How to Uninstall/Remove Windows AntiBreach Suite Rogue Antivirus
You
keep receiving some security warnings provided by Windows AntiBreach Suite? A
window always pops up, which recommends you to purchase the new version of Windows
AntiBreach Suite? Can’t uninstall Windows AntiBreach Suite? Don’t worry. You
will have an ability to remove Windows AntiBreach Suite after reading this
post.
How
Does Windows AntiBreach Suite Break Into Your Computer?
Windows
AntiBreach Suite is
a rogue security protection program from Rogue.FakeVimes family. Generally
speaking, you will get the installation of Windows AntiBreach Suite when you
are not careful of your online actions. As soon as you visit some malicious
websites, your computer will be attacked by this rogue antivirus program.
Besides, accessing some email attachments or free applications is able to make
you encounter this pest likewise.
The
Hazard of Windows AntiBreach Suite
This
fake anti-spyware can imitate some functions of legit antivirus program like
registry cleanup, privacy cleanup, system optimization and so on. Once you are
taken in by its interface, Windows AntiBreach Suite keeps worrying you with some
deceptive security warnings saying that your computer is at high risk. It is suggested
that you should not believe these scan results. In fact, there is nothing wrong
with your computer at all. The intention of Windows AntiBreach Suite is to
scare you into purchasing its latest version proved to be useless in reality.
You
should pay more attention to protect your computer from being attacked by
Windows AntiBreach Suite. It not only cheats your money but also damages your
operating system. All files and registries of this virus are able to reduce
your system resources sharply. And in some cases, a prolonged infection often
causes slow computer performance and system crash. For computer security, we
strongly suggest that you uninstall Windows AntiBreach Suite as soon as
possible.
Step
by step to Remove Windows AntiBreach Suite
Step 1:
Go to the Safe Mode with Networking by hitting F8 key incessantly before
Windows starts up.
Step 2:
Open Start Menu and then go to Control Panel. Then use the search bar to look
for Folder Option. Check Show hidden files and folders and uncheck Hide protected
operating system files (Recommended) in the View tab of Folder Option window.
Step 3:
Press Ctrl+Alt+Delete at the same time to open Task Manager and find out
random.exe, then end the process of Windows AntiBreach Suite
Step 4:
Delete all files related to Windows AntiBreach Suite as below:
%AppData%\guard-<random>.exe
%AppData%\result1.db
Step 5:
Click Start button and search for “regedit” to open Registry Editor. Then
remove registries of Windows AntiBreach Suite as below:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Image File Execution Options\k9filter.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Image File Execution Options\MpCmdRun.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
“LowRiskFileTypes”=“.zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
“SaveZoneInformation” = 1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “GuardSoftware”
= %AppData%\svc-lefx.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon “Shell” = “%AppData%\safe-<random>.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
“ConsentPromptBehaviorAdmin” = 0
Because
Windows AntiBreach Suite can change its files all the time, many antivirus
programs can’t pick it out. Hence, manual removal seems to be more effective
than automatic removal. However, manually removing this virus is not an easy
job.
