PUA_SYSMECH.GB

Publish Date: 06 mars 2018

Analysé par: Byron Jon Gelera

PUP.Optional.1ClickSystemMechanic (Malwarebytes); not-a-virus:RiskTool.Win32.SpeedUpMyPC.appw (Kaspersky)

Plate-forme:

Windows

Overall Risk:

Dommages potentiels: :

Distribution potentielle: :

reportedInfection:

Information Exposure Rating::

Faible

Medium

Élevé

Critique

Type de grayware:
Potentially Unwanted Application
Destructif:
Non
Chiffrement:
In the wild::
Oui

Overview

Voie d'infection: Fallen gelassen von anderer Malware

Wird möglicherweise manuell von einem Benutzer installiert.

Détails techniques

File size: 5,401,936 bytes

File type: EXE

Memory resident: Non

Date de réception des premiers échantillons: 06 mars 2018

Charge malveillante: Drops files, Connects to URLs/IPs

Übertragungsdetails

Wird möglicherweise manuell von einem Benutzer installiert.

Installation

Fügt die folgenden Ordner hinzu:

%Program Files%\1~Click~SystemMechanic on {Computer name}
%ProgramData%\1~Click~SystemMechanic on {Computer name}
%Program Files%\Driver Updater
%ProgramData%\Microsoft\Windows\Start Menu\Programs\1~Click~SystemMechanic on {Computer name}

(Hinweis: %Program Files%ist der Standardordner 'Programme', normalerweise C:\Programme.)

Schleust die folgenden Dateien ein:

%Program Files%\1~Click~SystemMechanic on {Computer name}\unins000.dat
%Program Files%\1~Click~SystemMechanic on {Computer name}\unins000.exe
%Program Files%\1~Click~SystemMechanic on {Computer name}\oscm.exe
%Program Files%\1~Click~SystemMechanic on {Computer name}\oscm.exe.config
%Program Files%\1~Click~SystemMechanic on {Computer name}\AppRes.dll
%Program Files%\1~Click~SystemMechanic on {Computer name}\Microsoft.Win32.TaskScheduler.dll
%Program Files%\1~Click~SystemMechanic on {Computer name}\Microsoft.TeamFoundation.Common.dll
%Program Files%\1~Click~SystemMechanic on {Computer name}\TaskScheduler.dll
%Program Files%\1~Click~SystemMechanic on {Computer name}\NAudio.dll
%Program Files%\1~Click~SystemMechanic on {Computer name}\TAFactory.IconPack.dll
%Program Files%\1~Click~SystemMechanic on {Computer name}\Interop.IWshRuntimeLibrary.dll
%Program Files%\1~Click~SystemMechanic on {Computer name}\x64\SQLite.Interop.dll
%Program Files%\1~Click~SystemMechanic on {Computer name}\x86\SQLite.Interop.dll
%Program Files%\1~Click~SystemMechanic on {Computer name}\System.Data.SQLite.DLL
%Program Files%\1~Click~SystemMechanic on {Computer name}\HtmlRenderer.dll
%Program Files%\1~Click~SystemMechanic on {Computer name}\HtmlRenderer.WinForms.dll
%ProgramData%\1~Click~SystemMechanic on {Computer name}\mpc.db
%ProgramData%\1~Click~SystemMechanic on {Computer name}\mpcstartrepair_en.mp3
%Program Files%\1~Click~SystemMechanic on {Computer name}\langs\english_apc_en.ini
%Program Files%\1~Click~SystemMechanic on {Computer name}\langs\danish_apc_da.ini
%Program Files%\1~Click~SystemMechanic on {Computer name}\langs\Dutch_apc_nl.ini
%Program Files%\1~Click~SystemMechanic on {Computer name}\langs\finish_apc_fi.ini
%Program Files%\1~Click~SystemMechanic on {Computer name}\langs\French_apc_fr.ini
%Program Files%\1~Click~SystemMechanic on {Computer name}\langs\german_apc_de.ini
%Program Files%\1~Click~SystemMechanic on {Computer name}\langs\italian_apc_it.ini
%Program Files%\1~Click~SystemMechanic on {Computer name}\langs\japanese_apc_ja.ini
%Program Files%\1~Click~SystemMechanic on {Computer name}\langs\norwegian_apc_no.ini
%Program Files%\1~Click~SystemMechanic on {Computer name}\langs\portuguese_apc_ptbr.ini
%Program Files%\1~Click~SystemMechanic on {Computer name}\langs\russian_apc_ru.ini
%Program Files%\1~Click~SystemMechanic on {Computer name}\langs\spanish_apc_es.ini
%Program Files%\1~Click~SystemMechanic on {Computer name}\langs\swedish_apc_sv.ini
%ProgramData%\Microsoft\Windows\Start Menu\Programs\1~Click~SystemMechanic on {Computer name}\1~Click~SystemMechanic.lnk
%ProgramData%\Microsoft\Windows\Start Menu\Programs\1~Click~SystemMechanic on {Computer name}\Buy 1~Click~SystemMechanic.lnk
%ProgramData%\Microsoft\Windows\Start Menu\Programs\1~Click~SystemMechanic on {Computer name}\Uninstall 1~Click~SystemMechanic.lnk
%Program Files%\1~Click~SystemMechanic on {Computer name}\unins000.msg
%Program Files%\Driver Updater\unins000.exe
%Program Files%\Driver Updater\aptdu.exe
%Program Files%\Driver Updater\aptdu.exe.config
%Program Files%\Driver Updater\DUContent.dll
%Program Files%\Driver Updater\Microsoft.Win32.TaskScheduler.dll
%Program Files%\Driver Updater\TaskScheduler.dll
%Program Files%\Driver Updater\NAudio.dll
%Program Files%\Driver Updater\TAFactory.IconPack.dll
%Program Files%\Driver Updater\Interop.IWshRuntimeLibrary.dll
%Program Files%\Driver Updater\System.ServiceModel.dll
%Program Files%\Driver Updater\dp\7z.dll
%Program Files%\Driver Updater\dp\7z.exe
%Program Files%\Driver Updater\dp\difxapi.dll
%Program Files%\Driver Updater\dp\difxapi64.dll
%Program Files%\Driver Updater\dp\DPInst32.exe
%Program Files%\Driver Updater\dp\DPInst64.exe
%Program Files%\Driver Updater\dp\DriversPath.exe
%Program Files%\Driver Updater\dp\FileValidator.exe
%Program Files%\Driver Updater\Delimon.Win32.IO.dll
%Program Files%\Driver Updater\Langs\danish_du_da.ini
%Program Files%\Driver Updater\Langs\Dutch_du_nl.ini
%Program Files%\Driver Updater\Langs\english_du_en.ini
%Program Files%\Driver Updater\Langs\finish_du_fi.ini
%Program Files%\Driver Updater\Langs\French_du_fr.ini
%Program Files%\Driver Updater\Langs\german_du_de.ini
%Program Files%\Driver Updater\Langs\italian_du_it.ini
%Program Files%\Driver Updater\Langs\japanese_du_ja.ini
%Program Files%\Driver Updater\Langs\norwegian_du_no.ini
%Program Files%\Driver Updater\Langs\portuguese_du_ptbr.ini
%Program Files%\Driver Updater\Langs\russian_du_ru.ini
%Program Files%\Driver Updater\Langs\spanish_du_es.ini
%Program Files%\Driver Updater\Langs\swedish_du_sv.ini
%Program Files%\Driver Updater\danish_iss.ini
%Program Files%\Driver Updater\Dutch_iss.ini
%Program Files%\Driver Updater\english_iss.ini
%Program Files%\Driver Updater\finish_iss.ini
%Program Files%\Driver Updater\French_iss.ini
%Program Files%\Driver Updater\german_iss.ini
%Program Files%\Driver Updater\italian_iss.ini
%Program Files%\Driver Updater\japanese_iss.ini
%Program Files%\Driver Updater\norwegian_iss.ini
%Program Files%\Driver Updater\portuguese_iss.ini
%Program Files%\Driver Updater\russian_iss.ini
%Program Files%\Driver Updater\spanish_iss.ini
%Program Files%\Driver Updater\swedish_iss.ini
%System Root%\Users\Public\Desktop\1~Click~SystemMechanic.lnk
%System%\Tasks\Driver Updater_Logon
%Application Data%\driverdetails.com\Driver Updater\res.bin
%System%\Tasks\Driver Updater_Diverdetails_DDelayScheduled

Andere Systemänderungen

Fügt die folgenden Registrierungsschlüssel hinzu:

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}

HKEY_CURRENT_USER\Software\1~Click~SystemMechanic on {Computer name}

HKEY_LOCAL_MACHINE\SOFTWARE\spct-pr

HKEY_LOCAL_MACHINE\SOFTWARE\ddtdu-pr

HKEY_CURRENT_USER\Software\driverdetails.com

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com

Fügt die folgenden Registrierungseinträge hinzu:

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
phone = (855)-332-0124

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
isphone = 1

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
issilent = 0

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
fpxl = 1

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
issrantv = 1

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
islswc = 0

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
showefo = 0

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
efosetting = 1

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
country = ""

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
msl = 1

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
pxl = mpcmsite

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
prereg = 0

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
showtn = 0

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
ovoffdis = 0

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
cta = 0

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
delay = 0

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
cbkpoff = 1

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
showudurec = 1

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
playsound = 0

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
showunins = 0

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
runcam = 1

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
runsrc = 1

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
runpixel = 1

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
isiunidu = 1

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
x-at = ""

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
x-context = ""

HKEY_CURRENT_USER\Software\1~Click~SystemMechanic on {Computer name}
utm_pubid = ""

HKEY_CURRENT_USER\Software\1~Click~SystemMechanic on {Computer name}
x-at = ""

HKEY_CURRENT_USER\Software\1~Click~SystemMechanic on {Computer name}
x-context = ""

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
Phone_us = (855)-332-0124

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
Phone_uk = 0800-031-5066

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
Phone_gb = 0800-031-5066

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
Phone_au = (61)280-733403

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
Phone_fr = 05 82 84 04 06

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
Phone_de = 0800 1822 974

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
Phone_at = +43 (0)720 902 309

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
Phone_ch = +41 (0)44 508 70 37

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
Phone_lu = 0800 1822 974

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
Phone_jp = 0120-993-506

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
Phone_ja = 0120-993-506

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
PurchaseURL = http://store.winpcutils.com/scm/price?

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
RenewURL = http://store.winpcutils.com/scm/renewal?

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
WebURL = http://www.winpcutils.com/

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
EmailURL = ""

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
supporturl = http://www.winpcutils.com/help/

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
affired = 0

HKEY_CURRENT_USER\Software\1~Click~SystemMechanic on {Computer name}
Installstring = %Program Files%\1~Click~SystemMechanic on {Computer name}

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
Installstring = %Program Files%\1~Click~SystemMechanic on {Computer name}

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
reg = 0

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
expired = 0

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
x-ccode = ph

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
phone = ""

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
isphone = 0

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
x-ip = 103_5_6_243

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
x-datetime = ""

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
x-fetch = 0

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
paramurl = http://trkr.entireactiv.com/ipfiles/

HKEY_CURRENT_USER\Software\1~Click~SystemMechanic on {Computer name}
LangCode = en

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
LangCode = en

HKEY_LOCAL_MACHINE\SOFTWARE\1~Click~SystemMechanic on {Computer name}
afterInstallUrl = http://ins.entireactiv.com/install/scm/?

HKEY_LOCAL_MACHINE\SOFTWARE\spct-pr
utm_source = mpcmsite

HKEY_LOCAL_MACHINE\SOFTWARE\spct-pr
utm_campaign = mpcmsite

HKEY_LOCAL_MACHINE\SOFTWARE\spct-pr
utm_medium = ""

HKEY_LOCAL_MACHINE\SOFTWARE\spct-pr
affiliateid = ""

HKEY_LOCAL_MACHINE\SOFTWARE\spct-pr
pxl = mpcmsite

HKEY_LOCAL_MACHINE\SOFTWARE\spct-pr
x-at = ""

HKEY_LOCAL_MACHINE\SOFTWARE\spct-pr
x-context = ""

HKEY_LOCAL_MACHINE\SOFTWARE\spct-pr
country = ""

HKEY_LOCAL_MACHINE\SOFTWARE\spct-pr
phone = ""

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO = (855)-332-0124

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
ISTELNO = 1

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
issilent = 1

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
affired = 0

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
showwfo = 1

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
wfoset = 1

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
country = ""

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
pxl = DUM2865_DUM2798_DUM1440

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
prereg = 0

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
showtn = 0

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
delay = 30

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
bdInst = 1

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
cbkpoff = 1

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
showunins = 1

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
utm_source = dumsm

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
utm_campaign = dumsm

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
utm_medium = dumsm

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
affiliateid = ""

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
utm_pubid = ""

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
x-base = ""

HKEY_CURRENT_USER\Software\driverdetails.com\
Driver Updater
utm_source = dumsm

HKEY_CURRENT_USER\Software\driverdetails.com\
Driver Updater
utm_campaign = dumsm

HKEY_CURRENT_USER\Software\driverdetails.com\
Driver Updater
utm_medium = dumsm

HKEY_CURRENT_USER\Software\driverdetails.com\
Driver Updater
affiliateid = ""

HKEY_CURRENT_USER\Software\driverdetails.com\
Driver Updater
pxl = dum2865_dum2798_dum1440

HKEY_CURRENT_USER\Software\driverdetails.com\
Driver Updater
utm_pubid = ""

HKEY_CURRENT_USER\Software\driverdetails.com\
Driver Updater
x-base = ""

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_us = 801-447-5902

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_uk = 0800-031-5066

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_gb = 0800-031-5066

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_au = (61)280-733403

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_fr = 05 82 84 04 06

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_de = 0800 1822 974

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_at = +43 (0)720 902 309

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_ch = +41 (0)44 508 70 37

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_lu = 0800 1822 974

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_ja = 0120-993-506

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_jp = 0120-993-506

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_br = +55 21 2391 4319

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_it = +39 069 4802886

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_es = +34 951 203 537

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_ar = +54 11 5236 0324

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_fi = +358 (0)9 4270 4911

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_pt = +351 70 750 2094

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_no = +47 21 95 01 97

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_dk = +45 78 73 09 26

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_se = +46-08124-10298

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO_nl = +31-08-58882839

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
PurchaseURL = http://driverupdater.esecureshoppe.com/du/price?

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
RenewURL = http://driverupdater.esecureshoppe.com/du/renewal?

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
WebURL = http://www.driverdetails.com/

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
EmailURL = driverupdater

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
supporturl = http://www.driverdetails.com/help/

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
x-ccode = ph

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
TELNO = ""

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
ISTELNO = 0

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
reg = 0

HKEY_LOCAL_MACHINE\SOFTWARE\driverdetails.com\
Driver Updater
expired = 0

HKEY_LOCAL_MACHINE\SOFTWARE\ddtdu-pr
utm_source = dumsm

HKEY_LOCAL_MACHINE\SOFTWARE\ddtdu-pr
utm_campaign = dumsm

HKEY_LOCAL_MACHINE\SOFTWARE\ddtdu-pr
utm_medium = dumsm

HKEY_LOCAL_MACHINE\SOFTWARE\ddtdu-pr
affiliateid = ""

HKEY_LOCAL_MACHINE\SOFTWARE\ddtdu-pr
pxl = dum2865_dum2798_dum1440

HKEY_LOCAL_MACHINE\SOFTWARE\ddtdu-pr
utm_pubid = ""

HKEY_LOCAL_MACHINE\SOFTWARE\ddtdu-pr
x-base = ""

Solutions

Moteur de scan minimum: 9.850

SSAPI Pattern File: 1.925.00

SSAPI Pattern Release Date: 08 mars 2018

Step 1

Für Windows ME und XP Benutzer: Stellen Sie vor einer Suche sicher, dass die Systemwiederherstellung deaktiviert ist, damit der gesamte Computer durchsucht werden kann.

Step 3

Diesen Registrierungsschlüssel löschen

[ learnMore ]

Wichtig: Eine nicht ordnungsgemäße Bearbeitung der Windows Registrierung kann zu einer dauerhaften Fehlfunktion des Systems führen. Führen Sie diesen Schritt nur durch, wenn Sie mit der Vorgehensweise vertraut sind oder wenn Sie Ihren Systemadministrator um Unterstützung bitten können. Lesen Sie ansonsten zuerst diesen Microsoft Artikel, bevor Sie die Registrierung Ihres Computers ändern.

In HKEY_LOCAL_MACHINE\SOFTWARE
- 1~Click~SystemMechanic on {Computer name}
In HKEY_CURRENT_USER\Software
- 1~Click~SystemMechanic on {Computer name}
In HKEY_LOCAL_MACHINE\SOFTWARE
- spct-pr
In HKEY_LOCAL_MACHINE\SOFTWARE
- ddtdu-pr
In HKEY_CURRENT_USER\Software
- driverdetails.com
In HKEY_LOCAL_MACHINE\SOFTWARE
- driverdetails.com

Step 4

Diesen Ordner suchen und löschen

[ learnMore ]

Aktivieren Sie unbedingt das Kontrollkästchen Versteckte Elemente durchsuchen unter Weitere erweiterte Optionen, um alle verborgenen Ordner in den Suchergebnissen zu berücksichtigen.

%Program Files%\1~Click~SystemMechanic on {Computer name}
%ProgramData%\1~Click~SystemMechanic on {Computer name}
%Program Files%\Driver Updater
%ProgramData%\Microsoft\Windows\Start Menu\Programs\1~Click~SystemMechanic on {Computer name}

Step 5

Diese Datei suchen und löschen

[ learnMore ]

Möglicherweise sind einige Komponentendateien verborgen. Aktivieren Sie unbedingt das Kontrollkästchen Versteckte Elemente durchsuchen unter Weitere erweiterte Optionen, um alle verborgenen Dateien und Ordner in den Suchergebnissen zu berücksichtigen.

%System Root%\Users\Public\Desktop\1~Click~SystemMechanic.lnk
%System%\Tasks\Driver Updater_Logon
%Application Data%\driverdetails.com\Driver Updater\res.bin
%System%\Tasks\Driver Updater_Diverdetails_DDelayScheduled

Step 6

Durchsuchen Sie Ihren Computer mit Ihrem Trend Micro Produkt, und löschen Sie Dateien, die als PUA_SYSMECH.GB entdeckt werden. Falls die entdeckten Dateien bereits von Ihrem Trend Micro Produkt gesäubert, gelöscht oder in Quarantäne verschoben wurden, sind keine weiteren Schritte erforderlich. Dateien in Quarantäne können einfach gelöscht werden. Auf dieser Knowledge-Base-Seite finden Sie weitere Informationen.

Participez à notre enquête!

PUA_SYSMECH.GB

Overview

Détails techniques

Solutions

Ressources

Support

À propos de Trend

Siège social national

PUA_SYSMECH.GB

Overview

Détails techniques

Solutions

Ressources

Support

À propos de Trend

Siège social national

Amérique

Moyen-Orient et Afrique

Europe

Asie-Pacifique