cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Removing Smart Fortress malware

We are running McAfee VirusScan Enterprise v8.8 and 2 users have malware on their machine called Smart Fortress and have not been able to get rid of it.  It is not detected by McAfee and I find nothing on the McAfee support portal site.

I have asked the support in the office to check the registry for malware in the Run statement and to start the machine in Safe Mode and run a system scan.

Anyone else have any experience with removing this?

Thanks.

4 Replies

Re: Removing Smart Fortress malware

Hi Randy,

its Fake alert Pls follow the link which will be usefull

http://www.bleepingcomputer.com/virus-removal/remove-smart-fortress-2012

http://www.bleepingcomputer.com/forums/topic444339.html/page__hl__smart+fortress

For now, restart into safe mode and login as Administrator.

Start Internet explorer and download the following files:

Download http://download.bleepingcomputer.com/reg/FixExe.reg and save it to the C:\ folder.

Download http://download.bleepingcomputer.com/grinler/iExplore.exe and save it to the C:\ folder

Log off, and still in safe mode, log in as your infected user.

Navigate to the C:\ folder where you saved the reg file, FixExe.reg, and double-click on it. Allow the data to be merged.

Run rkill renamed as iExplorer.exe, that should be in your C:\ folder, and let it kill the Smart Fortress process. May need to do this a few times.

When the Smart Fortress is killed, dont start any programs, and double-click on the FixExe.reg file one more time and allow it to merge.

Reboot into normal mode.

Download your favorite security program and clean up the mess.

MBAM should soon, if not already, be able to clean it!

If at any time Smart protection start when you try one of the above steps...just double-click and merge the FixExe.reg file!

hemantk
Level 12
Report Inappropriate Content
Message 3 of 5

Re: Removing Smart Fortress malware

Helloo...........

Why their is no Solution/Detection from McAfee.......??????

Re: Removing Smart Fortress malware

Hi Hemant,

No other AV will protect 100 % for FAke alert because no of users receiving different type of mails Looks like valid mail but its questionable Like you have visited illegal site looks like came from FBI etc...So the users getting infect by opening the attachments .

For example one of our site users received these kind of mails .

we have tested McAfee found Document.exe in attachment infecting the users so we have created user defined rule and blocked the document.exe and McAfee providede the update for that but still more no of users got infected with the same FAKE ALERT AV because users received  no mails with diff questionable subject line with different attchment (like visited sites , tried to acess the restricted sites, Pls check the information 0f your bank account details etc ..... Not only the users getting infect with FAKE ALERT even visiting illegitimate sites,downloading cracks x rated sites etc 

Finally onething we  learned instead of blaming AV product support we have to educate the users not to open the unknown mails.

Message was edited by: lakshmanans on 3/9/12 3:53:26 AM CST
gailk
Level 7
Report Inappropriate Content
Message 5 of 5

Re: Removing Smart Fortress malware

Hi there, MY computer is vista 64 with McAfee. I just got this smart fortress yesterday. How enoying. I was totally supprised when I couldn't do anything... I couldn't even try and find the files on my harddrive. Grr... And McAfee wasn't working. So this is what I did and it worked for me.

I rebooted to safemode (f8 while booting) I have Ccleaner installed (this is a free program that  use alot) to check my start up.

You can use msconfig in run and OK to open system configuration. Look in startup and see if there is a program that looks like it shouldn't be there. Mine was file that had a about 10-20 numbers in the name and was located in my c:\programdata (or something like that). Make sure you disable it in the startup and also delete it from your computer.

If You are unsure of which one then go on by one through them all and find the location and zip or rar the file then delete it. (This is incase you deleted the wrong file you can go back into safemode and unxip it.)  I rebooted and everything was working great. I downloaded Malwarebytes. It was one of many that actually worked and was truely free. http://www.malwarebytes.org/products/malwarebytes_free. So for now everything is working great and I'm a happy camper Hope this helps!!

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community