on some file named ATT00001.lnk, even in safe mode with networking.

Running 64-bit Windows 7. Manage attachments button does not seem to be functioning at the moment. I got it to pop up once, navigated to another window to see what to provide, and the window turned black. Closed it and now the manage attachment button appears to be doing nothing. Will try rebooting or something and see if I can attach logs in an edit.

All right, logs now attached. TDSSKiller found nothing and generated no logs, although there were a couple errors when it started. Something to the effect of certain pieces unable to be found.

 

I believe these are the files requested. Prior to the response received, I tried Spyware Doctor again. This time a full scan was able to run successfully. It found and cleaned a couple trojans, although I think one may have been a false positive.

Roguekiller kept requesting to download an updated version. The first time, I clicked no. After the reboot, I tried the update, but the new file had the same version number as the old one and asked me to update again. I closed the new one and ran the scan with the old copy a second time.

At first, I misread that last part and ran MGTools again before I found the mistake and ran the bat file. I assume it's safe to try to reinstall McAfee and see if the firewall will finally stay up?

 

I'm not sure I'm in the clear yet. One new symptom: Internet Explorer is no longer working properly. It's extremely slow. Most options are grayed out until the page loads and escape doesn't stop it from loading. No problems of this sort prior to the last round of cleaning. Fortunately, someone else had previously installed Google Chrome. I haven't had to use it until now. Everything loads just fine in Chrome, so it isn't an internet issue.

I found a webpage http://support.microsoft.com/kb/318378, where I found and tried to run Microsoft Fix It. The first time I ran it yesterday, there were 3 issues: Smartscreen Filter Disabled, the number of simultaneous connections allowed to a server has changed, and Data Execution Prevention disabled. It claimed to fix all 3 problems, although Internet Explorer still wouldn't run right and the issue Data Execution Prevention disabled was there every time it ran. Today, it appears all 3 issues are back again.

I suppose it's possible this is just residual damage from the virus or the cleaning process. It took help from McAfee tech support to get the firewall up and running again. So far so good on that front. At the very least, I would like to find a way to get Internet Explorer up and running again. Reinstalling it doesn't seem to work. It sees I have the current version and quits out. Apparently, you can't really uninstall IE in Vista; it appears to be more of a rollback. Not sure if "uninstalling" and reinstalling will fix the problem.

In any case, what should my course of action be now?