BlueFlare Antivirus

BlueFlare Antivirus Description

Type: Rogue AntiSpyware Programs

ScreenshotBlueFlare Antivirus (also appearing as Blue Flare Antivirus and BlueFlareAntivirus) is a typical rogue anti-virus program. Like most rogue security programs, BlueFlare Antivirus will pester you with fake security alerts and pop-up notifications, show you a system scan designed to make you panic, and affect your ability to access your own programs and the Internet. BlueFlare Antivirus usually enters a computer without the computer user's knowledge and, once installed, BlueFlare Antivirus will try to force the computer user to buy BlueFlare Antivirus by constant repetition. BlueFlare Antivirus is closely related to the Ppn.exe family of rogue security programs, including XP Security 2012, Win 7 Security 2012, Vista Security 2012, XP Total Security, Win 7 Total Security, Vista Total Security, and many others. ESG security researchers recommend that you remove BlueFlare Antivirus automatically with a legitimate anti-malware program.

Early Detection of the BlueFlare Antivirus Threat

ESG malware researchers have found that BlueFlare Antivirus can attack a computer through malicious scripts while browsing the Internet. These usually use vulnerabilities in JavaScript or Flash to install BlueFlare Antivirus. If you visit high-risk websites regularly, disabling JavaScript or Flash may help stop BlueFlare Antivirus in its tracks. You should also be careful with websites that are generally thought to be safe. BlueFlare Antivirus may also gain access to your computer through poorly regulated advertisements. Advertisements that try to convince you to try out a free online malware scan, or try to sell you anti-virus software, are especially dangerous.

The BlueFlare Antivirus Fake System Scan

Once installed, the first thing BlueFlare Antivirus will try to do is to convince you that your computer is infected with a large number of viruses. You should keep in mind that all of BlueFlare Antivirus' security alerts and system scans are fake, designed to convince you to buy this useless rogue anti-virus program. In reality, the infections detected by BlueFlare Antivirus are completely nonexistent. The real problem on your PC is BlueFlare Antivirus itself.

Severe Problems Caused by BlueFlare Antivirus

Make no mistake about it, BlueFlare Antivirus is not limited to displaying fake security alerts and annoying error messages. ESG PC security researchers classify BlueFlare Antivirus as a dangerous threat, which can place your computer at risk. BlueFlare Antivirus has been known to change your Internet browser and system settings to make your computer vulnerable to further attacks. It will alter your browser to use a proxy server, which is then used to control your Internet browsing. It does this to redirect you aggressively to websites belonging to the creators of BlueFlare Antivirus, to push you into giving up and buying this useless program. To protect itself, BlueFlare Antivirus also blocks a very large number of programs and Windows Components that may be used to remove BlueFlare Antivirus. This can make BlueFlare Antivirus removal especially tough.


7 security vendors flagged this file as malicious.

Anti-Virus Software Detection
Panda Trj/CI.A
Ikarus Trojan.Fakeav
Microsoft Rogue:Win32/FakeScanti
BitDefender Trojan.Generic.KDV.299386
Avast Win32:Malware-gen
McAfee Artemis!B48CFFD6DD34

Technical Information

Screenshots & Other Imagery

SpyHunter Detects & Remove BlueFlare Antivirus

File System Details

BlueFlare Antivirus creates the following file(s):
# File Name MD5 Detection Count
1 BlueFlare Antivirus.exe 4a93f2ee1468fbd3a3a19a79a746ffbe 2
2 csrss.exe ff89cab4a86fb4615e41caf25e445887 1
4 %AppData%\BlueFlare Anti-Virus N/A
6 %AppData%\BlueFlare Anti-Virus\cookies.sqlite N/A
7 %Documents and Settings%\[UserName]\Application Data\BlueFlare Antivirus\[RANDOM CHARACTERS] N/A
8 %AppData%\BlueFlare Anti-Virus\Instructions.ini N/A
9 sbr32.dll b48cffd6dd34e2fdd694093d57ecffd3 0

Registry Details

BlueFlare Antivirus creates the following registry entry or registry entries:
%AppData%\BlueFlare Antivirus
File name without path
BlueFlare Antivirus.lnk
Registry key
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BlueFlare Antivirus
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS].exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options "Debugger" = "svchost.exe"
HKEY_LOCAL_MACHINE\Software\AWM Antivirus\BlueFlare Antivirus
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" =

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.