Home Malware Programs Rogue Anti-Spyware Programs Windows Antibreach Tool

Windows Antibreach Tool

Posted: February 14, 2014

Threat Metric

Threat Level: 10/10
Infected PCs: 70
First Seen: February 14, 2014
OS(es) Affected: Windows


Windows AntiBreach Tool is a rogue anti-malware application that malware researchers currently estimate to be one of the many emerging members of FakePAV, a threat family known for blocking other programs. While Windows AntiBreach Tool constitutes a security hazard all by itself, Windows AntiBreach Tool has armed itself with numerous ways of misleading its victims into believing that several types of threats are responsible for any obvious malfunctions. Deleting Windows AntiBreach Tool with legitimate anti-malware products while, above all else, avoiding the purchase of its software or the transfer of personal information to its 'company' is strongly recommended for the safety of both you and your PC.

The Security Breach that Pretends to Protect You

Windows AntiBreach Tool is of a subtype of threat that's reliant on deceiving victims to acquire money, although Windows AntiBreach Tool also can pose a threat to any PC, regardless of how fooled its users might be. With an interface that's meant to make Windows AntiBreach Tool look similar to Microsoft anti-malware suites, and seemingly including advanced features like its own memory process manager, Windows AntiBreach Tool looks the part of security software but plays the exact opposite role. Windows AntiBreach Tool displays firewall alerts and other warning messages that are intended to warn you about threats that aren't installed, along with similar, fake system scans that include completely inaccurate results.

This false information is a lead-in for Windows AntiBreach Tool's request that you purchase its premium software. Like its freeware version, Windows AntiBreach Tool's 'premium' version doesn't attempt to safeguard your PC, and giving money or financial information to the individuals responsible for Windows AntiBreach Tool doesn't provide any relief from the undesirable symptoms often associated with this scamware.

None of this is any surprise to malware experts, who have seen clones of Windows AntiBreach Tool already in distribution under other names, such as Privacy Guard Pro, PrivacyGuard Pro 2.0, Extra Antivirus, Fast Antivirus 2009, Presto TuneUp, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, Live PC Care, PC Live Guard, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus and Smart Security. Windows AntiBreach Tool and other FakeVimes clones often are installed by JavaScript-based attacks from unsafe sites or advertisements that pretend to scan your computer, although this distribution method isn't exclusive. Strong browser security and anti-malware products with browser-guarding features may block many of these attacks, but, once Windows AntiBreach Tool is installed, additional solutions may be necessary.

Closing the Breach Made by an Invasion of Windows AntiBreach Tool

Windows AntiBreach Tool is more than just a simple provider of fake system information, Windows AntiBreach Tool also is a direct assailant upon your PC's real security features. Windows AntiBreach Tool may terminate other programs from memory automatically or modify the Registry to replace your access to basic security programs with shortcuts to itself. The Task Manager, some brands of Web browsers, various social networking programs and many brands of real anti-malware scanners all have been seen in the FakeVimes blacklist, which makes it essential to disable Windows AntiBreach Tool and regain the full use of your computer.

As a standard way to block a threat before it can block you, malware experts would suggest trying a system reboot from Safe Mode or booting from a removable hard drive. Only after you've blocked Windows AntiBreach Tool from being launched should you try to remove Windows AntiBreach Tool and any related threats with a legitimate anti-malware program.

Technical Details

Additional Information

The following messages's were detected:
# Message
1Firewall has blocked a program from accessing the Internet
c:\windows\system32\taskmanger.exe
is suspected to have infected your PC.
This type of virus intercepts entered data and transmits them
to a remote server.

Loading...