PUP.Funshion Removal Report

Table of Contents

SpyHunter Detects & Remove PUP.Funshion

File System Details

PUP.Funshion may create the following file(s):

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	Funshion.scr	03b881a55e1400de892d59e664f06620	3,489
Name: Funshion.scr MD5: 03b881a55e1400de892d59e664f06620 Size: 343.55 KB (343552 bytes) Detections: 3,489 Path: C:\Windows\System32\Funshion.scr Group: Malware file Last Updated: September 6, 2022
2.	FunPierides_c7137_s.exe	bfaccfabb42ba9bb0d100ede917cd250	3
Name: FunPierides_c7137_s.exe MD5: bfaccfabb42ba9bb0d100ede917cd250 Size: 10.56 MB (10566648 bytes) Detections: 3 Type: Executable File Path: %APPDATA% Group: Malware file Last Updated: June 16, 2016

Registry Details

PUP.Funshion may create the following registry entry or registry entries:

CLSID

{162CC9EB-F1CE-4CED-84CE-F80AA5DD8130}

{18689D3E-CF06-482F-AEB1-0880F859F0AA}

{1CF25200-FD42-45F6-ABBD-6C0C9C89B77A}

{332C1DFF-B83D-40E3-968F-F85E20BF0CFB}

{43BE7926-9B51-46FD-98DD-8DCCFB231113}

{456A8A65-6E0E-464B-80C6-A16E6528FADF}

{4ADBABBD-E1CA-4F11-BD01-73B0B6E4B5BA}

{4E3E2094-8FF4-457E-ACB5-29DABF6E1A27}

{5165BFF4-4E35-446F-B00E-EA4185B64F76}

{8D0F6366-8F2E-4F7F-872E-5AB98554D78C}

{961ABF2E-D191-4542-90DC-C3406555FC62}

{97DDF214-9B68-4CAF-8F6F-4B4112912349}

{A5662DF9-0C2E-4A56-9FE1-BACFF6966D88}

{CC88AD54-054C-4B38-9AB3-D932E4039187}

{CE55D900-9EE4-4666-A1A1-1F6D59E32277}

File name without path

Funshion HD Media.lnk

funshion.ini

Funshion.lnk

vas.funshion[1].xml

HKEY..\..\..\..{RegistryKeys}

SOFTWARE\Classes\Fun.OnlineInstallCtrl

SOFTWARE\Classes\Fun.OnlineInstallCtrl.1

SOFTWARE\Classes\Funshion

SOFTWARE\Classes\Funshion Task

SOFTWARE\Classes\FunshionFsv

SOFTWARE\Classes\FunshionMP4

SOFTWARE\Classes\FunshionRMVB

Software\Microsoft\Internet Explorer\Approved Extensions\{4ADBABBD-E1CA-4F11-BD01-73B0B6E4B5BA}

Software\Microsoft\Internet Explorer\DOMStorage\fun.tv

Software\Microsoft\Internet Explorer\DOMStorage\funshion.com

Software\Microsoft\Internet Explorer\DOMStorage\vas.funshion.com

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{435ABB6D-825E-464D-9431-E0421B09300C}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59561D56-F79A-4A4B-B7B6-48CB08CCF495}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5AF9AF91-F941-45E2-BA44-004A79709C18}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80A7D4B9-D2B8-48DE-B835-0407CEBEDEC0}

Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE38678E-8518-481C-B318-D654C1620DC5}

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Funshion

SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{4ADBABBD-E1CA-4f11-BD01-73B0B6E4B5BA}

SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\FunOverlay

Software\Microsoft\Windows\CurrentVersion\Run\Funshion

SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A5662DF9-0C2E-4A56-9FE1-BACFF6966D88}

SOFTWARE\SystemSres

SOFTWARE\Wow6432Node\Funshion

SOFTWARE\Wow6432Node\Funshion_Copy

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{4ADBABBD-E1CA-4f11-BD01-73B0B6E4B5BA}

SOFTWARE\Wow6432Node\MozillaPlugins\@funshion.com/npFunshion

SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{27432F77-A1B8-484D-8CCF-75B211B82E42}

SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{AD2ECDE3-5B1F-49B2-BD7D-56AB3BC3D3FF}

SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{27432F77-A1B8-484D-8CCF-75B211B82E42}

SYSTEM\ControlSet002\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{AD2ECDE3-5B1F-49B2-BD7D-56AB3BC3D3FF}

SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{27432F77-A1B8-484D-8CCF-75B211B82E42}

SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\{AD2ECDE3-5B1F-49B2-BD7D-56AB3BC3D3FF}

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

FunAccelerator

Funshion

Directories

PUP.Funshion may create the following directory or directories:

%ALLUSERSPROFILE%\Application Data\Funshion

%ALLUSERSPROFILE%\Funshion

%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Funshion

%APPDATA%\Avatder

%APPDATA%\FunTemp

%APPDATA%\Funshion

%APPDATA%\FunshionV

%HOMEDRIVE%\AptData

%HOMEDRIVE%\FunshionMedia

%PROGRAMFILES%\Funshion Online

%PROGRAMFILES%\FunshionV

%PROGRAMFILES(x86)%\Funshion Online

%PROGRAMFILES(x86)%\FunshionV

%PUBLIC%\FunAcce

%PUBLIC%\Fundata

%USERPROFILE%\Documents\Funshion HD Media

%USERPROFILE%\Funshion

%WINDIR%\System32\Tasks\Funshion

%WINDIR%\Tasks\Funshion

%appdata%\Acceclient

%appdata%\Arefresh

%appdata%\FunUninst

%appdata%\funspeed

%temp%\funshiontmp

Ranking:	1,851
Threat Level:	10 % (Normal)
Infected Computers:	72,545

First Seen:	September 18, 2014
Last Seen:	September 19, 2023
OS(es) Affected:	Windows

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

PUP.Funshion

Threat Scorecard

EnigmaSoft Threat Scorecard

SpyHunter Detects & Remove PUP.Funshion

File System Details

Registry Details

Directories

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen