Saturday, August 6, 2011

Remove Comodo Enhanced Protection Mode

Remove Comodo Enhanced Protection Mode
Comodo Enhanced Protection Mode is a fake antivirus program that produce fake protection that cannot protect the computer from any kind of malware, trojans or virus. Comodo Enhanced Protection Mode pretends to be part of the legitimate Comodo-brand product. Comodo Enhanced Protection Mode infections being distributed by using trojan, including posing as fake updates for media content such as Flash. Similar methods, especially those that involve fake browser updates or fake media codec updates, are also used by trojans like Zlob and Fake Microsoft Security Essentials Alert that distribute different types of rogue security applications. Comodo Enhanced Protection Mode installs into the computer and will configure itself to start automatically (in registry) when Windows boot. Comodo Enhanced Protection Mode WILL SURELY disable the update of other legitimate antivirus but the user will not know about it because Comodo Enhanced Protection Mode always show that the antivirus is up-to-date. Comodo Enhanced Protection Mode blocks many antivirus from executing in the computer so that to prevent itself from removing by real antivirus.

Comodo Enhanced Protection Mode can be removed by stopping the processes and removing the files by using Emsisoft HiJackFree. Then the user should remove the registry entries added or modified by Comodo Enhanced Protection Mode shown in the removal guide below. All files related to Comodo Enhanced Protection Mode must be deleted. The user should do it under Windows Safe Mode. The user should also run a full scan on the computer as Comodo Enhanced Protection Mode uses trojan to infect the computer.

Comodo Enhanced Protection Mode enable remote attacks on the computer so that other malicious malware can be easily installed without any confirmation from the user and all of them do it secretly. The infected computer will be infected by many type of malwares.

Comodo Enhanced Protection Mode will show this message to the user:
Comodo ENHANCED PROTECTION MODE Attention! Comodo operates under enhanced protection mode. This is temporary measure necessary for immediate response to the threat from virus. No action is required from you.

Comodo Enhanced Protection Mode should be removed immediately!

Comodo Enhanced Protection Mode Removal Guide
Kill Process
(How to kill a process effectively?)
%Windows%\l1rezerv.exe
%Windows%\sysdriver32.exe
%Windows%\systemup.exe
%Windows%\systemup.exe

Delete Registry
HKEY_LOCAL_MACHINE\Software\Comodo Enhanced Protection Mode
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Comodo Enhanced Protection Mode"

Remove Folders and Files
%Windows%\l1rezerv.exe
%Windows%\sysdriver32.exe
%Windows%\systemup.exe
%Windows%\systemup.exe
remove the files stated in the autorun setting.

No comments:

Post a Comment