You might be wondering why my second entry has something to do with a fake antivirus program. I 'm a technical support engineer and this past few weeks, a new variant of rogueware is spreading in the internet. My advice is to be extra careful on downloading free software and always run a scan at the end of browsing activity.
The behaviour of this malicious program is to display fake alerts and shows the computer is extremely infected. It will show you an offer that it will get rid of the viruses or will fix the problem by purchasing a license. Don't be deceive and do not be fooled on buying this crap!
How to remove this Smart Fortress 2012 manually:
1. Stop the fake warnings by entering the activation key. Open Smart Fortress 2012 then hit Registration. Enter the activation key AA39754E-715219CE then click activate button.
2. Go to Control Panel to uninstall Smart Fortress 2012.
If you are using Windows XP:
- Open Control Panel then click Add/Remove Programs
- Search for Smart Fortress 2012 on the list of programs then hit Remove button
- Restart Computer
If you are using Windows Vista or Win7
- Open Control Panel then click Programs and Features
- Search for Smart Fortress 2012 on the list of programs then hit Uninstall button
- Restart Computer
3. Delete exe files:
%CommonAppData%\[random_33_characters]
%CommonAppData%\[random_33_characters]\[random_33_characters]
%CommonAppData%\[random_33_characters]\[random_33_characters].exe
%CommonAppData%\[random_33_characters]\[random_33_characters]
%CommonAppData%\[random_33_characters]\[random_33_characters].exe
4. Delete registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce “”
HKEY_CURRENT_USER\Software\Classes\
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
HKEY_CLASSES_ROOT\
HKEY_USERS\S-1-5-21-861567501-152049171-1708537768-1003_Classes\%s “(Default)” = “”
HKEY_USERS\S-1-5-21-861567501-152049171-1708537768-1003_Classes\\shell\open\command “(Default)” = “%CommonAppData%\\.exe” -s “%1″ %*
HKEY_CURRENT_USER\Software\Classes\.exe “(Default)” = “”
HKEY_CURRENT_USER\Software\Classes\\shell\open\command “(Default)” = “%CommonAppData%\\.exe” -s “%1″ %*
HKEY_CURRENT_USER\Software\Classes\
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
HKEY_CLASSES_ROOT\
HKEY_USERS\S-1-5-21-861567501-152049171-1708537768-1003_Classes\%s “(Default)” = “”
HKEY_USERS\S-1-5-21-861567501-152049171-1708537768-1003_Classes\\shell\open\command “(Default)” = “%CommonAppData%\\.exe” -s “%1″ %*
HKEY_CURRENT_USER\Software\Classes\.exe “(Default)” = “”
HKEY_CURRENT_USER\Software\Classes\\shell\open\command “(Default)” = “%CommonAppData%\\.exe” -s “%1″ %*
%CommonAppData%\[random_33_characters]
%CommonAppData%\[random_33_characters]\[random_33_characters]
%CommonAppData%\[random_33_characters]\[random_33_characters].exe
%CommonAppData%\[random_33_characters]\[random_33_characters]
%CommonAppData%\[random_33_characters]\[random_33_characters].exe
Hope this manual removal of this Malicious program helps!
Hey keep posting such good and meaningful articles.
ReplyDeleteStop the fake warnings by entering the activation key. Open Smart Fortress 2012 then hit Registration.
ReplyDeletePlaygroup Singapore