BlueFlare Antivirus

By Domesticus in Rogue Anti-Spyware Program

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 12
First Seen: July 25, 2011
Last Seen: August 17, 2022
OS(es) Affected: Windows

BlueFlare Antivirus Image

BlueFlare Antivirus (also appearing as Blue Flare Antivirus and BlueFlareAntivirus) is a typical rogue anti-virus program. Like most rogue security programs, BlueFlare Antivirus will pester you with fake security alerts and pop-up notifications, show you a system scan designed to make you panic, and affect your ability to access your own programs and the Internet. BlueFlare Antivirus usually enters a computer without the computer user's knowledge and, once installed, BlueFlare Antivirus will try to force the computer user to buy BlueFlare Antivirus by constant repetition. BlueFlare Antivirus is closely related to the Ppn.exe family of rogue security programs, including XP Security 2012, Win 7 Security 2012, Vista Security 2012, XP Total Security, Win 7 Total Security, Vista Total Security, and many others. ESG security researchers recommend that you remove BlueFlare Antivirus automatically with a legitimate anti-malware program.
 

Early Detection of the BlueFlare Antivirus Threat

ESG malware researchers have found that BlueFlare Antivirus can attack a computer through malicious scripts while browsing the Internet. These usually use vulnerabilities in JavaScript or Flash to install BlueFlare Antivirus. If you visit high-risk websites regularly, disabling JavaScript or Flash may help stop BlueFlare Antivirus in its tracks. You should also be careful with websites that are generally thought to be safe. BlueFlare Antivirus may also gain access to your computer through poorly regulated advertisements. Advertisements that try to convince you to try out a free online malware scan, or try to sell you anti-virus software, are especially dangerous.
 

The BlueFlare Antivirus Fake System Scan

Once installed, the first thing BlueFlare Antivirus will try to do is to convince you that your computer is infected with a large number of viruses. You should keep in mind that all of BlueFlare Antivirus' security alerts and system scans are fake, designed to convince you to buy this useless rogue anti-virus program. In reality, the infections detected by BlueFlare Antivirus are completely nonexistent. The real problem on your PC is BlueFlare Antivirus itself.
 

Severe Problems Caused by BlueFlare Antivirus

Make no mistake about it, BlueFlare Antivirus is not limited to displaying fake security alerts and annoying error messages. ESG PC security researchers classify BlueFlare Antivirus as a dangerous threat, which can place your computer at risk. BlueFlare Antivirus has been known to change your Internet browser and system settings to make your computer vulnerable to further attacks. It will alter your browser to use a proxy server, which is then used to control your Internet browsing. It does this to redirect you aggressively to websites belonging to the creators of BlueFlare Antivirus, to push you into giving up and buying this useless program. To protect itself, BlueFlare Antivirus also blocks a very large number of programs and Windows Components that may be used to remove BlueFlare Antivirus. This can make BlueFlare Antivirus removal especially tough.

Aliases

7 security vendors flagged this file as malicious.

Anti-Virus Software Detection
Panda Trj/CI.A
AVG FakeAV.QHN
Ikarus Trojan.Fakeav
Microsoft Rogue:Win32/FakeScanti
BitDefender Trojan.Generic.KDV.299386
Avast Win32:Malware-gen
McAfee Artemis!B48CFFD6DD34

SpyHunter Detects & Remove BlueFlare Antivirus

File System Details

BlueFlare Antivirus may create the following file(s):
# File Name MD5 Detections
1. BlueFlare Antivirus.exe 4a93f2ee1468fbd3a3a19a79a746ffbe 3
2. csrss.exe ff89cab4a86fb4615e41caf25e445887 1
3. %CommonAppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe
4. %AppData%\BlueFlare Anti-Virus
5. %CommonAppData%\[RANDOM CHARACTERS]
6. %AppData%\BlueFlare Anti-Virus\cookies.sqlite
7. %Documents and Settings%\[UserName]\Application Data\BlueFlare Antivirus\[RANDOM CHARACTERS]
8. %AppData%\BlueFlare Anti-Virus\Instructions.ini
9. sbr32.dll b48cffd6dd34e2fdd694093d57ecffd3 0

Registry Details

BlueFlare Antivirus may create the following registry entry or registry entries:
File name without path
BlueFlare Antivirus.lnk
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BlueFlare Antivirus
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS].exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options "Debugger" = "svchost.exe"
HKEY_LOCAL_MACHINE\Software\AWM Antivirus\BlueFlare Antivirus
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = 127.0.0.1

Directories

BlueFlare Antivirus may create the following directory or directories:

%AppData%\BlueFlare Antivirus

Trending

Most Viewed

Loading...