This rogue is pretty easy to remove. First, it is sometimes easier to have the aid of a product key, so here it is:
AA39754E-715219CE
If you are unable to register it, you can stop it with little work.
Copy "C:\Windows\regedit.exe" to the desktop
Copy "C:\Windows\System32\taskmgr.exe" to the desktop
Rename "regedit.exe" to "explorer.exe"
Launch your renamed regedit and locate and delete:
HKCU\Software\Classes\.exe
HKCU\Software\Classes\%s
HKCU\Software\Classes\529C5
Close regedit and delete or rename the "regedit.exe" that you renamed to "explorer.exe".
Rename "taskmgr.exe" to "explorer.exe" and then open it
Find the process and kill it. Then run a full scan with MalwareBytes'. This one puts a file in system restore so you can avoid a full scan by clearing the restore points before scanning. Remember, make sure system restore is enabled once removal is completed to protect yourself.
Registry Keys:
HKCR\Software\Classes\.exe
HKCR\Software\Classes\%s
HKCR\Software\Classes\529C5
HKCR\Software\Classes\%s
HKCR\Software\Classes\529C5
HKLM\Software\Microsoft\Security Center | AntiVirusDisableNotify
HKLM\Software\Microsoft\Security Center | FirewallDisableNotify
HKLM\Software\Microsoft\Security Center | UpdateDisableNotify
HKCU\Software\Microsoft\Windows\Currentversion\Uninstall\Smart Fortress 2012
Files:
C:\Documents and Settings\All Users\Application Data\<random>.exe
C:\System Volume Information\_restore{random}\RP1\<random>.exe
C:\Documents and Settings\<User>\Desktop\Smart Protection 2012.lnk
