Saturday, 16 July 2011

How to Remove BlueFlare Antivirus (Uninstall Guide)

We have been receiving complaints about a program called BlueFlare Antivirus for a couple of days. From what we've heard about this application, is rogue anti-virus software. It displays misleading security alerts and false scan results in an effort to convince users into paying for a full version of the program. It may configure web browsers to use a proxy server and blocks system utilities, according to the system logs received from our readers. BlueFlare Anti-virus runs from %Application Data% folder. Unfortunately, we couldn't find a sample of this application or anything else related to BlueFlare Antivirus and it certainly raises our suspicion of fraud. If you are experiencing BlueFlare Antivirus pop-ups or security center alerts about this program, please scan your computer with legitimate anti-malware software. We are currently investigating this threat and will provide more information as it becomes available.

Update, 1:55 a.m. PDT, 23/07: BlueFlare Antivirus is indeed a rogue anti-virus application. To remove this fraudware, please follow the removal instructions below. Good luck and be safe online!



Fake BlueFlare Antivirus security alerts:


Security warning:
The file C:\WINDOWS\regedit.exe is infected.
Running of application is impossible.


Additionally, you can activate the rogue program by entering this registration code: DB038748-B4659586-4A1071AF-32E768CD-36005B1B-F4520642-3000BF2A-04FC910B. Once this is done, you are free to install anti-malware software and remove the rogue anti-virus program from your computer properly.


BlueFlare Antivirus removal instructions:

1. Go to StartRun or press WinKey+R. Type in "command" and press Enter key.


2. In the command prompt window type "notepad". Notepad will come up.


3. Copy all the text in blue color below and paste into Notepad.

Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"

4. Save file as regfix.reg to your Desktop. NOTE: (Save as type: All files)


regfix.reg is available for download here, in case you can't make your own or it doesn't work.

5. Double-click on regfix.reg file to run it. Click "Yes" for Registry Editor prompt window. Then click OK.
6. Download free anti-malware software from the list below and run a full system scan.
NOTE: in some cases the rogue program may block anti-malware software. Before saving the selected program onto your computer, you may have to rename the installer to iexplore.exe, explorer.exe or winlogon.exe With all of these tools, if running Windows 7 or Vista they MUST be run as administrator. Launch the program and follow the prompts. Don't forget to update the installed program before scanning.

7. New threats appear every day. In order to protect your PC from such (new) infections we strongly recommend you to use ESET Smart Security.


Associated BlueFlare Antivirus files and registry values:

Files:

Windows XP:
  • C:\Documents and Settings\[UserName]\Application Data\BlueFlare Antivirus\BlueFlare Antivirus.exe
Windows Vista/7:
  • C:\Users\[UserName]\AppData\Roaming\BlueFlare Antivirus\BlueFlare Antivirus.exe
Registry values:
  • HKEY_LOCAL_MACHINE\Software\AWM Antivirus\BlueFlare Antivirus
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BlueFlare Antivirus
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "BlueFlare Antivirus.exe"
Share this information with other people:

No comments:

Post a Comment