One of my co-workers's laptop is infected with this malware that I'n not sure what exactly to call it, but this is what I found on his laptop:

1. It create entries in registry to start up 2 programs "%windir%\temp\winlogan.exe" and "%AllUsers%\ApplicationData\randomfoldername\spywareCatcher2009.exe" when windows start.

2. Periodly display fake warning messages about malware infection.

3. It disable McAfee antivirus and Avast.

4. It block all of these programs from running:
- Task manager
- Command prompt
- Regedit
That is, when I tried to run any of these, nothing happens. No error message either. Just absolutely nothing.

4. It put entries in hosts file and lock it from being changed. I can open the hosts file but can not make changes to it. If I attemp to save the changes, windows show an error message "cannot create c:\windows\system32\drivers\ect\hosts file. The directory doesn't exist". (Note that that directory is where I open the hosts file from)

5. It turns off System Restore thus no restore point is available.

6. Constantly sending/receiving packets over the network connection.

7. It somehow manage to hide the winlogan.exe file. Using windows explorer with folder options set to show all hidden files as well as system files, I still cannot find winlogan.exe.

I was able to disable the 2 programs mentioned above via msconfig and deleted spywareCatcher 2009.exe. This stops the random fake virus warnings, but all other symptoms remain.

I'm about to reformat the HDD now since his laptop has been running pretty sluggish already before the infection. However, I"m just wondering any of you have encountered a malware this smart?