What is JetClean?
The Malwarebytes research team has determined that JetClean is a "system optimizer". These so-called "system optimizers" use intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems.
More information can be found on our Malwarebytes Labs blog.
How do I know if I am infected with JetClean?
This is how the main screen of the sytem optimizer looks:
You will find these icons in your taskbar, your startmenu, and on your desktop:
and see these warnings during install:
and this screen at fiurst use:
You may see this entry in your list of installed programs:
and this task in your list of Scheduled Tasks:
How did JetClean get on my computer?
These so-called system optimizers use different methods of getting installed. This particular one was downloaded through their website:
How do I remove JetClean?
Our program Malwarebytes can detect and remove this potentially unwanted application.
- Please download Malwarebytes to your desktop.
- Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
- Then click Finish.
- Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
- If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
- When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
- Restart your computer when prompted to do so.
- No, Malwarebytes removes JetClean completely.
- This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks.
We hope our application and this guide have helped you eradicate this system optimizer.
As you can see below the full version of Malwarebytes would have protected you against the JetClean installer. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late.
Technical details for experts
You may see these entries in FRST logs:
(BlueSprig) C:\Program Files (x86)\BlueSprig\JetClean\JetClean.exe C:\Windows\System32\Tasks\JetCleanLoginCheckUpdate C:\Users\Public\Desktop\JetClean.lnk C:\Users\{username}\AppData\Roaming\BlueSprig C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetClean C:\Program Files (x86)\BlueSprig JetClean (HKLM-x32\...\BlueSprig_JetClean_is1) (Version: 1.5.0 - BlueSprig) Task: {A252E232-DE6E-4244-9A35-BB69D1A85C49} - System32\Tasks\JetCleanLoginCheckUpdate => C:\Program Files (x86)\BlueSprig\JetClean\AutoUpdate.exe [2013-05-14] (BlueSprig) () C:\Program Files (x86)\BlueSprig\JetClean\madExcept_.bpl () C:\Program Files (x86)\BlueSprig\JetClean\madBasic_.bpl () C:\Program Files (x86)\BlueSprig\JetClean\madDisAsm_.bpl () C:\Program Files (x86)\BlueSprig\JetClean\sqlite3.dllAlterations made by the installer:
File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\BlueSprig\JetClean Adds the file AutoUpdate.exe"="5/14/2013 4:05 PM, 1050928 bytes, A Adds the file EULA.rtf"="5/14/2013 6:18 PM, 43411 bytes, A Adds the file ImPrivacy.dll"="1/21/2013 2:37 PM, 68912 bytes, A Adds the file Install.exe"="1/21/2013 2:37 PM, 74032 bytes, A Adds the file JetClean.exe"="2/24/2016 5:20 PM, 3420672 bytes, A Adds the file JetCleanComputerExtMenu.dll"="5/14/2013 4:06 PM, 97584 bytes, A Adds the file JetCleanComputerExtMenu_64.dll"="5/14/2013 4:06 PM, 105264 bytes, A Adds the file JetCleanExtMenu.dll"="5/14/2013 4:06 PM, 106288 bytes, A Adds the file JetCleanExtMenu_64.dll"="5/14/2013 4:06 PM, 116016 bytes, A Adds the file JetCleanInit.exe"="5/14/2013 4:06 PM, 41264 bytes, A Adds the file JetCleanInstallBackWork.ini"="2/2/2018 9:20 AM, 22 bytes, A Adds the file madbasic_.bpl"="1/21/2013 2:37 PM, 187696 bytes, A Adds the file maddisAsm_.bpl"="1/21/2013 2:37 PM, 51504 bytes, A Adds the file madexcept_.bpl"="1/21/2013 2:37 PM, 362800 bytes, A Adds the file News.dat"="2/2/2018 9:20 AM, 142 bytes, A Adds the file rtl120.bpl"="1/21/2013 2:37 PM, 1099056 bytes, A Adds the file sqlite3.dll"="1/21/2013 2:37 PM, 577400 bytes, A Adds the file TaskSchedule.dll"="1/21/2013 2:37 PM, 327984 bytes, A Adds the file unins000.dat"="2/2/2018 9:20 AM, 41821 bytes, A Adds the file unins000.exe"="2/2/2018 9:18 AM, 1210569 bytes, A Adds the file Upgrade.exe"="5/14/2013 4:06 PM, 532784 bytes, A Adds the file vcl120.bpl"="1/21/2013 2:37 PM, 2002224 bytes, A Adds the file vclx120.bpl"="1/21/2013 2:37 PM, 215856 bytes, A Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\drivers\win7_amd64 Adds the file JetCleanRegDefrag.exe"="7/20/2012 11:53 AM, 25456 bytes, A Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\drivers\win7_x86 Adds the file JetCleanRegDefrag.exe"="7/20/2012 11:53 AM, 22896 bytes, A Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\drivers\wlh_amd64 Adds the file JetCleanRegDefrag.exe"="7/20/2012 11:53 AM, 25456 bytes, A Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\drivers\wlh_x86 Adds the file JetCleanRegDefrag.exe"="7/20/2012 11:53 AM, 22896 bytes, A Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\drivers\wnet_amd64 Adds the file JetCleanRegDefrag.exe"="7/20/2012 11:53 AM, 24944 bytes, A Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\drivers\wnet_x86 Adds the file JetCleanRegDefrag.exe"="7/20/2012 11:53 AM, 22896 bytes, A Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\drivers\wxp_amd64 Adds the file JetCleanRegDefrag.exe"="7/20/2012 11:53 AM, 24944 bytes, A Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\drivers\wxp_x86 Adds the file JetCleanRegDefrag.exe"="7/20/2012 11:53 AM, 22896 bytes, A Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\language Adds the file English.lng"="5/14/2013 3:13 PM, 69442 bytes, A Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\Log Adds the file RAMClean-JetClean.log"="2/2/2018 9:22 AM, 11687 bytes, A Adds the folder C:\Program Files (x86)\BlueSprig\JetClean\Update Adds the file Update.Ini"="2/2/2018 9:21 AM, 604 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetClean Adds the file JetClean.lnk"="2/2/2018 9:20 AM, 1267 bytes, A Adds the file Uninstall JetClean.lnk"="2/2/2018 9:20 AM, 1163 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean Adds the file Config.ini"="2/2/2018 9:22 AM, 108 bytes, A Adds the file Ignore.ini"="2/2/2018 9:20 AM, 6352 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean\Startup In the existing folder C:\Users\Public\Desktop Adds the file JetClean.lnk"="2/2/2018 9:20 AM, 1145 bytes, A In the existing folder C:\Windows\System32\Tasks Adds the file JetCleanLoginCheckUpdate"="2/2/2018 9:20 AM, 3168 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}] "(Default)"="REG_SZ", "ICleanExtMenu Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\InprocServer32] "(Default)"="REG_SZ", "C:\Program Files (x86)\BlueSprig\JetClean\JetCleanExtMenu_64.dll" "ThreadingModel"="REG_SZ", "Apartment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\ProgID] "(Default)"="REG_SZ", "JetCleanExtMenu.ICleanExtMenu.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\Programmable] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\TypeLib] "(Default)"="REG_SZ", "{BCA80402-76E0-49DD-A823-15DF6AB33FAC}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\VersionIndependentProgID] "(Default)"="REG_SZ", "JetCleanExtMenu.ICleanExtMenu" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\JetClean Ext Menu] "(Default)"="REG_SZ", "{4240801E-7B16-4A3F-A89A-E719BE3F9050}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu] "(Default)"="REG_SZ", "ICleanExtMenu Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu\CLSID] "(Default)"="REG_SZ", "{4240801E-7B16-4A3F-A89A-E719BE3F9050}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu\CurVer] "(Default)"="REG_SZ", "JetCleanExtMenu.ICleanExtMenu.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu.1] "(Default)"="REG_SZ", "ICleanExtMenu Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ImCleanExtMenu.ICleanExtMenu.1\CLSID] "(Default)"="REG_SZ", "{4240801E-7B16-4A3F-A89A-E719BE3F9050}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}] "(Default)"="REG_SZ", "IICleanExtMenu" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\ProxyStubClsid32] "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\TypeLib] "(Default)"="REG_SZ", "{BCA80402-76E0-49DD-A823-15DF6AB33FAC}" "Version"="REG_SZ", "1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\JetClean Ext Menu] "(Default)"="REG_SZ", "{4240801E-7B16-4A3F-A89A-E719BE3F9050}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}\1.0] "(Default)"="REG_SZ", "ImCleanExtMenu 1.0 Type Library" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}\1.0\0\win64] "(Default)"="REG_SZ", "C:\Program Files (x86)\BlueSprig\JetClean\JetCleanExtMenu_64.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}\1.0\FLAGS] "(Default)"="REG_SZ", "0" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}\1.0\HELPDIR] "(Default)"="REG_SZ", "C:\Program Files (x86)\BlueSprig\JetClean" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}] "(Default)"="REG_SZ", "IICleanExtMenu" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\ProxyStubClsid32] "(Default)"="REG_SZ", "{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}\TypeLib] "(Default)"="REG_SZ", "{BCA80402-76E0-49DD-A823-15DF6AB33FAC}" "Version"="REG_SZ", "1.0" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BlueSprig_JetClean_is1] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\BlueSprig\JetClean\JetClean.exe" "DisplayName"="REG_SZ", "JetClean" "DisplayVersion"="REG_SZ", "1.5.0" "EstimatedSize"="REG_DWORD", 16938 "HelpLink"="REG_SZ", "http://www.bluesprig.com/support/online.html" "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\BlueSprig\JetClean" "Inno Setup: Deselected Tasks"="REG_SZ", "" "Inno Setup: Icon Group"="REG_SZ", "JetClean" "Inno Setup: Language"="REG_SZ", "English" "Inno Setup: Selected Tasks"="REG_SZ", "desktopicon" "Inno Setup: Setup Version"="REG_SZ", "5.5.6 (u)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20180202" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\BlueSprig\JetClean\" "MajorVersion"="REG_DWORD", 1 "MinorVersion"="REG_DWORD", 5 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "BlueSprig" "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\BlueSprig\JetClean\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files (x86)\BlueSprig\JetClean\unins000.exe"" "URLInfoAbout"="REG_SZ", "http://www.BlueSprig.com/jetclean.html" "URLUpdateInfo"="REG_SZ", "http://www.BlueSprig.com/jetclean.html"Malwarebytes log:
Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 2/2/18 Scan Time: 9:30 AM Log File: 5959c962-07f3-11e8-9439-080027750297.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.262 Update Package Version: 1.0.3848 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 243710 Threats Detected: 129 Threats Quarantined: 129 Time Elapsed: 3 min, 55 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 1 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetClean.exe, Quarantined, [8011], [480373],1.0.3848 Module: 10 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetClean.exe, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetCleanExtMenu_64.dll, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\madbasic_.bpl, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\maddisAsm_.bpl, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\madexcept_.bpl, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\rtl120.bpl, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\sqlite3.dll, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\TaskSchedule.dll, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\vcl120.bpl, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\vclx120.bpl, Quarantined, [8011], [480373],1.0.3848 Registry Key: 29 PUP.Optional.JetClean.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\JetCleanLoginCheckUpdate, Quarantined, [8079], [480402],1.0.3848 PUP.Optional.JetClean.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A252E232-DE6E-4244-9A35-BB69D1A85C49}, Quarantined, [8079], [480402],1.0.3848 PUP.Optional.JetClean.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{A252E232-DE6E-4244-9A35-BB69D1A85C49}, Quarantined, [8079], [480402],1.0.3848 PUP.Optional.JetClean.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JetCleanLoginCheckUpdate, Quarantined, [8079], [-1],0.0.0 PUP.Optional.JetClean.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A252E232-DE6E-4244-9A35-BB69D1A85C49}, Quarantined, [8079], [-1],0.0.0 PUP.Optional.JetClean.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A252E232-DE6E-4244-9A35-BB69D1A85C49}, Quarantined, [8079], [-1],0.0.0 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}, Quarantined, [8011], [480404],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}, Quarantined, [8011], [480404],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}, Quarantined, [8011], [480404],1.0.3848 PUP.Optional.JetClean, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}, Quarantined, [8011], [480404],1.0.3848 PUP.Optional.JetClean, HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}, Quarantined, [8011], [480404],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\DESKTOP\NAMESPACE\{645FF040-5081-101B-9F08-00AA002F954E}, Quarantined, [8011], [480404],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\DESKTOP\NAMESPACE\{645FF040-5081-101B-9F08-00AA002F954E}, Quarantined, [8011], [480404],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\SHELLEX\CONTEXTMENUHANDLERS\JetClean Ext Menu, Quarantined, [8011], [480404],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BlueSprig_JetClean_is1, Quarantined, [8011], [480409],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\ImCleanExtMenu.ICleanExtMenu\CLSID, Quarantined, [8011], [480406],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\ImCleanExtMenu.ICleanExtMenu.1\CLSID, Quarantined, [8011], [480406],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\IMCLEANEXTMENU.ICLEANEXTMENU\CURVER, Quarantined, [8011], [480405],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\JetClean Ext Menu, Quarantined, [8011], [480407],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\ImCleanExtMenu.ICleanExtMenu, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\ImCleanExtMenu.ICleanExtMenu.1, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\TYPELIB\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\INTERFACE\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{437FBE9E-358C-4D20-B6ED-17AA75E10E38}, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{BCA80402-76E0-49DD-A823-15DF6AB33FAC}, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\CLSID\{4240801E-7B16-4A3F-A89A-E719BE3F9050}\InprocServer32, Quarantined, [8011], [480373],1.0.3848 Registry Value: 3 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\ImCleanExtMenu.ICleanExtMenu\CLSID|, Quarantined, [8011], [480406],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\ImCleanExtMenu.ICleanExtMenu.1\CLSID|, Quarantined, [8011], [480406],1.0.3848 PUP.Optional.JetClean, HKLM\SOFTWARE\CLASSES\IMCLEANEXTMENU.ICLEANEXTMENU\CURVER|, Quarantined, [8011], [480405],1.0.3848 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 17 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\win7_amd64, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wnet_amd64, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wlh_amd64, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wxp_amd64, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\win7_x86, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wnet_x86, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wlh_x86, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wxp_x86, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\Update, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\Log, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\PROGRAM FILES (X86)\BLUESPRIG\JETCLEAN, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean\Startup, Quarantined, [8011], [480401],1.0.3848 PUP.Optional.JetClean, C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean\Backup, Quarantined, [8011], [480401],1.0.3848 PUP.Optional.JetClean, C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean\Log, Quarantined, [8011], [480401],1.0.3848 PUP.Optional.JetClean, C:\USERS\{username}\APPDATA\ROAMING\BLUESPRIG\JETCLEAN, Quarantined, [8011], [480401],1.0.3848 File: 69 PUP.Optional.JetClean, C:\USERS\PUBLIC\DESKTOP\JETCLEAN.LNK, Quarantined, [8011], [480852],1.0.3848 PUP.Optional.JetClean.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\JetCleanLoginCheckUpdate, Quarantined, [8079], [480402],1.0.3848 PUP.Optional.JetClean.TskLnk, C:\PROGRAM FILES (X86)\BLUESPRIG\JETCLEAN\AUTOUPDATE.EXE, Quarantined, [8079], [480402],1.0.3848 PUP.Optional.JetClean.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\JetCleanLoginCheckUpdate, Quarantined, [8079], [-1],0.0.0 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\win7_amd64\JetCleanRegDefrag.exe, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\win7_x86\JetCleanRegDefrag.exe, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wlh_amd64\JetCleanRegDefrag.exe, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wlh_x86\JetCleanRegDefrag.exe, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wnet_amd64\JetCleanRegDefrag.exe, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wnet_x86\JetCleanRegDefrag.exe, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wxp_amd64\JetCleanRegDefrag.exe, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\drivers\wxp_x86\JetCleanRegDefrag.exe, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Italian.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Arabic.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Bulgarian.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Catalan.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\ChineseSimp.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\ChineseTrad.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Croatian.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Czech.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Dutch.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\English.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Estonian.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Finnish.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\French.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\German.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Greek.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Hungarian.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Japanese.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Latin American Spanish.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Polish.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Portuguese (Brazil).lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Russian.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Serbian.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Slovenian.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Spanish.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Thai.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Turkish.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\ukrainian.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\language\Vietnamese.lng, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\Log\RAMClean-JetClean.log, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\Update\Update.Ini, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\EULA.rtf, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\ImPrivacy.dll, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\Install.exe, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetClean.exe, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetCleanComputerExtMenu.dll, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetCleanComputerExtMenu_64.dll, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetCleanExtMenu.dll, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetCleanExtMenu_64.dll, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetCleanInit.exe, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\JetCleanInstallBackWork.ini, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\madbasic_.bpl, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\maddisAsm_.bpl, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\madexcept_.bpl, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\News.dat, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\rtl120.bpl, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\sqlite3.dll, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\TaskSchedule.dll, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\unins000.dat, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\unins000.exe, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\Upgrade.exe, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\vcl120.bpl, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Program Files (x86)\BlueSprig\JetClean\vclx120.bpl, Quarantined, [8011], [480373],1.0.3848 PUP.Optional.JetClean, C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean\Backup\JetCleanBackup-2018-02-02(09-29-23).reg, Quarantined, [8011], [480401],1.0.3848 PUP.Optional.JetClean, C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean\Log\JetCleanLog-2018-02-02(09-29-44).txt, Quarantined, [8011], [480401],1.0.3848 PUP.Optional.JetClean, C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean\Config.ini, Quarantined, [8011], [480401],1.0.3848 PUP.Optional.JetClean, C:\Users\{username}\AppData\Roaming\BlueSprig\JetClean\Ignore.ini, Quarantined, [8011], [480401],1.0.3848 PUP.Optional.JetClean, C:\USERS\{username}\DESKTOP\JETCLEAN-SETUP.EXE, Quarantined, [8011], [480410],1.0.3848 Physical Sector: 0 (No malicious items detected) (end)As mentioned before the full version of Malwarebytes could have protected your computer against this threat.
We use different ways of protecting your computer(s):
- Dynamically Blocks Malware Sites & Servers
- Malware Execution Prevention