I ran across a laptop that was having intermittent boot failures. There was a suspicious popup that was supposedly scanning the machine and finding numerous hardware and software problems (that it would fix of course); and the actual antivirus software that was installed would not stay active.
In addition, like you reported, all of the data files were basically set with the "hidden" attribute. As well as the All Programs folders showing up "empty" in the Start Menu (the programs ARE however still in their original locations in c:\Program Files).
I was eventually able to boot into Safe Mode and run Autoruns. Under the logon tab, there was an entry under the key, HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run. The image path was c:\programdata\upwJQGgCXjxrDJa.exe
I deleted the entry and rebooted the machine and was immediately able to run the AV software without any problems. I did a full scan, which removed additional trojan horse viruses. So I'm not sure which behaviors were solely attributed to the "upwJQGgCXjxrDJa.exe" issue.
And at this point there is VERY little information about upwJQGgCXjxrDJa.exe out there.
So I would try running Autoruns and search for any instances of upwJQGgCXjxrDJa.exe and delete them. You can find detailed instructions on how to do this in this post: http://www.bleepingcomputer.com/tutorials/how-to-remove-a-trojan-virus-worm-or-malware/#remove
Hope this helps.