Home Malware Programs Rogue Anti-Spyware Programs BlueFlare Antivirus

BlueFlare Antivirus

Posted: July 17, 2011

Threat Metric

Threat Level: 10/10
Infected PCs: 28
First Seen: July 25, 2011
Last Seen: August 17, 2022
OS(es) Affected: Windows

ScreenshotBlueFlare Antivirus is a recent rogue anti-virus program that uses a brand-new name but the same types of tricks that other rogue applications have been using for years. You can expect some or all of the following on any computer that's infected with BlueFlare Antivirus: fake alert messages, system scans that show alarming and deceptive results, disabled Windows applications and problems browsing websites. Victims of BlueFlare Antivirus attacks have reported that BlueFlare Antivirus is able to infect your PC without your consent, but this doesn't stop BlueFlare Antivirus from asking you to buy it over and over again. BlueFlare Antivirus is from the same rogue anti-virus program family as Vista Security 2012, XP Security 2012, Win 7 Security 2012, Windows XP Repair, and XP Antispyware 2012. Disable BlueFlare Antivirus with standard anti-virus strategies and then use the best anti-malware software that you have to clean BlueFlare Antivirus out of your PC, since manually deleting BlueFlare Antivirus is likely to result in failure.

Keeping an Eye Open for the BlueFlare Antivirus Flare Up

Even though BlueFlare Antivirus pretends to be a real anti-virus utility, BlueFlare Antivirus's means of getting on your computer are anything but legitimate. Those who've been attacked by BlueFlare Antivirus infections report that BlueFlare Antivirus can install itself by using malicious scripts that are embedded in websites. Typically, these scripts will require Java or Flash to be enabled, and selectively disabling such features can help make your website browsing a safer experience.

Even websites that tend to be safe have been reported to cause BlueFlare Antivirus infections by accident, which indicates that BlueFlare Antivirus may be using advertisements as a pathway straight to your computer. In most cases, all a malicious advertisement needs to do is display itself for your PC to risk infection. Be particularly cautious around any advertisements that feature anti-virus scanner services, since these are commonly used by rogue applications.

If you do become infected with BlueFlare Antivirus, you'll notice that BlueFlare Antivirus immediately finds a large amount of problems lurking under the veneer of your computer's seemingly good health. However, all alerts, pop-up warnings and scanner results that are created by BlueFlare Antivirus provide inaccurate information that alerts you to infections and other system problems that don't, in reality, exist at all. Deleting BlueFlare Antivirus is crucial, but since BlueFlare Antivirus alters the Registry and can infect System Restore, you should avoid manual removal methods in lieu of using good security software.

The Sophisticated Side of BlueFlare Antivirus's Fake Anti-Virus Charms

If you take a look beyond BlueFlare Antivirus's fake anti-virus appearance, you can see that BlueFlare Antivirus is the cause of even more serious problems than mere fake error messages. Standard issues that accompany BlueFlare Antivirus infections include, but aren't restricted to:

  • System settings that are changed to lower your security and enable BlueFlare Antivirus to produce other attacks. One of the most common changes that you can see is in your browser settings, which are altered to use a proxy server. The exploits to which BlueFlare Antivirus puts this vulnerability can be seen below.
  • After making your browser use a proxy server, BlueFlare Antivirus will hijack it to control which websites you can access. BlueFlare Antivirus may redirect you to its own website to bully you into purchasing a registration key, or BlueFlare Antivirus may simply block websites from displaying altogether. If you're troubled by the latter, you may see an error message like this one:

    "Proxy server is refusing connections"

  • Besides blocking websites, BlueFlare Antivirus may also block various programs, with an emphasis on anything related to Windows security, maintenance or analysis. Task Manager, Registry Editor, MSConfig and anti-virus scanners all fall under BlueFlare Antivirus's potential blacklist umbrella.


ScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshot

Aliases

Trj/CI.A [Panda]FakeAV.QHN [AVG]Trojan.Fakeav [Ikarus]Rogue:Win32/FakeScanti [Microsoft]Trojan.Generic.KDV.299386 [BitDefender]Win32:Malware-gen [Avast]Artemis!B48CFFD6DD34 [McAfee]

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%AppData%\BlueFlare Antivirus\sbr32.dll File name: sbr32.dll
Size: 679.93 KB (679936 bytes)
MD5: b48cffd6dd34e2fdd694093d57ecffd3
Detection count: 40
File type: Dynamic link library
Mime Type: unknown/dll
Path: %AppData%\BlueFlare Antivirus
Group: Malware file
Last Updated: July 25, 2011
%AppData%\BlueFlare Antivirus\csrss.exe File name: csrss.exe
Size: 215.55 KB (215552 bytes)
MD5: ff89cab4a86fb4615e41caf25e445887
Detection count: 33
File type: Executable File
Mime Type: unknown/exe
Path: %AppData%\BlueFlare Antivirus
Group: Malware file
Last Updated: August 10, 2018
%AppData%\BlueFlare Antivirus\BlueFlare Antivirus.exe File name: BlueFlare Antivirus.exe
Size: 2.67 MB (2670592 bytes)
MD5: 4a93f2ee1468fbd3a3a19a79a746ffbe
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %AppData%\BlueFlare Antivirus
Group: Malware file
Last Updated: August 17, 2022

Registry Modifications

The following newly produced Registry Values are:

File name without pathBlueFlare Antivirus.lnk

Additional Information

The following directories were created:
%AppData%\BlueFlare Antivirus

One Comment

  • windows antivirus says:

    Without antivirus software and just being connected to the internet you will be infected within minutes,

Loading...