Exponential occurrences of Adware after downloading the Bloom software

A colleague just started using Bloom to write books. After less than a week of using the program, she scanned her computer and found almost 3,000 threats of malware. All of it was labelled as being from “Adware.Bloom.”

Does anyone know what is going on? She quarantined it, but is worried about it and doesn’t want to use Bloom anymore until she can find out what is going on.


This is a case of us having a name that is just too common. So yes, she probably has the adware named “Bloom”, but no, this is not referring to SIL’s Bloom software.

She should follow here anti-malware’s instructions for removing it.

Thanks for the quick reply!

She normally does scans daily, but didn’t do one for a week. Then there were 3,000 occurrences of her scan software labeling Bloom as adware. That’s seems like more than a coincidence. I noticed an older thread about how malware scanner don’t recognize Blooms software and label it as a threat. Could this be the problem for her?

There is a trojan “adware” program named Bloom. SIL Bloom has tens of thousands of users, so from that perspective, it’s just a probability that if there is adware named Bloom out there, one of those users of Bloom will eventually get it. This is why I don’t want to say that this is a false alarm-- I don’t have a way of knowing.

Googling around, I see two ways to identify the adware:

  1. Any mention of " “Bloom Technologies Copyright ©” in the Windows Task Manager
  2. Something called “Bloom” in their “Roaming” folder. SIL Bloom does not use the Roaming folder. (youtube).
    See also: reddit

Looking at Bloom & Antivirus False Alarms | Bloom Docs , I see that the screenshot there, showing a false alarm, does match what you described, @JennyS . It shows about 3000 occurrences, including things like the SIL Andika font:

See if the documentation there is helpful in resolving her issue.

Thank you so much! I’ll pass this information on to her.