Monday, July 25, 2011

Remove BlueFlare Antivirus (Uninstall guide)

BlueFlare Antivirus is another rogue antivirus program from the same family of malware as Wireshark Antivirus, Sysinternals Antivirus, etc. It reports false infections and displays a lot of fake security messages in order to trick you into purchasing its so-called full version. So, don`t trust anything that this software will say you and uninstall it as soon as possible

What BlueFlare Antivirus does

The malicious application is distributed with the help of trojans that come from various misleading websites. When the trojan is started, it will install this malware. On first run, BlueFlare Antivirus configures itself to start automatically when Windows loads. Next, the fake antivirus will simulate a system scan and list a lot of false infections that actually does not exist!

BlueFlare Antivirus will state that your computer is infected with adware, trojans, worms or malware with one purpose - to scare you into thinking that your PC in danger. Obviously, such results are a fraud, so you can freely ignore them.

While BlueFlare Antivirus is running, it will flood your computer with fake security alert and notifications from Windows task bar that stats:

svchost.exe has encountered a problem and needs to
close. We are sorry for inconvenience.
Security Warning
There are critical system files on your computer that were
modified by malicious program.
It will cause unstable work of your system and permanent
data loss.
Click here to undo performed modifications and remove
malicious software (Highly recommended).

Running of application is impossible.
The file C:\Windows\System32\notepad.exe is infected.
Please activate your antivirus program.

As you can see, BlueFlare Antivirus is absolutely useless and what is more, even dangerous software. Most importantly, do not purchase it. Instead, please use the BlueFlare Antivirus removal guide or the steps below in order to remove this malware from your computer for free.

HijackThis shows BlueFlare Antivirus infection:

O2 – BHO: ADC PlugIn – {19090308-636D-4e9b-A1CE-A647B6F794BF} – C:\Documents and Settings\1\Application Data\BlueFlare Antivirus\sbr32.dll
O4 – Startup: csrss.exe

How to remove BlueFlare Antivirus

1. Reboot your computer in Safe mode with networking by doing the following:
- reboot your computer;
- after hearing your computer beep once during startup, but before the Windows icon appears, keep tapping F8;
- instead of Windows loading as normal, Windows Advanced Options menu should appear;
- select second option Safe mode with networking and then press ENTER.

2. Download Malwarebytes Anti-malware from the link below

3. Double click mbam-setup.exe to install the application. When installation is complete, make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version.

4. Once the program has loaded you will see a screen like below.

Malwarebytes' Anti-Malware

5. Select "Perform Quick Scan", then click Scan. When the scan is done, click OK, then Show Results to view the results. You will see a list of malware that  Malwarebytes' Anti-Malware found on your computer. Note: list of malware may be different than what is shown in the screen below.

Malwarebytes' Anti-Malware - lists of malicious software

6. Make sure that everything is checked, and click Remove Selected. Once disinfection is finished, a log will open in Notepad and you may be prompted to Restart.

If the instructions does not help you, then ask for help in the Spyware removal forum.

BlueFlare Antivirus associated files:

%AppData%\blueflare antivirus
%UserProfile%\start menu\Programs\blueflare antivirus
%AppData%\blueflare antivirus\sbr32.dll
%UserProfile%\start menu\Programs\Startup\csrss.exe
%AppData%\blueflare antivirus\ms.conf
%AppData%\blueflare antivirus\blueflare antivirus.exe
%AppData%\blueflare antivirus\blueflare antivirus.ico
%AppData%\blueflare antivirus\csrss.exe
%UserProfile%\Desktop\blueflare antivirus.lnk
%UserProfile%\start menu\Programs\blueflare antivirus\blueflare antivirus.lnk

No comments:

Post a Comment