Jump to content

Welcome to Geeks to Go
Geeks to Go Welcome
Create Account Login to Account
Photo

Removal instructions for JetClean

- - - - - bluesprig

  • Please log in to reply
No replies to this topic

#1
Metallica

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Content is republished with permission from Malwarebytes.

What is JetClean?

The Malwarebytes research team has determined that JetClean is a "system optimizer". These so-called "system optimizers" use intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems.
More information can be found on our Malwarebytes Labs blog.

How do I know if I am infected with JetClean?

This is how the main screen of the sytem optimizer looks:

main.png

You will find these icons in your taskbar, your startmenu, and on your desktop:

icons.png

and see these warnings during install:

warning1.png

warning2.png

and this screen at fiurst use:

warning5.png

You may see this entry in your list of installed programs:

warning4.png

and this task in your list of Scheduled Tasks:

warning3.png

How did JetClean get on my computer?

These so-called system optimizers use different methods of getting installed. This particular one was downloaded through their website:

website.png

How do I remove JetClean?

Our program Malwarebytes can detect and remove this potentially unwanted application.
  • Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
Is there anything else I need to do to get rid of JetClean?
  • No, Malwarebytes removes JetClean completely.
  • This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks.
How would the full version of Malwarebytes help protect me?

We hope our application and this guide have helped you eradicate this system optimizer.

As you can see below the full version of Malwarebytes would have protected you against the JetClean installer. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late.

protection1.png


Technical details for experts

You may see these entries in FRST logs:

 (BlueSprig) C:\Program Files (x86)\BlueSprig\JetClean\JetClean.exe
 C:\Windows\System32\Tasks\JetCleanLoginCheckUpdate
 C:\Users\Public\Desktop\JetClean.lnk
 C:\Users\{username}\AppData\Roaming\BlueSprig
 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetClean
 C:\Program Files (x86)\BlueSprig

JetClean (HKLM-x32\...\BlueSprig_JetClean_is1) (Version: 1.5.0 - BlueSprig)
Task: {A252E232-DE6E-4244-9A35-BB69D1A85C49} - System32\Tasks\JetCleanLoginCheckUpdate => C:\Program Files (x86)\BlueSprig\JetClean\AutoUpdate.exe [2013-05-14] (BlueSprig)
() C:\Program Files (x86)\BlueSprig\JetClean\madExcept_.bpl
() C:\Program Files (x86)\BlueSprig\JetClean\madBasic_.bpl
() C:\Program Files (x86)\BlueSprig\JetClean\madDisAsm_.bpl
() C:\Program Files (x86)\BlueSprig\JetClean\sqlite3.dll
Alterations made by the installer:

File system details [View: All details] (Selection)
---------------------------------------------------
    Adds the folder C:\Program Files (x86)\BlueSprig\JetClean
       Adds the file AutoUpdate.exe"="5/14/2013 4:05 PM, 1050928 bytes, A
       Adds the file EULA.rtf"="5/14/2013 6:18 PM, 43411 bytes, A
       Adds the file ImPrivacy.dll"="1/21/2013 2:37 PM, 68912 bytes, A
       Adds the file Install.exe"="1/21/2013 2:37 PM, 74032 bytes, A
       Adds the file JetClean.exe"="2/24/2016 5:20 PM, 3420672 bytes, A
       Adds the file JetCleanComputerExtMenu.dll"="5/14/2013 4:06 PM, 97584 bytes, A
       Adds the file JetCleanComputerExtMenu_64.dll"="5/14/2013 4:06 PM, 105264 bytes, A
       Adds the file JetCleanExtMenu.dll"="5/14/2013 4:06 PM, 106288 bytes, A
       Adds the file JetCleanExtMenu_64.dll"="5/14/2013 4:06 PM, 116016 bytes, A
       Adds the file JetCleanInit.exe"="5/14/2013 4:06 PM, 41264 bytes, A
       Adds the file JetCleanInstallBackWork.ini"="2/2/2018 9:20 AM, 22 bytes, A
       Adds the file madbasic_.bpl"="1/21/2013 2:37 PM, 187696 bytes, A
       Adds the file maddisAsm_.bpl"="1/21/2013 2:37 PM, 51504 bytes, A
       Adds the file madexcept_.bpl"="1/21/2013 2:37 PM, 362800 bytes, A
       Adds the file News.dat"="2/2/2018 9:20 AM, 142 bytes, A
       Adds the file rtl120.bpl"="1/21/2013 2:37 PM, 1099056 bytes, A
       Adds the file sqlite3.dll"="1/21/2013 2:37 PM, 577400 bytes, A
       Adds the file TaskSchedule.dll"="1/21/2013 2:37 PM, 327984 bytes, A
       Adds the file unins000.dat"="2/2/2018 9:20 AM, 41821 bytes, A
       Adds the file unins000.exe"="2/2/2018 9:18 AM, 1210569 bytes, A
       Adds the file Upgrade.exe"="5/14/2013 4:06 PM, 532784 bytes, A
       Adds the file vcl120.bpl"="1/21/2013 2:37 PM, 2002224 bytes, A
       Adds the file vclx120.bpl"="1/21/2013 2:37 PM, 215856 bytes, A
    Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\drivers\win7_amd64
       Adds the file JetCleanRegDefrag.exe"="7/20/2012 11:53 AM, 25456 bytes, A
    Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\drivers\win7_x86
       Adds the file JetCleanRegDefrag.exe"="7/20/2012 11:53 AM, 22896 bytes, A
    Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\drivers\wlh_amd64
       Adds the file JetCleanRegDefrag.exe"="7/20/2012 11:53 AM, 25456 bytes, A
    Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\drivers\wlh_x86
       Adds the file JetCleanRegDefrag.exe"="7/20/2012 11:53 AM, 22896 bytes, A
    Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\drivers\wnet_amd64
       Adds the file JetCleanRegDefrag.exe"="7/20/2012 11:53 AM, 24944 bytes, A
    Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\drivers\wnet_x86
       Adds the file JetCleanRegDefrag.exe"="7/20/2012 11:53 AM, 22896 bytes, A
    Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\drivers\wxp_amd64
       Adds the file JetCleanRegDefrag.exe"="7/20/2012 11:53 AM, 24944 bytes, A
    Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\drivers\wxp_x86
       Adds the file JetCleanRegDefrag.exe"="7/20/2012 11:53 AM, 22896 bytes, A
    Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\language
       Adds the file English.lng"="5/14/2013 3:13 PM, 69442 bytes, A
    Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\Log
       Adds the file RAMClean-JetClean.log"="2/2/2018 9:22 AM, 11687 bytes, A
    Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\Update
       Adds the file Update.Ini"="2/2/2018 9:21 AM, 604 bytes, A
    Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetClean
       Adds the file JetClean.lnk"="2/2/2018 9:20 AM, 1267 bytes, A
       Adds the file Uninstall JetClean.lnk"="2/2/2018 9:20 AM, 1163 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean
       Adds the file Config.ini"="2/2/2018 9:22 AM, 108 bytes, A
       Adds the file Ignore.ini"="2/2/2018 9:20 AM, 6352 bytes, A
    Adds the folder C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean\Startup
    In the existing folder C:\Users\Public\Desktop
       Adds the file JetClean.lnk"="2/2/2018 9:20 AM, 1145 bytes, A
    In the existing folder C:\Windows\System32\Tasks
       Adds the file JetCleanLoginCheckUpdate"="2/2/2018 9:20 AM, 3168 bytes, A

Registry details [View: All details] (Selection)
------------------------------------------------
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}]
       "(Default)"="REG_SZ", "ICleanExtMenu Class"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\InprocServer32]
       "(Default)"="REG_SZ", "C:\Program Files (x86)\BlueSprig\JetClean\JetCleanExtMenu_64.dll"
       "ThreadingModel"="REG_SZ", "Apartment"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\ProgID]
       "(Default)"="REG_SZ", "JetCleanExtMenu.ICleanExtMenu.1"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\Programmable]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\TypeLib]
       "(Default)"="REG_SZ", "{BCA80402-76E0-49DD-A823-15DF6AB33FAC}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\VersionIndependentProgID]
       "(Default)"="REG_SZ", "JetCleanExtMenu.ICleanExtMenu"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\JetClean Ext Menu]
       "(Default)"="REG_SZ", "{4240801E-7B16-4A3F-A89A-E719BE3F9050}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu]
       "(Default)"="REG_SZ", "ICleanExtMenu Class"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu\CLSID]
       "(Default)"="REG_SZ", "{4240801E-7B16-4A3F-A89A-E719BE3F9050}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu\CurVer]
       "(Default)"="REG_SZ", "JetCleanExtMenu.ICleanExtMenu.1"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu.1]
       "(Default)"="REG_SZ", "ICleanExtMenu Class"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu.1\CLSID]
       "(Default)"="REG_SZ", "{4240801E-7B16-4A3F-A89A-E719BE3F9050}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}]
       "(Default)"="REG_SZ", "IICleanExtMenu"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\ProxyStubClsid32]
       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\TypeLib]
       "(Default)"="REG_SZ", "{BCA80402-76E0-49DD-A823-15DF6AB33FAC}"
       "Version"="REG_SZ", "1.0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\JetClean Ext Menu]
       "(Default)"="REG_SZ", "{4240801E-7B16-4A3F-A89A-E719BE3F9050}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}\1.0]
       "(Default)"="REG_SZ", "ImCleanExtMenu 1.0 Type Library"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}\1.0\0\win64]
       "(Default)"="REG_SZ", "C:\Program Files (x86)\BlueSprig\JetClean\JetCleanExtMenu_64.dll"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}\1.0\FLAGS]
       "(Default)"="REG_SZ", "0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}\1.0\HELPDIR]
       "(Default)"="REG_SZ", "C:\Program Files (x86)\BlueSprig\JetClean"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}]
       "(Default)"="REG_SZ", "IICleanExtMenu"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\ProxyStubClsid32]
       "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\TypeLib]
       "(Default)"="REG_SZ", "{BCA80402-76E0-49DD-A823-15DF6AB33FAC}"
       "Version"="REG_SZ", "1.0"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BlueSprig_JetClean_is1]
       "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\BlueSprig\JetClean\JetClean.exe"
       "DisplayName"="REG_SZ", "JetClean"
       "DisplayVersion"="REG_SZ", "1.5.0"
       "EstimatedSize"="REG_DWORD", 16938
       "HelpLink"="REG_SZ", "http://www.bluesprig.com/support/online.html"
       "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\BlueSprig\JetClean"
       "Inno Setup: Deselected Tasks"="REG_SZ", ""
       "Inno Setup: Icon Group"="REG_SZ", "JetClean"
       "Inno Setup: Language"="REG_SZ", "English"
       "Inno Setup: Selected Tasks"="REG_SZ", "desktopicon"
       "Inno Setup: Setup Version"="REG_SZ", "5.5.6 (u)"
       "Inno Setup: User"="REG_SZ", "{username}"
       "InstallDate"="REG_SZ", "20180202"
       "InstallLocation"="REG_SZ", "C:\Program Files (x86)\BlueSprig\JetClean\"
       "MajorVersion"="REG_DWORD", 1
       "MinorVersion"="REG_DWORD", 5
       "NoModify"="REG_DWORD", 1
       "NoRepair"="REG_DWORD", 1
       "Publisher"="REG_SZ", "BlueSprig"
       "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\BlueSprig\JetClean\unins000.exe" /SILENT"
       "UninstallString"="REG_SZ", ""C:\Program Files (x86)\BlueSprig\JetClean\unins000.exe""
       "URLInfoAbout"="REG_SZ", "http://www.BlueSprig.com/jetclean.html"
       "URLUpdateInfo"="REG_SZ", "http://www.BlueSprig.com/jetclean.html"

Malwarebytes log:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 2/2/18
Scan Time: 9:30 AM
Log File: 5959c962-07f3-11e8-9439-080027750297.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.3848
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: {computername}\{username}

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 243710
Threats Detected: 129
Threats Quarantined: 129
Time Elapsed: 3 min, 55 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 1
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetClean.exe, Quarantined, [8011], [480373],1.0.3848

Module: 10
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetClean.exe, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetCleanExtMenu_64.dll, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\madbasic_.bpl, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\maddisAsm_.bpl, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\madexcept_.bpl, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\rtl120.bpl, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\sqlite3.dll, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\TaskSchedule.dll, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\vcl120.bpl, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\vclx120.bpl, Quarantined, [8011], [480373],1.0.3848

Registry Key: 29
PUP.Optional.JetClean.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\JetCleanLoginCheckUpdate, Quarantined, [8079], [480402],1.0.3848
PUP.Optional.JetClean.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A252E232-DE6E-4244-9A35-BB69D1A85C49}, Quarantined, [8079], [480402],1.0.3848
PUP.Optional.JetClean.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{A252E232-DE6E-4244-9A35-BB69D1A85C49}, Quarantined, [8079], [480402],1.0.3848
PUP.Optional.JetClean.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JetCleanLoginCheckUpdate, Quarantined, [8079], [-1],0.0.0
PUP.Optional.JetClean.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A252E232-DE6E-4244-9A35-BB69D1A85C49}, Quarantined, [8079], [-1],0.0.0
PUP.Optional.JetClean.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A252E232-DE6E-4244-9A35-BB69D1A85C49}, Quarantined, [8079], [-1],0.0.0
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}, Quarantined, [8011], [480404],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}, Quarantined, [8011], [480404],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}, Quarantined, [8011], [480404],1.0.3848
PUP.Optional.JetClean, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}, Quarantined, [8011], [480404],1.0.3848
PUP.Optional.JetClean, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}, Quarantined, [8011], [480404],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\DESKTOP\NAMESPACE\{645FF040-5081-101B-9F08-00AA002F954E}, Quarantined, [8011], [480404],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\DESKTOP\NAMESPACE\{645FF040-5081-101B-9F08-00AA002F954E}, Quarantined, [8011], [480404],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\SHELLEX\CONTEXTMENUHANDLERS\JetClean Ext Menu, Quarantined, [8011], [480404],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BlueSprig_JetClean_is1, Quarantined, [8011], [480409],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\ImCleanExtMenu.ICleanExtMenu\CLSID, Quarantined, [8011], [480406],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\ImCleanExtMenu.ICleanExtMenu.1\CLSID, Quarantined, [8011], [480406],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\IMCLEANEXTMENU.ICLEANEXTMENU\CURVER, Quarantined, [8011], [480405],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\JetClean Ext Menu, Quarantined, [8011], [480407],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\ImCleanExtMenu.ICleanExtMenu, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\ImCleanExtMenu.ICleanExtMenu.1, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\TYPELIB\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\INTERFACE\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\InprocServer32, Quarantined, [8011], [480373],1.0.3848

Registry Value: 3
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\ImCleanExtMenu.ICleanExtMenu\CLSID|, Quarantined, [8011], [480406],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\ImCleanExtMenu.ICleanExtMenu.1\CLSID|, Quarantined, [8011], [480406],1.0.3848
PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\IMCLEANEXTMENU.ICLEANEXTMENU\CURVER|, Quarantined, [8011], [480405],1.0.3848

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 17
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\win7_amd64, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wnet_amd64, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wlh_amd64, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wxp_amd64, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\win7_x86, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wnet_x86, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wlh_x86, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wxp_x86, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\Update, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\Log, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\PROGRAM FILES (X86)\BLUESPRIG\JETCLEAN, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean\Startup, Quarantined, [8011], [480401],1.0.3848
PUP.Optional.JetClean, C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean\Backup, Quarantined, [8011], [480401],1.0.3848
PUP.Optional.JetClean, C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean\Log, Quarantined, [8011], [480401],1.0.3848
PUP.Optional.JetClean, C:\USERS\{username}\APPDATA\ROAMING\BLUESPRIG\JETCLEAN, Quarantined, [8011], [480401],1.0.3848

File: 69
PUP.Optional.JetClean, C:\USERS\PUBLIC\DESKTOP\JETCLEAN.LNK, Quarantined, [8011], [480852],1.0.3848
PUP.Optional.JetClean.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\JetCleanLoginCheckUpdate, Quarantined, [8079], [480402],1.0.3848
PUP.Optional.JetClean.TskLnk, C:\PROGRAM FILES (X86)\BLUESPRIG\JETCLEAN\AUTOUPDATE.EXE, Quarantined, [8079], [480402],1.0.3848
PUP.Optional.JetClean.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\JetCleanLoginCheckUpdate, Quarantined, [8079], [-1],0.0.0
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\win7_amd64\JetCleanRegDefrag.exe, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\win7_x86\JetCleanRegDefrag.exe, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wlh_amd64\JetCleanRegDefrag.exe, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wlh_x86\JetCleanRegDefrag.exe, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wnet_amd64\JetCleanRegDefrag.exe, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wnet_x86\JetCleanRegDefrag.exe, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wxp_amd64\JetCleanRegDefrag.exe, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wxp_x86\JetCleanRegDefrag.exe, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Italian.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Arabic.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Bulgarian.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Catalan.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\ChineseSimp.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\ChineseTrad.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Croatian.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Czech.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Dutch.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\English.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Estonian.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Finnish.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\French.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\German.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Greek.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Hungarian.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Japanese.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Latin American Spanish.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Polish.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Portuguese (Brazil).lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Russian.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Serbian.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Slovenian.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Spanish.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Thai.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Turkish.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\ukrainian.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Vietnamese.lng, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\Log\RAMClean-JetClean.log, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\Update\Update.Ini, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\EULA.rtf, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\ImPrivacy.dll, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\Install.exe, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetClean.exe, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetCleanComputerExtMenu.dll, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetCleanComputerExtMenu_64.dll, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetCleanExtMenu.dll, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetCleanExtMenu_64.dll, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetCleanInit.exe, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetCleanInstallBackWork.ini, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\madbasic_.bpl, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\maddisAsm_.bpl, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\madexcept_.bpl, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\News.dat, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\rtl120.bpl, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\sqlite3.dll, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\TaskSchedule.dll, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\unins000.dat, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\unins000.exe, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\Upgrade.exe, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\vcl120.bpl, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\vclx120.bpl, Quarantined, [8011], [480373],1.0.3848
PUP.Optional.JetClean, C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean\Backup\JetCleanBackup-2018-02-02(09-29-23).reg, Quarantined, [8011], [480401],1.0.3848
PUP.Optional.JetClean, C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean\Log\JetCleanLog-2018-02-02(09-29-44).txt, Quarantined, [8011], [480401],1.0.3848
PUP.Optional.JetClean, C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean\Config.ini, Quarantined, [8011], [480401],1.0.3848
PUP.Optional.JetClean, C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean\Ignore.ini, Quarantined, [8011], [480401],1.0.3848
PUP.Optional.JetClean, C:\USERS\{username}\DESKTOP\JETCLEAN-SETUP.EXE, Quarantined, [8011], [480410],1.0.3848

Physical Sector: 0
(No malicious items detected)


(end)
As mentioned before the full version of Malwarebytes could have protected your computer against this threat.
We use different ways of protecting your computer(s):
  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention
Save yourself the hassle and get protected.
  • 0

Advertisements





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

featured
Malware Removal How to Guides Windows 7 System Building Download Files Register welcome

Never used a forum? Learn how.