Norton AntiVirus Enhanced Protection Mode
Norton AntiVirus Enhanced Protection Mode is a fake Norton security program that capitalizes on a known anti-virus brand to oil up the gears for its own misdeeds. While Norton AntiVirus Enhanced Protection Mode pretends to be a Norton product, Norton AntiVirus Enhanced Protection Mode has no real security-related functions except for functions that attack your PC security and disable security applications. Our SpywareRemove.com malware team has found that Norton AntiVirus Enhanced Protection Mode is closely-related to two other rogue programs that use similar scams, all of which are propagated by fake media player updates. Be alert for Norton AntiVirus Enhanced Protection Mode warning signs and delete Norton AntiVirus Enhanced Protection Mode immediately with any anti-virus program that you consider worthy of your trust.
Why You Don't Want Norton AntiVirus Enhanced Protection Mode to Replace Your Real AV Software
Even though Norton AntiVirus Enhanced Protection Mode uses the Norton name and tries its hardest to make you think Norton AntiVirus Enhanced Protection Mode is part of your Norton security software, Norton AntiVirus Enhanced Protection Mode has neither threat-detection nor threat-removal features. Our SpywareRemove.com research team has even discovered that Norton AntiVirus Enhanced Protection Mode actively tries to disable anti-virus and security applications, including legitimate Norton products.
There are several ways to catch Norton AntiVirus Enhanced Protection Mode in the act, however, since its disguise isn't perfect. The first way to catch Norton AntiVirus Enhanced Protection Mode is to look for the date and time on your anti-virus databases update. A Norton AntiVirus Enhanced Protection Mode pop-up will always proclaim that your databases for Norton are updated according to your login time; for example, if you logged in to your PC at noon, your database update time will also appear to be at noon.
This is Norton AntiVirus Enhanced Protection Mode's simple way of tricking you into thinking that your PC is protected. In reality, your computer is more vulnerable to attack than it was before Norton AntiVirus Enhanced Protection Mode was installed!
A second symptom of Norton AntiVirus Enhanced Protection Mode infection is to look for an unusual taskbar icon. Once you click this Norton AntiVirus Enhanced Protection Mode icon, a pop-up with the following message will display:
"Attention! Norton AntiVirus operates under enhanced protection mode. This is a temporary measure necessary for immediate response to threat from virus. No action is required from you."
This so-called enhanced mode doesn't exist and is another one of Norton AntiVirus Enhanced Protection Mode's tricks to give you in a false sense of security.
Lastly, of course, since our malware experts have found that Norton AntiVirus Enhanced Protection Mode makes direct attacks on security software, you can also detect Norton AntiVirus Enhanced Protection Mode by checking to see if your real security programs are functional.
Avoiding Getting Sucked into Norton AntiVirus Enhanced Protection Mode's Fake Protection
To protect your PC from any possible Norton AntiVirus Enhanced Protection Mode infection, avoid downloading media updates from suspicious sources. In addition to fake codec updates being a primary source of rogue program-installing Trojans like Zlob and fake Microsoft Security Essentials Alert, Norton AntiVirus Enhanced Protection Mode itself has been seen to disguise itself as a Flash-related update.
Similar infections that are closely-related to Norton AntiVirus Enhanced Protection Mode can also be found using different brands. Examples that our SpywareRemove.com researchers have found include Eset Smart Security Enhanced Protection Mode, and Avira Enhanced Protection Mode, Avast Enhanced Protection Mode.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%Windows%\l1rezerv.exe
File name: %Windows%\l1rezerv.exeFile type: Executable File
Mime Type: unknown/exe
%Windows%\systemup.exe
File name: %Windows%\systemup.exeFile type: Executable File
Mime Type: unknown/exe
%Windows%\sysdriver32.exe
File name: %Windows%\sysdriver32.exeFile type: Executable File
Mime Type: unknown/exe
%Users%\[UserName]\Downloads\OTS.exe
File name: %Users%\[UserName]\Downloads\OTS.exeFile type: Executable File
Mime Type: unknown/exe
Registry Modifications
HKEY..\..\..\..{RegistryKeys}HKEY_LOCAL_MACHINE\Software\Norton AntiVirus Enhanced Protection ModeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\..{RunKeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Norton AntiVirus Enhanced Protection Mode"
Additional Information
# | Message |
---|---|
1 | Attention! Norton AntiVirus operates under enhanced protection mode. This is a temporary measure necessary for immediate response to threat from virus. No action is required from you. |
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.