One SystemCare
Posted: June 11, 2015
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 1,070 |
|---|---|
| Threat Level: | 1/10 |
| Infected PCs: | 1,043,979 |
| First Seen: | May 20, 2015 |
|---|---|
| Last Seen: | October 17, 2023 |
| OS(es) Affected: | Windows |
One SystemCare is a PUP (Potentially Unwanted Program) that detects inaccurate 'problems' with your PC, and then demands money before claiming to fix them. Along with its presentations of fake system information, One SystemCare also may launch other attacks against your PC, such as pop-ups, browser hijackings or blocked security software. You can use anti-malware products to remove One SystemCare from your machine, but malware experts would discourage installing software that bundles with this scamware.
One SystemCare: One New Fraud from an Endless Supply
Although One SystemCare seems to share nothing more than a brand name in common with WinWebSec variants of rogue antivirus software like SystemCare Antivirus, One SystemCare does include the usual problems malware analysts expect of programs like One SystemCare. Whatever its origins might be, the latest research has verified One SystemCare's being a fraudulent system scanner that makes no effort to analyze the host PC. Despite this deficiency, One SystemCare's fake scans provide long lists of preloaded, inaccurate results, which One SystemCare claims may create consequences as damaging as 'potential system failure.'
While One SystemCare delivers its list of incorrect Registry errors and other issues, One SystemCare also requests that the user spend money on purchasing its registered version. One SystemCare claims to be able to correct all detected errors after its registration. However, One SystemCare's purchase doesn't improve its error-detection or removal capabilities. With any such purchase attempt, malware analysts warn that One SystemCare may open your finances up to additional attacks (such as recurring charges).
Caring for a System Beset by One SystemCare
Although many system cleaners like One SystemCare prefer being installed by Trojans or other forms of threats that are installed automatically, malware analysts have seen different trends in One SystemCare's campaign. One SystemCare sometimes is bundled with unrelated, reputable applications, such as the DivX Player (although that brand no longer is affiliated with this program, as of 2015). Appropriate installation routines should allow you to deselect unwanted bundled items, including One SystemCare. However, preemptively scanning installation files and keeping live anti-malware protection can afford you the most surefire protection from One SystemCare.
If you've given any information to individuals affiliated with One SystemCare, that information is compromised and may be subjected to future abuses. You should contact your credit card company, your bank or any other, relevant institution after deleting One SystemCare with whatever anti-malware solution you prefer.
All Registry errors, system optimization issues and other, generic problems identified by One SystemCare should be assumed to be fraudulent unless identified by unrelated, legitimate brands of system optimizers. Malware analysts also caution against any casual editing of the Registry, which risks damaging your operating system. For most PC users, the only extra maintenance required for their Registry is to avoid installing system scanning software like One SystemCare.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe
File name: CleanupConsole.exeSize: 776.7 KB (776704 bytes)
MD5: dceacf831dd7c1e0587ed0bf5d4bbbf2
Detection count: 452
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe
Group: Malware file
Last Updated: June 21, 2022
%WINDIR%\System32\MRT\3AC662F4-BBD5-4771-B2A0-164912094D5D\FilesStash\63B1C06A-39E6-17D9-D7C7-56F52E65D64E
File name: 63B1C06A-39E6-17D9-D7C7-56F52E65D64ESize: 2.72 MB (2722816 bytes)
MD5: dbac453c90d613a4f222096df4efbc6a
Detection count: 419
Path: %WINDIR%\System32\MRT\3AC662F4-BBD5-4771-B2A0-164912094D5D\FilesStash\63B1C06A-39E6-17D9-D7C7-56F52E65D64E
Group: Malware file
Last Updated: November 28, 2022
C:\Program Files (x86)\OneSystemCare\SystemConsole.exe
File name: SystemConsole.exeSize: 544.76 KB (544768 bytes)
MD5: f48f403644e3b6daeb314c481ef79cc0
Detection count: 192
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\OneSystemCare\SystemConsole.exe
Group: Malware file
Last Updated: July 9, 2023
C:\Program Files (x86)\OneSystemCare\SystemConsole.exe
File name: SystemConsole.exeSize: 529.5 KB (529504 bytes)
MD5: b7b37b4fbc430228c5dbf4612058f25b
Detection count: 166
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\OneSystemCare\SystemConsole.exe
Group: Malware file
Last Updated: June 14, 2023
C:\Program Files (x86)\OneSystemCare\SystemConsole.exe
File name: SystemConsole.exeSize: 529.39 KB (529392 bytes)
MD5: 5da86f565cb29a7323829b8f8aace323
Detection count: 124
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\OneSystemCare\SystemConsole.exe
Group: Malware file
Last Updated: November 8, 2021
C:\Program Files (x86)\OneSystemCare\SystemConsole.exe
File name: SystemConsole.exeSize: 529.39 KB (529392 bytes)
MD5: 7e0410b062e41392e1a40cd0b7654cec
Detection count: 108
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\OneSystemCare\SystemConsole.exe
Group: Malware file
Last Updated: June 17, 2023
%PROGRAMFILES%\OneSystemCare\OneSystemCare.exe
File name: OneSystemCare.exeSize: 2.62 MB (2625520 bytes)
MD5: 007c93bf1e3ecb04a3ef1c03dd9c2b78
Detection count: 96
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\OneSystemCare
Group: Malware file
Last Updated: February 12, 2016
%TEMP%\1451597897690\OneSystemCare.exe
File name: OneSystemCare.exeSize: 5.75 MB (5755584 bytes)
MD5: 21c5b2d713ed37efb03073ee4df3c367
Detection count: 91
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\1451597897690
Group: Malware file
Last Updated: February 12, 2016
%PROGRAMFILES(x86)%\OneSystemCare\SystemConsole.exe
File name: SystemConsole.exeSize: 529.39 KB (529392 bytes)
MD5: db2debc4ca779ce380ce3a1f53442665
Detection count: 70
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\OneSystemCare
Group: Malware file
Last Updated: April 4, 2022
%TEMP%\a2kRNVzmzs\SkS79BaYXA\OneSystemCare.exe
File name: OneSystemCare.exeSize: 5.75 MB (5754872 bytes)
MD5: b7b7a5e5788bc7168451f91424f6def3
Detection count: 66
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\a2kRNVzmzs\SkS79BaYXA
Group: Malware file
Last Updated: February 12, 2016
C:\Program Files (x86)\AdwCleaner\FileQuarantine\C\Program Files (x86)\OneSystemCare\CleanupConsole.exe.vir
File name: CleanupConsole.exe.virSize: 776.68 KB (776688 bytes)
MD5: 9ff284b2dcb4420a6b6b077f433d83b3
Detection count: 49
Mime Type: unknown/vir
Path: C:\Program Files (x86)\AdwCleaner\FileQuarantine\C\Program Files (x86)\OneSystemCare\CleanupConsole.exe.vir
Group: Malware file
Last Updated: July 22, 2022
%SYSTEMDRIVE%\Users\<username>\Desktop\Downloads\4.4.0.3_OneSystemCaresetup.exe
File name: 4.4.0.3_OneSystemCaresetup.exeSize: 4.53 MB (4538152 bytes)
MD5: 7aff543f4df2fef22eaa66d7716079e5
Detection count: 47
File type: Executable File
Mime Type: unknown/exe
Path: %SYSTEMDRIVE%\Users\<username>\Desktop\Downloads\4.4.0.3_OneSystemCaresetup.exe
Group: Malware file
Last Updated: April 12, 2022
C:\PROGRA~2\ONESYS~1\SYSTEM~1.EXE
File name: SYSTEM~1.EXESize: 529.4 KB (529408 bytes)
MD5: 1310a21463de05ec6ec7ddf089dc20bb
Detection count: 35
File type: Executable File
Mime Type: unknown/EXE
Path: C:\PROGRA~2\ONESYS~1\SYSTEM~1.EXE
Group: Malware file
Last Updated: November 28, 2022
%TEMP%\nsgF631.tmp\OneSystemCare.exe
File name: OneSystemCare.exeSize: 5.75 MB (5755584 bytes)
MD5: 6ad0e8e9c0ba9fc2c5da1c09281ad44e
Detection count: 30
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\nsgF631.tmp
Group: Malware file
Last Updated: February 12, 2016
%TEMP%\qcPFxXQ5Xuveb0yTEgo\163\OneSystemCare.exe
File name: OneSystemCare.exeSize: 5.75 MB (5754416 bytes)
MD5: 21279fbaa0a004e271afc162ba20ec20
Detection count: 23
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\qcPFxXQ5Xuveb0yTEgo\163
Group: Malware file
Last Updated: February 12, 2016
%TEMP%\lCzMChLyYAxc0CzIwYf\242\OneSystemCare.exe
File name: OneSystemCare.exeSize: 5.75 MB (5755768 bytes)
MD5: ebb806bfb95e985aff0c68342f7ee2d1
Detection count: 20
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\lCzMChLyYAxc0CzIwYf\242
Group: Malware file
Last Updated: February 12, 2016
%TEMP%\nspAD30.tmp\OneSystemCare.exe
File name: OneSystemCare.exeSize: 5.76 MB (5769496 bytes)
MD5: b3572391c4148a42faa5263445b28e58
Detection count: 20
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\nspAD30.tmp
Group: Malware file
Last Updated: February 12, 2016
%TEMP%\DLG\exe\39458128201236097321212ecceaa310\OneSystemCare.exe
File name: OneSystemCare.exeSize: 5.75 MB (5755672 bytes)
MD5: cdb360ed97505f4c2217be4b4a77c50f
Detection count: 13
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\DLG\exe\39458128201236097321212ecceaa310
Group: Malware file
Last Updated: February 12, 2016
More files
Registry Modifications
File name without pathhttp_onesystemcare.com_0.localstoragehttp_onesystemcare.com_0.localstorage-journalLaunch One System Care.lnkonesystemcare.exeonesystemcare.tmpOneSystemCare[1].exeonesystemcare[1].xmlwww.onesystemcare[1].xmlRegexp file mask%WINDIR%\System32\Tasks\One System Care Delayed%WINDIR%\System32\Tasks\One System Care Monitor%WINDIR%\System32\Tasks\One System Care Run Delay%WINDIR%\System32\Tasks\One System Care Task%WINDIR%\System32\Tasks\One System CarePeriod%WINDIR%\System32\Tasks\One System CareStartUp%WINDIR%\System32\Tasks\OneSystemCare Task%WINDIR%\Tasks\One System Care Task.job%WINDIR%\Tasks\One System CarePeriod.job%WINDIR%\Tasks\One System CareStartUp.job%WINDIR%\Tasks\OneSystemCare Task.jobHKEY..\..\..\..{RegistryKeys}Software\Microsoft\Internet Explorer\DOMStorage\onesystemcare.comSoftware\Microsoft\Internet Explorer\DOMStorage\www.onesystemcare.comSoftware\Microsoft\Internet Explorer\LowRegistry\DOMStorage\onesystemcare.comSoftware\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.onesystemcare.comSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\One System CarePeriod.jobSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\One System CarePeriod.job.fpSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\One System CareStartUp.jobSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures\One System CareStartUp.job.fpSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\One System Care DelayedSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\One System Care MonitorSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\One System Care Run DelaySOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\One System Care TaskSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\One System CarePeriodSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\One System CareStartUpSOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneSystemCare TaskSoftware\One System CareSoftware\OneSystemCareSYSTEM\ControlSet001\Control\Power\User\PowerSchemes\04262113-2a31-48e1-b4bb-3b42174bea0fSYSTEM\ControlSet001\Control\Power\User\PowerSchemes\e24b7131-d039-43cb-9e6f-ad4be601ec1fSYSTEM\ControlSet002\Control\Power\User\PowerSchemes\04262113-2a31-48e1-b4bb-3b42174bea0fSYSTEM\ControlSet002\Control\Power\User\PowerSchemes\e24b7131-d039-43cb-9e6f-ad4be601ec1fSYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\04262113-2a31-48e1-b4bb-3b42174bea0fSYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\e24b7131-d039-43cb-9e6f-ad4be601ec1fHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}11598763487076930564OneSystemCareOneSystemCare_is1
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.