BlueBlood

BlueBlood.A is a generic detection for a potentially unwanted program or app (PUP or PUA). PUAs are not malware but sometimes can come close. Generally, potentially unwanted applications are designated as such because they either don't do what they are supposed to do or they get installed without the user’s knowledge or permission.

One of the most common types of PUAs are fake optimizers or boosters. Applications of this type are advertised as tools which can significantly improve the performance of a Mac device. These applications usually have websites and are distributed officially. The developers rely on the user believing the claims that the particular PUA will make a Mac device run better. Typically, such applications either don’t do anything or they offer redundant features available as free native Apple utilities. These applications often have a free version which generates fake problem detections in an attempt to convince users to buy a license or a full version of the application.

PUAs which aren’t distributed through normal means can get on Mac devices in other ways. The method that seems to be most popular is the fake Adobe Flash Player update pop-up. Mac users can encounter such pop-ups on compromised websites or as a symptom of other malware. The pop-up looks very much like a real update prompt. In some cases it may even contain a real version of Adobe Flash Player. However, the important thing is that it also installs PUAs. So while the user may think they are installing an update, they are also allowing other applications on their system.

Another avenue for PUA distribution is bundling the applications with other software. In those cases, during the installation process the user is given the choice to go with an "express" installation or "custom," or "advanced" options. If the user chooses the express option, they are often not shown all the components of the bundle and some of those components can be different apps including PUAs.

While annoying, PUAs are easily detected by antivirus software. Manual removal may be somewhat complicated in certain cases, but security suites will easily take care of PUAs.