Update, 1:55 a.m. PDT, 23/07: BlueFlare Antivirus is indeed a rogue anti-virus application. To remove this fraudware, please follow the removal instructions below. Good luck and be safe online!
Fake BlueFlare Antivirus security alerts:
Security warning:
The file C:\WINDOWS\regedit.exe is infected.
Running of application is impossible.
Additionally, you can activate the rogue program by entering this registration code: DB038748-B4659586-4A1071AF-32E768CD-36005B1B-F4520642-3000BF2A-04FC910B. Once this is done, you are free to install anti-malware software and remove the rogue anti-virus program from your computer properly.
BlueFlare Antivirus removal instructions:
1. Go to Start → Run or press WinKey+R. Type in "command" and press Enter key.
2. In the command prompt window type "notepad". Notepad will come up.
3. Copy all the text in blue color below and paste into Notepad.
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
4. Save file as regfix.reg to your Desktop. NOTE: (Save as type: All files)
regfix.reg is available for download here, in case you can't make your own or it doesn't work.
5. Double-click on regfix.reg file to run it. Click "Yes" for Registry Editor prompt window. Then click OK.
6. Download free anti-malware software from the list below and run a full system scan.
NOTE: in some cases the rogue program may block anti-malware software. Before saving the selected program onto your computer, you may have to rename the installer to iexplore.exe, explorer.exe or winlogon.exe With all of these tools, if running Windows 7 or Vista they MUST be run as administrator. Launch the program and follow the prompts. Don't forget to update the installed program before scanning.
7. New threats appear every day. In order to protect your PC from such (new) infections we strongly recommend you to use ESET Smart Security.
Associated BlueFlare Antivirus files and registry values:
Files:
Windows XP:
- C:\Documents and Settings\[UserName]\Application Data\BlueFlare Antivirus\BlueFlare Antivirus.exe
- C:\Users\[UserName]\AppData\Roaming\BlueFlare Antivirus\BlueFlare Antivirus.exe
- HKEY_LOCAL_MACHINE\Software\AWM Antivirus\BlueFlare Antivirus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BlueFlare Antivirus
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "BlueFlare Antivirus.exe"
0 comments:
Post a Comment