The TROJ_SMOKE.JH is another variation of nasty Trojan horse infections that sneaks in the targeted computers without getting the consent of the user. This malicious application distributed through freeware, video files, and PDF creators. Besides that, the cyber crooks also use the spam email attachments, removable storage devices, and compromised web pages to spread this malicious Trojan horse. Once this nasty Trojan able to settle down in the system, it modifies the system file settings, internet settings, browser settings, DNS settings, windows firewall, and windows registry. Besides that, the important system utilities are disabled by this virus, such as task manager, registry editor, and antivirus. You cannot detect or remove this advanced level Trojan through normal antivirus program. The main purpose of developing such a nasty Trojan is to access the personal details of carefully selected users, and steal their money by using these details.
Removal of TROJ_SMOKE.JH
Once it becomes obvious that your system is under attack by the TROJ_SMOKE. JH, you have to find an effective method to get rid of this Trojan horse. You can take help from any reliable automatic removal tool to get rid of this nasty Trojan. The manual removal of this malicious application is also possible by following the instructions mentioned below:-
Change the Mode of Operation from Normal to Safe Mode
Restart the infected system, and hit the F8 key repeatedly to access the boot options screen. Once you can see the boot options on the screen, select the safe mode from the list and strike the Enter key to boot the system in the safe mode.
End the Malicious Processes
The next step of this process is killing the malicious processes associated with this Trojan. In this regard, open the windows task manager by pressing the Ctrl+Alt+Delete keys together, and click on the Processes tab where you can see a list of processes running in the background. Remove the following associated processes of this nasty Trojan virus before closing the task manager:-
- %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].ex
Remove the Associated Data
After removing the associated processes of this virus, you have to remove the following associated files from the system files folder with the help of the Delete key:-
- %Desktopdir%\ TROJ_SMOKE.JH.lnk
- %Programs%\ TROJ_SMOKE.JH\ TROJ_SMOKE.JH.lnk
Reverse the Modification in the Windows Registry
In the end, do not forget to reverse the modifications made by this malicious application in the windows registry. In this regard, you have to access the registry editor by clicking on the start menu, select the Run, and type RegEdit in the box. Once you are able to see the registry editor, delete the following suspicious entries:-
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\ TROJ_SMOKE.JH\DisplayIcon %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe,0
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\ TROJ_SMOKE.JH
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\ TROJ_SMOKE.JH\UninstallString “%AppData%[RANDOM CHARACTERS][RANDOM CHARACTERS].exe” -u
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\[RANDOM CHARACTERS] %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\ TROJ_SMOKE.JH\ShortcutPath “%AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe” -u
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\ TROJ_SMOKE.JH\DisplayName TROJ_SMOKE.JH
Close the registry editor, and reboot the computer in the normal mode to see the effect of changes you have made recently. Run a complete system scan through your existing antivirus software.