Smart Fortress 2012 is a fake antivirus program that should never be trusted. It seeks only to get users’ money by pushing them to buy its licensed version as soon as it gets inside the system. Numerous people have already fallen for this scam hailing from the dangerous Rogue.SecurityTool or WinWebSec family of malwares that is famous for Security Shield, Smart Protection 2012 and other rogue anti-spyware programs. Just like before mentioned programs, Smart Fortress 2012 displays lots of warnings and alerts that one’s PC is infected and tries to convince the user that a “full” version of Smart Fortress 2012 is capable to fix all security related problems. In fact the “full” application is useless and should never be trusted because it has no capability to find or remove any kind of viruses or malware. It is nothing else but a scam. On late 2012, it was replaced by System Progressive Protection rogue , which is very aggressive too.
Smart Fortress 2012 is distributed using web exploits, trojans and various system vulnerabilities. It is installed without users’ permission, usually by using security exploits or by convincing the user to install some sort of trojan disguised as “freeware”, “update” or similar. After a secret infiltration, Smart Fortress 2012 is executed every time PC is started and it starts displaying continuous alerts of unrealistic threats. In reality, all the files that are detected as malicious are harmless system files that should never be removed from the system. You should ignore all Smart Fortress 2012 alerts, having text, similar to the ones below:
Warning: Your computer is infected
Detected spyware infection!
Click this message to install the last update of security software…
Smart Fortress 2012 Warning
Intercepting programs that may compromise your privacy and harm your system have been detected on your PC.
Click here to remove them immediately with Smart Fortress 2012
Warning!
Application cannot be executed. The file notepad.exe is infected.
Please activate your antivirus software.
Security Monitor: WARNING!
Attention! System detected a potential hazard (TrojanSPM/LX) on your computer that may infect executable files. Your private information and PC safety is at risk.
To get rid of unwanted spyware and keep your computer safe you need to update your current security software.
Click Yes to download official intrusion detection system (IDS software).
Smart Fortress 2012 will make operation of your PC problematic as it will block legitimate programs. In addition, this scamware will be getting on your nerves each time you log into Windows and it will allow more malware infiltrate into your PC, as it is left unprotected from attacks of other parasites. In order to prevent its removal, this Smart Fortress 2012 tends to disconnect the PC from the Internet and stop all legitimate applications, thus your computer will be pretty much useless while the rogue is active. Typically, you will be able to visit most of the websites by explicitly pressing “Allow” after pressing each link. As you can see, Smart Fortress 2012 is really dangerous and annoying application that has to be uninstalled from the system without any delay. You should follow this guide and remove Smart Fortress 2012 from your computer for good.
Smart Fortress 2012 uses specific trick to prevent manual removal : it will disallow renaming or deleting its executable while its process is active. This can be fixed by stopping malware process only, and that is quite tricky. The best way to disable and remove this parasite is using anti-malware programs or fake its registration so it will be less annoying. Full Smart Fortress 2012 removal guide is listed below.
Special instructions on how to remove Smart Fortress 2012 rogue
We have checked multiple anti-malware programs against Smart Fortress 2012 versions and devised a way to execute them even if Smart Fortress is active. First, you will have to download the programs listed on infected machine (If you can not navigate through web and visit our website through other PC or mobile browse, type one of these addresses straight in your browser address bar):
https://www.2-viruses.com/downloads/spyware-remover.exe
https://www.2-viruses.com/downloads/spyhunter-i.exe .
You will have to press “continue unprotected” in the browser to finish download.
It is confirmed, that executables of anti-malware program will launch if renamed to .com instead of .exe (make sure you see file extensions). You can also right-click on executable, choose Run As, uncheck “Protect my computer and data…” and execute the program. Here is a video guide how to remove Smart Fortress 2012:
If you still can’t do that, try using this registration code that worked with earlier threats from this family to “register” Smart Fortress 2012: AA39754E-715219CE. Finally, run a full system scan with updated anti-malware program to fully get rid of Smart Fortress 2012, try using spyhunter, Malwarebytes Anti-Malware or spyware doctor that are safe and effective.
If you have paid for Smart Fortress “full version”, you should consider contacting your bank and asking for credit card change.
Automatic Malware removal tools
(Win)
Note: Spyhunter trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions,
(Mac)
Note: Combo Cleaner trial provides detection of parasites and assists in their removal for free. limited trial available, Terms of use, Privacy Policy, Uninstall Instructions, Refund Policy ,
I hate you that such garbage stick on my computer, I never buy such sticking garbage. Sticking is always a scam.
We are not makers of Smart Fortress 2012, we warn about this scam.
I manage an information security team and we are cleaning one of our users of this virus at this time. Do you know how it spreads? Can it spread to other machines within a network like a worm?
Many thanks!
Daniel : the executable itself does not spread itself, so it is unlikely that it will infect other PCs on the same network. First thing to check is if there are other software on the system. This family loves fake scanner pages, but the samples look like they target web vulnerabilities more.
This is very stupid virus and destroyed my data. Thanks for the solution
I cannot get this thing off one of my pc’s here at work. We have tried ALL the steps listed. . Please help!
I have the virus but it won’t even allow me to link to th internet so how do I remove it manually?
Tx
If you cannot like to the internet, and cannot do the same under Safe Mode, then having a USB memory stick/pen with loaded tools is the best way forward. So borrow another PC and load your USB stick with tools that will first stop the process and then reset the registry to allow executables to run etc.
I am not a computer guy. I am 70 years old and to me they are all magic. Last week I got an email that said it was from Fedex. The heading said that they couldn’t deliver my package. I was expecting a package, so I opened the email and it said that I needed to open the attachment to see what the problem was. When I opened the attachment my computer took on a life of its own. I am smart enough that I didn’t buy there program but my computer is totally locked up. It was not my main computer, just my laptop. I immediately shut it down and removed the battery. The next day I fired it back up but it still had the Smart fart 2012 screen and was still locked up. I waited until yesterday and tried again. It was working but very slow and several icons on the desktop opened other programs. I turned it back off, and I guess that I am going to have to take it somewhere and have it cleaned up. How can I report this to what authorities? These people need to be prosecuted or at the least have the crap beat out of them.
i really do not appreciate your scams tapping into my computer and if you don’t stay off you’ll see what happens .i know who you are and where you are my computer has a tracer on it and you picked the wrong person this time. stay off of my computer you dirtbag. i don;t need you fraud scams i have protection. quick trying to scam people and get a real job like decent folks do you theives. all of my folks are in the decective and law business so leave people along.this is ashame and disgrace to society. i best not see you on here again it would be to your benefit.
lois johnson
We are not related to smart fortress, we warn about this threat.
I uninstalled it, I used the code to get rid of pop-ups without paying but the virus is still there. I tried mycleanpc, but you have to pay. Is there a free virus removal software that you recommend?
I didn’t pay attention and didn’t realize that there was a free recommendation.
My apoligies for my last comment.
P.S I don’t know who is behind this virus but whoever is, you should die.
Okay, so I put parental controls on my mother’s account so she, in theory, wouldn’t be able to put this kind of garbage on the computer. Not to mention our router and computer both have firewalls enabled. How on earth did she manage to entirely infect her account?
Also, how does it manage to block the task manager?
Stanley: Security Fortress is malware. Thus it exploits bugs to be executed, elevates its permissions and starts on each PC boot. It might start even before your parental control is active, or it might elevate its own permissions and kill the process.
Thank you! This posting has saved my day. I have a user that contracted this thieving piece of software. But with the instructions here, Malwarebytes and some persistence I think I have it subdued.
Thanks, again, this is what the internet is supposed to be about – helping one another get through the difficult parts, not creating difficulty and thieving software!
Some of you guys need perhaps your anger towards the makers of Smart Fortress?…Not the Antivirus company?!
I ve installed pc doctor on my laptop, but unable to run it as it keep on asking for updates which i cant install as smart fortress has blocked that as well. how should i get rid of this??? please help.
Div : Try spyhunter in this case. Rename it to .com, it should work.
i had this virus on one of my old laptops but it was called something else my friend managed to get rid off it sort of.but when i turned my main pc on this morning up popped smart fortress.your website has helped me out a big deal.i am a bit of a wiz kid with a computer but this little bugger of a virus is proving hard to kill lol.i used the code supplied and it worked im now in the process of useing malwarebytes to try n get rid of this little bugger. in refeance to bill nelson its not fair that this has happened to you buddy.if you have any younger members of your family that migh understand try and ask fortheir help and follow the instructions to the tee on this page.
Hello,
Thank you for your dedication and for posting your fixes online. Though it greatly amuses me to see/read these folks who think that you’re the virus developer.
I wanted to ask if you had noted an incline in how common this particular bugger has become? My father managed to contract it onto his PC yesterday and it actually attacked my work computer today and my home computer just moments ago. These PCs are all on separate networks and none contracted it from the same website. I was actually floating around on a wiki page when it attacked this computer.
Thanks again,
VSkwidd – Family-made computer fixer (aka, excellent at google 😉 )
Can this virus infect Macs?
Of, of course, bleepingcomputer did the work since I was able to fake-activate the software. Good sense do fake of the fakes.. 🙂
David : unlikely, usually they spread different malware for Macs from the same exploit pages.
I just cleaned up a customers system this afternoon. He opened up an email attachment that he thought was from the USPS.
In my case the last thing I had to do was change back the file attributes by Unchecking ‘Hidden’ on the general properties tab for everything on the drive.
Changing the view settings from the folder options only helped a little.
Otherwise Malwarebytes did a great job, a quick scan in safe mode, then a full scan in normal mode.
When I started the cleanup I did have access to internet explorer and task manager so it was easy to get access to my usb drive.
The machine had an expired NOD32 that stayed silent through the whole session.
napatec: Outdated AV should not be trusted or blamed…. These malwares are re-packaged daily or so to avoid detection…
What I’m most worried at the moment is what information this malware sent out from my network. Is there any known information or tests done by that point? I mean, the malware seem to act very different before and after it’s activation. There may very well be information sent while all executions are blocked and not after activation. I would think so, if I coded such software piece, because everyone are forced to a period of blocked services until activation. The network activity before activation need to be traced through a router..
hi both of the help downloads you have put in this web page have asked me to pay ? im not sure why spyware remover goes to pc doctor and the second one spy hunter also asked to pay you might have to update your advice
Troy: if you want, you can delete the file manually. These scanners help identify infected file. Full versions help avoid infections like this and protect from reinfections
@admin
Interesting. Thanks. It appears a website has spread this virus to our PCs at work but as the only Mac user I apparently didn’t seem to get infected. Having said that, my mac has started to become a little slower, is struggling with sending email, and seems to suddenly have “recovered files” in the trash upon each restart. I already have Sophos on the machine, so I ran a manual scan, but nothing came up. Any thoughts?
David : there are malware that can infect Mac. It is distributed through the same exploit kits that rogue AVs. Though sophos should handle them well enough.
If all machines are infected with rogue AV, then I would scan all the websites that are visited daily in your office… There might be an infection there. Rogue AVs do not use worms that would infect LAN pcs that often.
@admin
Not blaming the AV. If there is any blame it would have to rest on the user thinking the post office would use email to contact him about a package pickup. He wasn’t even expecting any deliveries. Common sense could have prevented this infection. Also don’t get hung up on having a favorite AV or other programs, they will all let you down at some point.
That’s why I don’t recommend to anyone to pay for these types of programs. If they want to pay for something it should be in the form of learning how to image their system so they can simply restore their hard drives in less time than it takes to start a cleanup.
I used to resell Nod32 when it was first available, also counter-spy before it became vipre, but not anymore. I don’t like making money off someone elses suffering.
Napatec:
I understand your point, though I see this a bit differently. Restoring images is feasible only if you do not get reinfected right away (seen more than once), you know when and if your system is clean or infected (without AV / anti-malware you rarely do), you perform regular off-site backups for your data (or risk a loss if true encrypter hits your PC), all the people in the household / company are educated enough about PC security. Anti-virus and anti-malware programs (with real time protection) reduce the risks significantly and save enough time. While it is possible to remove parasites manually and for the most rogues it is not that difficult, the most of infections would be avoided with decent security programs.
@Giedrius Majauskas (admin)
Yes you do see things a bit differently. I know I didn’t go into great detail about imaging but I have already thought through all of the drawbacks that you mention and more. There is really no reason why wiping a drive and laying down a new image can’t be the best solution if it’s done properly and you’re prepared in advance.
But I agree that there are those that will wait until it’s too late and come searching for help, and they expect everything on the internet to be free.
People put way too much trust in their computers so they end up risking all their data.
I ask my clients what they would do if their hard drive died tomorrow, once they really stop and imagine that they start to get serious about it.
Changing the subject now…Have you thought about putting up a donation link on your page? You are going through a lot of effort to write all these tutorials and if YOU don’t place any value on them no one else is going to either.
Or you could put it in larger print here that you are an affiliate and that is the only income you make from all your time put into the tutorials and maintaining this resource.
People would have to pay for these programs no matter where they downloaded them from. There is nothing dishonest about making a buck when you have earned it. I would make this point very clear to all visitors right up front.
they always have the choice of going to one of those HiJackthis forums and going through all the steps and waiting and waiting, and a lot of those guys ask for donations as well.
Hi there, currently got an infected computer which I am trying to get the virus off, Having some success, installing the antivirus (spyhunter), I did try just before but said my Administrator things weren’t right for the program to run, Anyhow I did a search for some SF12 components and ended up deleting some of it, But this is a bugger of a virus and I wish the company who makes this pile of crap would just go do something better with their lives, and if this spyhunter fails I just hope the Product Key will do and I can finally remove it, I’ve managed to deal with all of my other viruses, and the other one in the same family as this virus, But obviously this has been upgraded with turrets.
i have destroy ’em all (smart fortress), all back to normal, except my TASK MANAGER. how to get back this taskmanager? thank you for the answer
Alexa : It is disabled in the registry.
Try this :
Start -> Run -> cmd (right click and run as administrator on Win 7 / Vista)
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System
/v DisableTaskMgr /t REG_DWORD /d /0 /f
Got infected with Fortress virus yesterday, trying to remove it atm. Will try to rename the executable to .com
I got it from a website who asked me to update java the website looked legit but the download link had a weird name so i did not update. Smart fortress infected the computer anyway
Spyhunter is not free. Remove the red text saying that it is. I spent 2+ hours scanning with it to then get hit with a buy it to fix it banner. Almost like Smart Fortress does.. 🙂
Go to cnet.com and search for free anti virus and anti spy ware software that has already been tried, tested and reviewed.
And Smart Fortress is packaged as a adobe flash update package in its latest exploit.
Alex : Spyhunter (differently from many “free” antimalware programs) stops Smart Fortress 2012 executable before – during scan and shows where it is located. It is up to you how you remove the parasite. There are very few programs that CAN be launched while Smart Fortress 2012 runs, and it uses the most aggressive file protection from all rogues I have tested.
After it is killed, it is extremely easy to remove if user has some understanding about computers.
they find who designed the worm and slowly torture them over and over
The viruses are not the parasites the designers are
Yeap, that was how my laptop was infected last night by clicking adobe flash update.
smart fortress has gotten into my pc, i cannot start any security apps running, i cannott boot up in safe mode networking, when the windows page is out of the way and desltop screen appears within a second a screen saying Police and this pc is locked unless i pay £100. how do i get out of this mess
ian : You got 2 different parasites. Rename security programs to .com from exe and run. Do not go to safe mode. Most likely, Security Fortress blocks second parasite (the alert), Thus you need to remove both fortress and the alert while alert is not active.