1 of 4
Danger level 9
Type: Rogue Anti-Spyware
Common infection symptoms:
  • Block exe files from running
  • Installs itself without permissions
  • Connects to the internet without permission
  • System crashes
  • Annoying Pop-up's
  • Slow Computer

Windows Antibreach Tool

Windows Antibreach Tool is a rogue antispyware that can give you a run for your money. Literally. This malicious application pretends to be a reliable computer antivirus program in order to swindle you out of your money. Users infected must remove Windows Antibreach Tool immediately otherwise it is quite possible to suffer terrible consequences.

A lot of users think that rogues like Windows Antibreach Tool are not as dangerous as real computer system viruses so they simply ignore them and continue on using their computers as if their computers are not infected. However, Windows Antibreach Tool can cause serious trouble. Don’t be surprised if one day your system does not load anymore – Windows Antibreach Tool is surely capable of doing that.

Rogues are like infested wounds – the longer you keep it untreated the more damage it creates. The same can be applied to Windows Antibreach Tool – it might be just a string of fake security notifications at first, but the longer the rogue remains in your system, the more erratic computer behavior it causes. You cannot allow this to continue.

Erase Windows Antibreach Tool with a computer security program of choice if you are not well-versed in technologies. Automatic removal will save you the trouble of removing all rogue files from your computer manually. Also, the said computer security program will protect your system from similar cyber threats.

As our researchers have recently discovered, Windows AntiBreach Tool is a clone of Windows Efficiency Master, Windows Paramount Protection, and other infamous fake anti-spyware programs from the Rogue.VirusDoctor family. In order to delete these threats from the operating system you need to eliminate existing symptoms. Note that the threat can block the running of executable files which may disrupt the installation of automatic malware detection and removal software. Here are a few license keys which may help you disable existing symptoms.

License keys:


It is possible that schemers will ensure that these license keys cannot help you register as a legitimate rogue’s user and remove existing symptoms. Nonetheless, this should not discourage you from getting the fake AV deleted from the browsers. Use the instructions below to install reliable automatic malware detection and removal software which will delete the devious and complicated infection from your PC.

How to remove Windows AntiBreach Tool?

  1. Restart the computer and wait for BIOS screen to load.
  2. Immediately start tapping F8 to access the advanced boot options menu.
  3. Select Safe Mode with Command Prompt using arrow keys and tap Enter.
  4. Wait for the PC to reboot and the Command Prompt to show up.
  5. Place the cursor right after C:\Windows\system32\ type cd.. and tap Enter.
  6. Place the cursor right after C:\Windows type \explorer.exe and then tap Enter.
  7. Navigate to the left of the Task Bar and click the Start menu icon.
  8. Enter %appdata% into the Search/RUN box to access the Application Data folder.
  9. Right-click the file named svc-[random file name].exe and select Delete.
  10. Now restart the computer in the Normal Mode.
  11. Open the Start menu and enter regedit into the Search/RUN box to open the Windows Registry.
  12. Move to HKEY_CURRECT_USER\Software\Microsoft\Windows NT\Current Version\Winlogon.
  13. Locate the Shell, right-click it and select Modify.
  14. Go to Value, enter %WinDir%\Explorer.exe and click OK. Exit the utility.
  15. Visit http://www.pcthreat.com/download-sph and download an automatic malware remover.
  16. Install the program, scan the computer and delete (Fix Threats) all existing threats.
Download Spyware Removal Tool to Remove* Windows Antibreach Tool
  • Quick & tested solution for Windows Antibreach Tool removal.
  • 100% Free Scan for Windows

How to manually remove Windows Antibreach Tool

Files associated with Windows Antibreach Tool infection:

%AppData%\svc-[random file name].exe

Windows Antibreach Tool processes to kill:

%AppData%\svc-[random file name].exe

Remove Windows Antibreach Tool registry entries:

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "%AppData%\svc-[random file name].exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = 1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "PrSft"=%AppData%\ssvc-[random file name].exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\k9filter.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpUXSrv.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSASCui.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SPP
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorAdmin" = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorUser" = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableLUA" = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableVirtualization" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bckd "ImagePath" = "123123.sys"

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.