Antiviral Factory 2013
Posted: August 14, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 4,895 |
|---|---|
| Threat Level: | 2/10 |
| Infected PCs: | 9,977 |
| First Seen: | August 14, 2013 |
|---|---|
| Last Seen: | October 11, 2023 |
| OS(es) Affected: | Windows |
Antiviral Factory 2013 is a new variant of Winwebsec, a family of fake anti-malware scanners that pretend to detect various PC threats and then request money for 'removing' them from your computer. While Antiviral Factory 2013's fake anti-malware functions are not insignificant, SpywareRemove.com malware researchers are especially concerned over Antiviral Factory 2013's ability to block other applications arbitrarily and on a widespread basis – a function common to Winwebsec-based scamware. As a security threat to your PC that's incapable of performing any legitimate functions for your benefit, Antiviral Factory 2013 should be deleted as rapidly as possible and by a real anti-malware product if such is available for your use.
Antiviral Factory 2013: the Scamware Factory's Latest Product Line
While Antiviral Factory 2013 is been re-branded to look like a separate product, Antiviral Factory 2013 is a clone of previous members of the WinWeb Security family already examined by SpywareRemove.com malware researchers and includes all of the same attacks that its predecessors are known for abusing. While Antiviral Factory 2013 does look like an anti-malware scanner and even seems to offer system scans and live alerts for detecting various PC threats, Antiviral Factory 2013's alert always are inaccurate and will detect malware that isn't on your computer (such as keyloggers and other forms of password-stealing spyware). Antiviral Factory 2013's alerts may be displayed in various formats, including taskbar balloons, fake activation prompts and lists of PC threats supposedly infecting various specific files.
Antiviral Factory 2013 can't detect real malware or attacks against your computer, but Antiviral Factory 2013's alerts and fake scans are used to encourage you to purchase its registration key – supposedly to disinfect your computer. This scam is the central characteristics of Winwebsec-based rogue anti-malware products, but SpywareRemove.com malware experts also associate Antiviral Factory 2013 with additional attacks, such as:
- Making changes to your Registry that disable various security features, including your firewall, Windows updates and the User Account Control (or UAC).
- Disabling most other programs on your computer, with the exceptions of itself, your Web browser and various Windows components.
- Hijacking your browser and redirecting it away from security-oriented websites (usually along with displaying fake security warnings).
Living Out 2013 without Antiviral Factory 2013 Being a Bother
Since Antiviral Factory 2013 is scamware that also substantially downgrades your computer's baseline security, you should act to disable and remove Antiviral Factory 2013 by any means needed as soon as you have confirmed its presence on your PC. SpywareRemove.com malware experts generally recommend using Safe Mode or additional security techniques for disabling program-blocking PC threats like Antiviral Factory 2013, which can be difficult to remove if Antiviral Factory 2013 is still active at the time. It also must be emphasized that paying for Antiviral Factory 2013 or registering Antiviral Factory 2013 is not necessary for disinfecting your PC, nor is it beneficial for you to do so.
Antiviral Factory 2013 does not install itself without the help of other PC threats. Exploit kits hosted on harmful websites, spam-distributed Trojans and other dishonest methods of installation usually are related to fake anti-malware programs like Antiviral Factory 2013. However, SpywareRemove.com malware experts note that if your browser has appropriate anti-malware protection and you act with a reasonable level of self-awareness online, you're unlikely to be targeted by Antiviral Factory 2013 infections. Similar precautions also are relevant to Antiviral Factory 2013's relatives, such as Antivirus Security, System Security, AntiSpyware Pro 2009, Total Security, Total Security 2009, Security Tool, Trojan.RogueAV.a.gen, System Adware Scanner 2010, FakeAlert-KW.e, Advanced Security Tool 2010, System Tool 2011, MS Removal Tool, Antivirus Center, Security Shield, Personal Shield Pro, Advanced PC Shield 2012, Security Sphere 2012 and Futurro Antivirus.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%Programs%\Antiviral Factory 2013
File name: %Programs%\Antiviral Factory 2013Group: Malware file
%Programs%\Antiviral Factory 2013\Uninstall.lnk
File name: %Programs%\Antiviral Factory 2013\Uninstall.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%Programs%\Antiviral Factory 2013\Antiviral Factory 2013.lnk
File name: %Programs%\Antiviral Factory 2013\Antiviral Factory 2013.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%Programs%\Antiviral Factory 2013\Antiviral Factory 2013 Support Site.lnk
File name: %Programs%\Antiviral Factory 2013\Antiviral Factory 2013 Support Site.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%Desktopdir%\Antiviral Factory 2013.lnk
File name: %Desktopdir%\Antiviral Factory 2013.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
Registry Modifications
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\[RANDOM NUMBERS AND CHARACTERS] %AppData%\[RANDOM NUMBERS AND CHARACTERS]\[RANDOM NUMBERS AND CHARACTERS].exeHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antiviral Factory 2013HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antiviral Factory 2013\DisplayName Antiviral Factory 2013HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antiviral Factory 2013\DisplayIcon %AppData%\[RANDOM NUMBERS AND CHARACTERS]\[RANDOM NUMBERS AND CHARACTERS].exe,0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antiviral Factory 2013\UninstallString "%AppData%\[RANDOM NUMBERS AND CHARACTERS]\[RANDOM NUMBERS AND CHARACTERS].exe" -uHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antiviral Factory 2013\ShortcutPath "%AppData%\[RANDOM NUMBERS AND CHARACTERS]\[RANDOM NUMBERS AND CHARACTERS].exe" -uHKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Run [RANDOM NUMBERS AND CHARACTERS].exe = %commonappdata%\[RANDOM NUMBERS AND CHARACTERS].exe\[RANDOM NUMBERS AND CHARACTERS].exe
Additional Information
| # | Message |
|---|---|
| 1 | Antiviral Factory 2013 Warning Intercepting programs that may compromise your privacy and harm your system have been detected on your PC. Click here to remove them immediately with Antiviral Factory 2013. |
| 2 | Antiviral Factory 2013 Warning Your PC is still infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details.Click here to activate protection. |
| 3 | Security Monitor: WARNING! Attention! System detected a potential hazard (TrojanSPM/LX) on your computer that may infect executable files. Your private information and PC safety is at risk. To get rid of unwanted spyware and keep your computer safe your need to update your current security software. Click Yes to download official intrusion detection system (IDS software). |
| 4 | WARNING! Application cannot be executed. The file procexp.exe is infected. Please activate your antivirus software. |
| 5 | Warning: Your computer is infected Detected spyware infection! Click this message to install the last update of security software |
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.