Threat Database Rogue Anti-Spyware Program Windows Antibreaking System

Windows Antibreaking System

Windows Antibreaking System Image

Windows Antibreaking System has an attractive start-up screen and a main GUI that looks like a genuine security application with plenty of features. However, these are all for show; Windows Antibreaking System is a fake anti-virus application in the FakeVimes family of rogue security programs. Rogue security programs like Windows Antibreaking System are a kind of malware infection that attempts to steal a computer user's money by making them believe that their computer is under attack and then trick them into purchasing a fake security application. The FakeVimes family of rogue security programs is nothing new to PC security researchers, considering that it has been active and constantly updated since 2009. Some characteristics specific to the FakeVimes family include its ability to disable the file processes of well-known legitimate security programs and use file names made up of three random characters.

A recent batch of malware in the FakeVimes family, which includes Windows Antibreaking System itself, was released in 2012 and is notorious for being bundled with a dangerous rootkit component in the ZeroAccess family. There are dozens of clones of Windows Antibreaking System in this recent batch, including programs like Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst.

While most security programs have no problem handling the Windows Antibreaking System infection itself, due to the well-known nature of this family of fake security software, the rootkit that it uses to attack a computer system is much more difficult to deal with. Typically, it is necessary to use an anti-rootkit tool before attempting to remove Windows Antibreaking System with a reliable anti-malware program.

Do Not Let Criminals Use Windows Antibreaking System to Steal Your Money!

Criminals target inexperienced computer users with the Windows Antibreaking System scam. This is because they are more likely to believe that Windows Antibreaking System is a legitimate Windows component instead of a malware infection. The main scam consists in displaying numerous misleading error messages in order to make the victim think their computer is infected. These are accompanied with browser redirects and messages urging the victim to register their copy of Windows Antibreaking System, something that requires paying for this useless fake security program. To remove Windows Antibreaking System, it is imperative to use a reliable anti-malware program. However, it is often difficult to bypass Windows Antibreaking System's self-protective measures. Our malware analysts have found that using the registration code 0W000-000B0-00T00-E0020 can make the fake security alerts and error messages stop long enough to be able to remove Windows Antibreaking System with a reliable security program. While this does not remove Windows Antibreaking System, it stops some of its worst symptoms in order to make removal easier.ScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshot

Windows Antibreaking System Video

Tip: Turn your sound ON and watch the video in Full Screen mode.

File System Details

Windows Antibreaking System may create the following file(s):
# File Name Detections
1. %AppData%\Inspector-[RANDOM CHARACTERS].exe
2. %AppData%\npswf32.dll
3. %CommonPrograms%\Windows Antibreaking System.lnk
4. %DesktopDir%\Windows Antibreaking System.lnk

Registry Details

Windows Antibreaking System may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"

Messages

The following messages associated with Windows Antibreaking System were found:

Error
Trojan activity detected. System data security is at risk.
It is recommended to activate protection and run a full system scan.
Warning
Firewall has blocked a program from accessing the Internet
C:\program files\internet explorer\iexplore.exe
is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.
Warning
Firewall has blocked a program from accessing the Internet
C:program filesinternet exploreriexplore.exe
is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.
Warning! Identity theft attempt Detected
Hidden connection IP: 58.82.12.124
Target: Your passwords for sites

Trending

Most Viewed

Loading...