Windows AntiBreach Tool
Written by Tomas Meskauskas on (updated)
What is Antibreach Tool?
Windows Antibreach Tool is a fake antivirus program, which reports non existent security infections in order to scare PC users into believing that their operating system is infected with high-risk malware. This rogue software is created by cyber criminals who distribute it using hacked websites and fake online security warning messages.
Commonly, these criminals use fake Microsoft Security Essentials alert messages to trick PC users into installing Windows AntiBreach Tool on their computers. After successful infiltration, this bogus program modifies the registry entries of an affected operating system by blocking execution of installed programs (including Internet browsers) and disabling the Task Manager.
Furthermore, this fake antivirus configures itself to start automatically on each system Startup. The behavior of Windows AntiBreach Tool is similar to ransomware infections since it disables user access to the desktop until payment for a 'license key' is received.
Be aware that paying for 'ultimate protection' (the full version of this program) is equivalent to sending your money to cyber criminals - you will lose your money and your credit card information made available for further thefts. Windows AntiBreach Tool is a scam - do not trust this program or buy the 'full version'.
Windows AntiBreach Tool originates from a family of fake antivirus programs called FakeVimes. Previous variants were named Windows Paramount Protection, Windows Antivirus Master, and Windows Efficiency Master.
Cyber criminals responsible for releasing rogue antivirus programs from this family maintain identical user interfaces and functionality, and merely change the names of the fake security scanners.
To avoid installation of these bogus antivirus programs, do not trust online security warning messages indicating 'detected' security infections and offering installation of antivirus programs. PC users should keep their operating systems and installed software up-to-date and use legitimate antivirus and anti-spyware programs.
Users who observe Windows AntiBreach Tool scanning their computers for security infections should use the removal guide provided to eliminate this rogue antivirus program from their operating systems.
Windows Antibreach Tool generating fake security warning messages:
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced IT skills. Combo Cleaner is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
▼ DOWNLOAD Combo Cleaner
By downloading any software listed on this website you agree to our Privacy Policy and Terms of Use. To use full-featured product, you have to purchase a license for Combo Cleaner. 7 days free trial available. Combo Cleaner is owned and operated by Rcs Lt, the parent company of PCRisk.com read more.
Quick menu:
- What is AntiBreach Tool?
- STEP 1. AntiBreach Tool removal - deleting svc-[random letters].exe file.
- STEP 2. Remove AntiBreach Tool using a registration key.
- STEP 3. Remove AntiBreach Tool using Safe Mode with Networking.
Windows Antibreach Tool removal:
Complete these steps to access your desktop:
1. Wait until Windows Antibreach Tool completes the fake security scan and click "Settings" (at the top of the main window).
2. Select "Allow unprotected Startup".
3. After selecting "Allow unprotected Startup", close Windows Antibreach Tool.
4. Access "My Computer" - double click the "My Computer" icon.
5. Navigate to C:\Users\[YOUR USER NAME]\AppData\Roaming
6. Locate a file named "svc-[random letters].exe" and click your right mouse button over this file.
7. In the opened menu select "Rename". Change the filename of "svc-[random letters].exe" to "fake.exe".
8. After renaming the "svc-[random letters].exe" file, restart your computer. Next time the operating system boots, Windows Antibreach Tool will be inactive and will not block access to Internet.
6. Download legitimate anti-spyware software to completely remove this rogue antivirus program from your computer.
If you cannot download or run the spyware remover, try running the registry fix (link below). It enables execution of programs. Download the registryfix.reg file, double click it, click YES and then OK.
Windows Antibreach Tool removal using a registry key:
1. Click the question mark icon (at the top of the main window of Windows Antibreach Tool) and select "Register".
2. In the opened window enter this registry key: 0W000-000B0-00T00-E0001
3. After entering this registry key, Windows Antibreach Tool will imitate removal of previously 'detected' security threats and allow execution of installed programs. Note that entering this registration key will not remove this rogue antivirus program - it simply makes the removal process less complicated.
4. Download legitimate anti-spyware software to completely remove Windows Antibreach Tool from your computer.
Windows Antibreach Tool removal using Safe Mode with Networking:
Step 1
Start your computer in Safe Mode. Click Start, click Shut Down, click Restart, click OK. During your computer starting process press the F8 key on your keyboard multiple times until you see the Windows Advanced Option menu, then select Safe Mode with Networking from the list.
Video showing how to start Windows 7 in "Safe Mode with Networking":
Video showing how to start Windows XP in "Safe Mode with Networking":
Step 2
Remove proxy settings from Internet Explorer. This rogue antivirus adds a proxy to the user's Internet connection settings in order to display various errors when the user attempts to access the Internet. To remove proxy settings: Open Internet Explorer and click the gear icon. In the opened menu select "Internet Options".
In the opened window select the "Connections" tab.
In the "Connections" tab, click on "LAN settings".
If "Use a proxy server for your LAN" is checked, uncheck it and click OK.
Step 3
Download legitimate anti-spyware software to completely remove this fake antivirus program from your computer.
Step 4
After removing this rogue software, you should reset your Hosts file. Do not skip this step since Windows Antibreach Tool modifies your Hosts file and you will encounter browser redirect problems if malicious entries are not eliminated.
The Hosts file is used to resolve canonical names of websites to IP addresses. When it is changed, the user may be redirected to malicious sites, despite seeing legitimate URLs in address bar.
It is difficult to determine sites are genuine when the Hosts file is modified. To fix this, please download the Microsoft Fix It tool, that restores your Hosts file to the Windows default. Run this tool when downloaded and follow the on-screen instructions. Download link below:
Summary:
The fake antivirus programs (also known as "rogue antivirus programs" or "scareware") are applications that tries to lure computer users into paying for their non-existent full versions to remove the supposedly detected security infections (although the computer is actually clean). These bogus programs are created by cyber criminals who design them to look as legitimate antivirus software. Most commonly rogue antivirus programs infiltrate user's computer using poop-up windows or alerts which appear when users surf the Internet. These deceptive messages trick users into downloading a rogue antivirus program on their computers. Other known tactics used to spread scareware include exploit kits, infected email messages, online ad networks, drive-by downloads, or even direct calls to user's offering free support.
A computer that is infected with a fake antivirus program might also have other malware installed on it as rogue antivirus programs often are bundled with Trojans and exploit kits. Noteworthy that additional malware that infiltrates user's operating system remains on victim's computer regardless of whether a payment for a non-existent full version of a fake antivirus program is made. Here are some examples of fake security warning messages that are used in fake antivirus distribution:
Computer users who are dealing with a rogue security software shouldn't buy it's full version. By paying for a license key of a fake antivirus program users would send their money and banking information to cyber criminals. Users who have already entered their credit card number (or other sensitive information) when asked by such bogus software should inform their credit card company that they have been tricked into buying a rogue security software. Screenshot of a web page used to lure computer users into paying for a non-existent full version of windows antibreach tool virus and other rogue antivirus programs:
To protect your computer from windows antibreach tool virus and other rogue antivirus programs users should:
- Keep their operating system and all of the installed programs up-to-date.
- Use legitimate antivirus and anti-spyware programs.
- Use caution when clicking on links in social networking websites and email messages.
- Don't trust online pop-up messages which state that your computer is infected and offers you to download security software.
Symptoms indicating that your operating system is infected with a fake antivirus program:
- Intrusive security warning pop-up messages.
- Alerts asking to upgrade to a paid version of a program to remove the supposedly detected malware.
- Slow computer performance.
- Disabled Windows updates.
- Blocked Task Manager.
- Blocked Internet browsers or inability to visit legitimate antivirus vendor websites.
If you have additional information on windows antibreach tool virus or it's removal please share your knowledge in the comments section below.
▼ Show Discussion