XP on infected PC. Followed the steps for removal of SMART HDD operating in safe mode with networking. Everything was fine until we tried to run the tdsskiller. It will not execute. We have downloaded it to the desktop, renamed it multiple times using both .exe and .com, downloaded the file onto another computer and loaded the files onto a jump drive. Then we tried to copy and paste those files into the infected computer but still the tdss file won't go. We tried skipping this step and downloading malwarebytes but that was terminated by the infection.
I am having the same problem (as above) and as I am seeing across this and other boards with the instructions and tdsskiller. I am running Win 7 (64 bit). I have tried renaming tdsskiller with no luck. When running in safe mode (after rkill step) I would only get a spinning circle for a few moments. Tried to skip step to Mbytes and it installs, fails, gives some "runtime error '5'". After getting stuck with your guide I found (from another guide) where to find the active virus (chain of letters and numbers.exe) and change the extension to .com. I can now boot into regular windows mode without all the popups and start of S.M.A.R.T. HDD. Now when running tdsskiller (renamed as per instructions) I now get a spinning circle then the user account control "do you want to allow..." windows notification. I say yes...then the spinning circle...then nothing happens.
I think it should be noted that we are instructed in several places to "run as administrator" in Win Vista/7. This choice is unavailable when the tdsskiller is renamed a .com file. You will only get this when it is a .exe file. I would also like to ask why someone said "64-bit may be the issue". It appears from the tdsskiller site that this tool is for both 32 and 64 bit systems.
I have now been able to run MS security essentials. It did find "VirTool:Win32/Obfuscator.QD" which it quarantined and "Trojan:Win32/FakeSysdef" which was removed. Tried to now go back to start of the instructions and still hanging up at the tdsskiller step. Malewarebytes is still also not starting or installing correctly.
I would like to note. I had Malewarebytes (paid version) as my security software and it did not stop this infection. I am not quite sure why if it did allow this virus through it can now remove it.
I would also like to note that I got infected from installing "Handbrake.fr" version 0.9.6 (MS Vista/7 version, 64 bit) from http://handbrake.fr/downloads.php.
Immediately after download, install and reboot the S.M.A.R.T. HDD issues started.
My wife told me "just pay the $" and after several hours of poor Dell tech support I was tempted to do such...but it didn't seem right. Thanks for all the help so far, and in advance for your assistance.
Edit 1: Sorry...will start over with Narenxp instructions also and provide feedback.
Edit 2: Feedback on Narenxp instructions in this thread - System restore and backup are not supported in safe mode (according to my infected machine). Rebooting to "non safe mode" to attempt prior to proceeding.
Edited by engineeredwithlayton, 02 April 2012 - 01:49 PM.