This is a most impressive variant. BTW this is Win7 Pro, 64-bit, and automatically updated and current.
Endpoint is disabled from startup but can be manually restarted, although scans have no response. Nothing unusual shows in the logs - I can view them, and it was last updated with signatures yesterday (2/10/11 at 11 AM). Safe mode runs with no popups, not sure why. Task manager is disabled in regular and safe mode. REGEDIT works, I think, and I can still access the CD-ROM. Windows Update is disabled. While I can still get to the Internet, when I tried to download malawarebytes, it diverted me to another website ..... which is impressive because there is no entry in the proxy server connection in IE8. Don't know if the installer has been compromised.
System restore has been compromised and it appears that the previous restore points have been erased.
Endpoint says, on its status page, that all antispyware and antivirus are disabled. "Fix" is disabled. "File System AutoProtect" is not functioning correctly.
At this point I'd even appreciate a recommendation on a trusted hunter-killer program that can be downloaded to CD-ROM and run.... remembering that task manager is DOA so any fix that relies on that is equally unusable.
Not sure how you'd submit anything when it apparently didn't detect anything and the quarantine is empty as well.