Unfortunately we don't have the capacity to back up 80 gigabyte of files in 7 chunks, which contain our mid-semester video production. While editing, my friend was tempted to download some cracked effect software from P2P network and so it started. First we've got the random number-files launching and then the permanent unstoppable 'wintems.exe' came up, with 'hldrrr.exe' popping up once in a while, just for a few seconds, in process monitor.
BitDefender cleaned some of the files, but it didn't stop these processes and still, I cannot install any AV-software. The safe mode, as I say, is blocked: therefore cannot access the safe mode (seems to be a clever virus or many viruses at the same time). The reason is that the sptd.sys file is infected, inaccessible and altered. So everytime I boot up for safe mode it prompts me wheather I should load it or not. No matter what I do, computer restarts.
Same trouble with all other security applications and services.
I've started the 'Avast! Cleaner' just some minutes ago, but it wasn't able to find any viruses in memory, however, 'wintems' remained there all the time.
I've searched the registry-files for wintems and hldrrr, but no record of them was found. It means that this executables are laucnhed through some other library I cannot find.
I think if I somehow manage to alter identification of Avast! AV I would be able to install it and won't get it blocked. But it doesn't seems possible to me, unless a package of avast with already alternated identification is created.