Related blog content
Registry cleaners: digital snake oil
How to remove adware from your PC
Adware.OptimizerEliteMax
Short bio
Adware.OptimizerEliteMax is Malwarebytes’ detection name for installers of One System Care Sp. Zo.o., which are known for their potentially unwanted Windows system optimizers.
Symptoms
Adware.OptimizerEliteMax reminds the user to buy or register the system optimizer it installed.
Protection
Malwarebytes protects users from Adware.OptimizerEliteMax by using real-time protection.
Malwarebytes blocks Adware.OptimizerEliteMax
Remediation
Malwarebytes can detect and remove Adware.OptimizerEliteMax without further user interaction.
- Please download Malwarebytes to your desktop.
- Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
- Then click Finish.
- Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
- If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
- When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
- Restart your computer when prompted to do so.
Malwarebytes removal log
A Malwarebytes removal log of a system affected by a member of the Adware.OptimizerEliteMax family:
Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 2/14/17 Scan Time: 9:28 AM Logfile: mbamOneSystemCare.txt Administrator: Yes -Software Information- Version: 3.0.5.1299 Components Version: 1.0.43 Update Package Version: 1.0.1257 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 360070 Time Elapsed: 3 min, 11 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 3 Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\SYSTEMCONSOLE.EXE, Quarantined, [537], [311034],1.0.1257 Adware.OptimizerEliteMax, C:\PROGRA~2\ONESYS~1\SYSTEM~1.EXE, Quarantined, [537], [311034],1.0.1257 Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\ONESYSTEMCARE.EXE, Quarantined, [537], [311034],1.0.1257 Module: 1 Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\ONESYSTEMCARE.EXE, Quarantined, [537], [311034],1.0.1257 Registry Key: 12 Adware.OptimizerEliteMax, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\OneSystemCare, Delete-on-Reboot, [537], [311034],1.0.1257 PUP.Optional.OneSystemCare, HKCU\SOFTWARE\One System Care, Delete-on-Reboot, [578], [311038],1.0.1257 PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{11FD0FCC-787D-4FF1-B466-D5659CEA6633}, Delete-on-Reboot, [578], [258705],1.0.1257 PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4D89F1C3-36A8-4429-8FC1-0B263DA7E332}, Delete-on-Reboot, [578], [258705],1.0.1257 PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{668D20B7-A868-4B90-AF03-489B802C5E0A}, Delete-on-Reboot, [578], [258294],1.0.1257 PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F04F6E92-DB17-4ED4-8BB7-2F698ABDAD9E}, Delete-on-Reboot, [578], [258705],1.0.1257 PUP.Optional.OneSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\POWER\USER\POWERSCHEMES\04262113-2a31-48e1-b4bb-3b42174bea0f, Delete-on-Reboot, [578], [336950],1.0.1257 PUP.Optional.OneSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\POWER\USER\POWERSCHEMES\e24b7131-d039-43cb-9e6f-ad4be601ec1f, Delete-on-Reboot, [578], [336950],1.0.1257 PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\One System Care Monitor, Delete-on-Reboot, [578], [241385],1.0.1257 PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\One System Care Run Delay, Delete-on-Reboot, [578], [241385],1.0.1257 PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\One System Care Task, Delete-on-Reboot, [578], [241385],1.0.1257 PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\One System CarePeriod, Delete-on-Reboot, [578], [241385],1.0.1257 Registry Value: 10 PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Replace-on-Reboot, [46], [-1],0.0.0 PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Replace-on-Reboot, [46], [-1],0.0.0 PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{EDB0D6D8-B1F7-496F-A023-44DF7155F1CD}|NameServer, Replace-on-Reboot, [46], [-1],0.0.0 PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{EDB0D6D8-B1F7-496F-A023-44DF7155F1CD}|DhcpNameServer, Replace-on-Reboot, [46], [-1],0.0.0 PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{11FD0FCC-787D-4FF1-B466-D5659CEA6633}|PATH, Delete-on-Reboot, [578], [258705],1.0.1257 PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4D89F1C3-36A8-4429-8FC1-0B263DA7E332}|PATH, Delete-on-Reboot, [578], [258705],1.0.1257 PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{668D20B7-A868-4B90-AF03-489B802C5E0A}|PATH, Delete-on-Reboot, [578], [258294],1.0.1257 PUP.Optional.OneSystemCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{F04F6E92-DB17-4ED4-8BB7-2F698ABDAD9E}|PATH, Delete-on-Reboot, [578], [258705],1.0.1257 PUP.Optional.OneSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\POWER\USER\POWERSCHEMES\04262113-2a31-48e1-b4bb-3b42174bea0f|DESCRIPTION, Delete-on-Reboot, [578], [336950],1.0.1257 PUP.Optional.OneSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\POWER\USER\POWERSCHEMES\e24b7131-d039-43cb-9e6f-ad4be601ec1f|DESCRIPTION, Delete-on-Reboot, [578], [336950],1.0.1257 Data Stream: 0 (No malicious items detected) Folder: 7 PUP.Optional.DNSUnlocker.ACMB2, C:\PROGRAMDATA\2a2276f9-0b93-0, Delete-on-Reboot, [46], [182288],1.0.1257 PUP.Optional.DNSUnlocker.ACMB2, C:\PROGRAMDATA\2a2276f9-20a1-1, Delete-on-Reboot, [46], [182288],1.0.1257 PUP.Optional.OneSystemCare, C:\Users\{username}\AppData\Roaming\One System Care\Languages, Delete-on-Reboot, [578], [178764],1.0.1257 PUP.Optional.OneSystemCare, C:\Users\{username}\AppData\Roaming\One System Care\WL, Delete-on-Reboot, [578], [178764],1.0.1257 PUP.Optional.OneSystemCare, C:\USERS\{username}\APPDATA\ROAMING\One System Care, Delete-on-Reboot, [578], [178764],1.0.1257 PUP.Optional.OneSystemCare, C:\PROGRAM FILES (X86)\ONESYSTEMCARE, Delete-on-Reboot, [578], [241378],1.0.1257 PUP.Optional.OneSystemCare, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\ONE SYSTEM CARE, Delete-on-Reboot, [578], [241379],1.0.1257 File: 35 PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\2a2276f9-0b93-0\BITA281.tmp, Delete-on-Reboot, [46], [182288],1.0.1257 PUP.Optional.DNSUnlocker.ACMB2, C:\WINDOWS\SYSTEM32\TASKS\{057E7947-780B-0E0B-7D11-0E0D0B0C110F}, Delete-on-Reboot, [46], [-1],0.0.0 PUP.Optional.DNSUnlocker.ACMB2, C:\ProgramData\2a2276f9-20a1-1\BITA119.tmp, Delete-on-Reboot, [46], [182288],1.0.1257 Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\SYSTEMCONSOLE.EXE, Delete-on-Reboot, [537], [311034],1.0.1257 Adware.OptimizerEliteMax, C:\PROGRA~2\ONESYS~1\SYSTEM~1.EXE, Delete-on-Reboot, [537], [311034],1.0.1257 Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\ONESYSTEMCARE.EXE, Delete-on-Reboot, [537], [311034],1.0.1257 PUP.Optional.OneSystemCare, C:\Users\{username}\AppData\Roaming\One System Care\Languages\Danish.json, Delete-on-Reboot, [578], [178764],1.0.1257 PUP.Optional.OneSystemCare, C:\Users\{username}\AppData\Roaming\One System Care\Languages\Dutch.json, Delete-on-Reboot, [578], [178764],1.0.1257 PUP.Optional.OneSystemCare, C:\Users\{username}\AppData\Roaming\One System Care\Languages\English.json, Delete-on-Reboot, [578], [178764],1.0.1257 PUP.Optional.OneSystemCare, C:\Users\{username}\AppData\Roaming\One System Care\Languages\French.json, Delete-on-Reboot, [578], [178764],1.0.1257 PUP.Optional.OneSystemCare, C:\Users\{username}\AppData\Roaming\One System Care\Languages\German.json, Delete-on-Reboot, [578], [178764],1.0.1257 PUP.Optional.OneSystemCare, C:\Users\{username}\AppData\Roaming\One System Care\Languages\Italian.json, Delete-on-Reboot, [578], [178764],1.0.1257 PUP.Optional.OneSystemCare, C:\Users\{username}\AppData\Roaming\One System Care\Languages\Norwegian.json, Delete-on-Reboot, [578], [178764],1.0.1257 PUP.Optional.OneSystemCare, C:\Users\{username}\AppData\Roaming\One System Care\Languages\Parameters.json, Delete-on-Reboot, [578], [178764],1.0.1257 PUP.Optional.OneSystemCare, C:\Users\{username}\AppData\Roaming\One System Care\Languages\Portuguese.json, Delete-on-Reboot, [578], [178764],1.0.1257 PUP.Optional.OneSystemCare, C:\Users\{username}\AppData\Roaming\One System Care\Languages\Spanish.json, Delete-on-Reboot, [578], [178764],1.0.1257 PUP.Optional.OneSystemCare, C:\Users\{username}\AppData\Roaming\One System Care\Languages\Swedish.json, Delete-on-Reboot, [578], [178764],1.0.1257 PUP.Optional.OneSystemCare, C:\Users\{username}\AppData\Roaming\One System Care\Languages\tmpLang.json, Delete-on-Reboot, [578], [178764],1.0.1257 PUP.Optional.OneSystemCare, C:\Users\{username}\AppData\Roaming\One System Care\CallBanner.png, Delete-on-Reboot, [578], [178764],1.0.1257 PUP.Optional.OneSystemCare, C:\Users\{username}\AppData\Roaming\One System Care\FinishedScan.png, Delete-on-Reboot, [578], [178764],1.0.1257 Adware.OptimizerEliteMax, C:\USERS\{username}\DESKTOP\ONESYSTEMCARE.EXE, Delete-on-Reboot, [537], [311034],1.0.1257 PUP.Optional.OneSystemCare, C:\USERS\PUBLIC\DESKTOP\LAUNCH ONE SYSTEM CARE.LNK, Delete-on-Reboot, [578], [241377],1.0.1257 Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\UNINSTALLER.EXE, Delete-on-Reboot, [537], [311034],1.0.1257 Adware.OptimizerEliteMax, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\CLEANUPCONSOLE.EXE, Delete-on-Reboot, [537], [311034],1.0.1257 PUP.Optional.OneSystemCare, C:\PROGRAM FILES (X86)\ONESYSTEMCARE\ONESYSTEMCARE.INI, Delete-on-Reboot, [578], [241378],1.0.1257 PUP.Optional.OneSystemCare, C:\Program Files (x86)\OneSystemCare\cancel.bmp, Delete-on-Reboot, [578], [241378],1.0.1257 PUP.Optional.OneSystemCare, C:\Program Files (x86)\OneSystemCare\osc.ico, Delete-on-Reboot, [578], [241378],1.0.1257 PUP.Optional.OneSystemCare, C:\Program Files (x86)\OneSystemCare\uninstall.bmp, Delete-on-Reboot, [578], [241378],1.0.1257 PUP.Optional.OneSystemCare, C:\WINDOWS\TASKS\ONE SYSTEM CAREPERIOD.JOB, Delete-on-Reboot, [578], [241382],1.0.1257 PUP.Optional.OneSystemCare, C:\WINDOWS\SYSTEM32\TASKS\One System Care Monitor, Delete-on-Reboot, [578], [241381],1.0.1257 PUP.Optional.OneSystemCare, C:\WINDOWS\SYSTEM32\TASKS\One System Care Run Delay, Delete-on-Reboot, [578], [241381],1.0.1257 PUP.Optional.OneSystemCare, C:\WINDOWS\SYSTEM32\TASKS\One System Care Task, Delete-on-Reboot, [578], [241381],1.0.1257 PUP.Optional.OneSystemCare, C:\WINDOWS\SYSTEM32\TASKS\One System CarePeriod, Delete-on-Reboot, [578], [241381],1.0.1257 PUP.Optional.OneSystemCare, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\ONE SYSTEM CARE\LAUNCH ONE SYSTEM CARE.LNK, Delete-on-Reboot, [578], [241379],1.0.1257 PUP.Optional.OneSystemCare, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care\One System Care on the Web.url, Delete-on-Reboot, [578], [241379],1.0.1257 Physical Sector: 0 (No malicious items detected) (end)
