PUP.LuDaShi

By CagedTech in Potentially Unwanted Programs

Threat Scorecard

Ranking:	732
Threat Level:	10 % (Normal)
Infected Computers:	139,935

First Seen:	March 16, 2016
Last Seen:	April 19, 2024
OS(es) Affected:	Windows

Table of Contents

File System Details

PUP.LuDaShi may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	LdsLite.exe	fcc36e8a29aa752f01300f74c1be89c8	691
Name: LdsLite.exe MD5: fcc36e8a29aa752f01300f74c1be89c8 Size: 1.64 MB (1643944 bytes) Detections: 691 Type: Executable File Path: C:\RECYCLER\S-1-5-21-1957994488-573735546-1801674531-1003\Dc35\LdsLite.exe Group: Malware file Last Updated: April 19, 2024
2.	MobileDeviceSrv.exe	ccd8369cc281c091ce86766004b3e669	377
Name: MobileDeviceSrv.exe MD5: ccd8369cc281c091ce86766004b3e669 Size: 1.95 MB (1954728 bytes) Detections: 377 Type: Executable File Path: D:\ProgramFiles\LuDaShi\Utils\MobileDeviceSrv.exe Group: Malware file Last Updated: August 19, 2023
3.	MiniNews.exe	06ce90f74c9daa023a89030acb30466c	80
Name: MiniNews.exe MD5: 06ce90f74c9daa023a89030acb30466c Size: 2.94 MB (2947496 bytes) Detections: 80 Type: Executable File Path: C:\RECYCLER\S-1-5-21-1957994488-573735546-1801674531-1003\Dc35\Utils\MiniNews.exe Group: Malware file Last Updated: October 15, 2023
4.	LdsLite.exe	45ebc4be21df257e03feee5a87917186	32
Name: LdsLite.exe MD5: 45ebc4be21df257e03feee5a87917186 Size: 1.65 MB (1651624 bytes) Detections: 32 Type: Executable File Path: C:\ProgramData\{DDB7F9B0-0778-4f84-927E-D13D949243A2}.tmp\LdsLite.exe Group: Malware file Last Updated: December 23, 2022
5.	ComputerZ14.exe	b1d87da50bad52902a6d90c593516ddc	21
Name: ComputerZ14.exe MD5: b1d87da50bad52902a6d90c593516ddc Size: 488.87 KB (488872 bytes) Detections: 21 Type: Executable File Path: %PROGRAMFILES%\LdsLite\Utils Group: Malware file Last Updated: December 15, 2016
6.	ludashisetup.exe	5d6aba115a40909014777ff76a732e20	13
Name: ludashisetup.exe MD5: 5d6aba115a40909014777ff76a732e20 Size: 49.52 MB (49521912 bytes) Detections: 13 Type: Executable File Path: %PROGRAMFILES%\LuDaShi\update Group: Malware file Last Updated: February 20, 2023
7.	ludashisetup.exe	5f653efd6f1adc9cb20998ea8d084c16	12
Name: ludashisetup.exe MD5: 5f653efd6f1adc9cb20998ea8d084c16 Size: 49.55 MB (49556640 bytes) Detections: 12 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: October 11, 2020
8.	ComputerZTray.exe	9ad3274f5af717f8358c1034437cbec3	8
Name: ComputerZTray.exe MD5: 9ad3274f5af717f8358c1034437cbec3 Size: 186.65 KB (186654 bytes) Detections: 8 Type: Executable File Path: %PROGRAMFILES(x86)%\LuDaShi Group: Malware file Last Updated: December 15, 2016
9.	ludashisetup.exe	4003f78adf7167719ed185b3356dcc7e	8
Name: ludashisetup.exe MD5: 4003f78adf7167719ed185b3356dcc7e Size: 49.72 MB (49726984 bytes) Detections: 8 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: April 27, 2020
10.	ludashisetup.exe	f53110e8010be9f17c1c48e7d57c3ce0	7
Name: ludashisetup.exe MD5: f53110e8010be9f17c1c48e7d57c3ce0 Size: 49.25 MB (49257464 bytes) Detections: 7 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: June 15, 2022
11.	ludashisetup.exe	fe436f92885b4c8d122743151ddaa7d1	7
Name: ludashisetup.exe MD5: fe436f92885b4c8d122743151ddaa7d1 Size: 49.41 MB (49413936 bytes) Detections: 7 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: January 31, 2021
12.	ludashisetup.exe	1b55a6dfefe520b7647d584a40153f7c	4
Name: ludashisetup.exe MD5: 1b55a6dfefe520b7647d584a40153f7c Size: 49.24 MB (49243840 bytes) Detections: 4 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: November 15, 2016
13.	ComputerZTray.exe	b550913c60ead9f153f24020896022c9	4
Name: ComputerZTray.exe MD5: b550913c60ead9f153f24020896022c9 Size: 2.97 MB (2976680 bytes) Detections: 4 Type: Executable File Path: %PROGRAMFILES%\LuDaShi Group: Malware file Last Updated: December 15, 2016
14.	ludashisetup.exe	a55d94709ef4aae820fbaef45c00188d	3
Name: ludashisetup.exe MD5: a55d94709ef4aae820fbaef45c00188d Size: 49.81 MB (49814552 bytes) Detections: 3 Type: Executable File Path: %PROGRAMFILES(x86)%\LuDaShi\update Group: Malware file Last Updated: May 15, 2022
15.	ComputerZTray.exe	b4c2f72db41b3ce13e59bdfaa1e21b0a	3
Name: ComputerZTray.exe MD5: b4c2f72db41b3ce13e59bdfaa1e21b0a Size: 2.97 MB (2977192 bytes) Detections: 3 Type: Executable File Path: %PROGRAMFILES(x86)%\LuDaShi Group: Malware file Last Updated: December 15, 2016
16.	ComputerZTray.exe	51e6d42e0febe12c20542412e786fdcf	2
Name: ComputerZTray.exe MD5: 51e6d42e0febe12c20542412e786fdcf Size: 3.02 MB (3027823 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES(x86)%\LuDaShi Group: Malware file Last Updated: December 15, 2016
17.	ComputerZService.exe	d4f2f0ebbb05071f2212cb0442813fd3	2
Name: ComputerZService.exe MD5: d4f2f0ebbb05071f2212cb0442813fd3 Size: 763.3 KB (763300 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES(x86)%\LuDaShi Group: Malware file Last Updated: December 15, 2016
18.	ComputerZTray.exe	e530295768374dbe53ee2cca8aea47ad	2
Name: ComputerZTray.exe MD5: e530295768374dbe53ee2cca8aea47ad Size: 2.97 MB (2977192 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\LuDaShi Group: Malware file Last Updated: December 15, 2016
19.	ludashisetup.exe	90203d15be7566c38081d03ed6b93132	1
Name: ludashisetup.exe MD5: 90203d15be7566c38081d03ed6b93132 Size: 49.25 MB (49257464 bytes) Detections: 1 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: November 15, 2016
20.	ludashisetup.exe	6f71da8eac83fe03182250c790f40d55	1
Name: ludashisetup.exe MD5: 6f71da8eac83fe03182250c790f40d55 Size: 49.41 MB (49413936 bytes) Detections: 1 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: November 15, 2016
21.	ludashisetup.exe	f6aa833f511781465b7d08e84457b0b0	1
Name: ludashisetup.exe MD5: f6aa833f511781465b7d08e84457b0b0 Size: 49.55 MB (49556640 bytes) Detections: 1 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: November 15, 2016
22.	ludashisetup.exe	a5a7d3570817a25880871d2f6e745cd1	1
Name: ludashisetup.exe MD5: a5a7d3570817a25880871d2f6e745cd1 Size: 49.52 MB (49521912 bytes) Detections: 1 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: November 15, 2016
23.	ludashisetup.exe	3c5e43379674c99203feeeb2e96bf180	1
Name: ludashisetup.exe MD5: 3c5e43379674c99203feeeb2e96bf180 Size: 49.81 MB (49810520 bytes) Detections: 1 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: November 15, 2016
24.	removelds_gcenter.bat	675c6ca06e9232982c828455cb91f05f	1
Name: removelds_gcenter.bat MD5: 675c6ca06e9232982c828455cb91f05f Size: 374B (374 bytes) Detections: 1 Type: Batch file Path: %TEMP% Group: Malware file Last Updated: November 10, 2016
25.	removelds.bat	366688c29407dd45b8b5738e9f769249	1
Name: removelds.bat MD5: 366688c29407dd45b8b5738e9f769249 Size: 534B (534 bytes) Detections: 1 Type: Batch file Path: %TEMP% Group: Malware file Last Updated: November 10, 2016

More files

Registry Details

PUP.LuDaShi may create the following registry entry or registry entries:

CLSID

{34B3C588-D06C-4F92-929C-2C3A0BC7F821}

Regexp file mask

%TEMP%\ludashisetup.exe

%Temp%\removelds.bat

%Temp%\removelds_gcenter.bat

%WINDIR%\System32\Tasks\ComputerZ-Tray

%WINDIR%\System32\Tasks\LDSGameCenter

HKEY..\..\..\..{RegistryKeys}

SOFTWARE\Classes\ComputerZ8.DeskBandExt

SOFTWARE\Classes\ComputerZ8.DeskBandExt.1

SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ludashi.com

SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.ludashi.com

SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ludashi.com

SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.ludashi.com

SOFTWARE\LDSGameCenter

SOFTWARE\ldssrv

SOFTWARE\Ludashi

SOFTWARE\LudashiLspUrl

SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT\mininews.exe

SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT\mininews.exe

SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\mininews.exe

SOFTWARE\Microsoft\Tracing\ComputerZTray_RASAPI32

SOFTWARE\Microsoft\Tracing\ComputerZTray_RASMANCS

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ComputerZ-Tray

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ComputerZLite

SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ComputerZ_CN.exe

Software\QiLu Inc.\mininews

SOFTWARE\WOW6432Node\LDSGameCenter

SOFTWARE\WOW6432Node\LdsLite

SOFTWARE\WOW6432Node\ldssrv

SOFTWARE\WOW6432Node\LuDaShi

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT\mininews.exe

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT\mininews.exe

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\mininews.exe

SOFTWARE\WOW6432Node\Microsoft\Tracing\ComputerZTray_RASAPI32

SOFTWARE\WOW6432Node\Microsoft\Tracing\ComputerZTray_RASMANCS

SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\App Paths\ComputerZ_CN.exe

SYSTEM\ControlSet001\Enum\Root\LEGACY_COMPUTERZ_X64

SYSTEM\ControlSet001\Enum\Root\LEGACY_COMPUTERZLOCK

SYSTEM\ControlSet001\Services\ComputerZ_x64

SYSTEM\ControlSet001\services\ComputerZLock

SYSTEM\ControlSet002\Enum\Root\LEGACY_COMPUTERZ_X64

SYSTEM\ControlSet002\Enum\Root\LEGACY_COMPUTERZLOCK

SYSTEM\ControlSet002\Services\ComputerZ_x64

SYSTEM\ControlSet002\services\ComputerZLock

SYSTEM\CurrentControlSet\Enum\Root\LEGACY_COMPUTERZ_X64

SYSTEM\CurrentControlSet\Enum\Root\LEGACY_COMPUTERZLOCK

SYSTEM\CurrentControlSet\Services\ComputerZ_x64

SYSTEM\CurrentControlSet\services\ComputerZLock

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

LdsLite

Ludashi_is1

Directories

PUP.LuDaShi may create the following directory or directories:

%APPDATA%\360bizhi\Utils

%APPDATA%\360bizhi\softmgr

%APPDATA%\360bizhi\wallpaperhelper

%APPDATA%\ABCPhoto\mininews

%APPDATA%\youku

%APPDATA%\ytmediacenter

%AppData%\Ludashi

%PROGRAMFILES%\LDSGameCenter

%PROGRAMFILES%\LdsLite

%PROGRAMFILES%\LuDaShi

%PROGRAMFILES(x86)%\LDSGameCenter

%PROGRAMFILES(x86)%\LdsLite

%PROGRAMFILES(x86)%\LuDaShi

%WINDIR%\Syswow64\config\systemprofile\AppData\Roaming\LDSGameCenter

%WINDIR%\Syswow64\config\systemprofile\AppData\Roaming\Ludashi

%WINDIR%\system32\config\systemprofile\AppData\Roaming\LDSGameCenter

%WINDIR%\system32\config\systemprofile\AppData\Roaming\Ludashi

%appdata%\LDSGameAssistant

%appdata%\LDSGameCenter

EnigmaSoft's SpyHunter Scores 100% with AV-TEST in 2024

Search

Change Region

PUP.LuDaShi

Threat Scorecard

EnigmaSoft Threat Scorecard

File System Details

Registry Details

Directories

Submit Comment

Trending

Uazq Ransomware

PDFSpark

Remor.xyz

Most Viewed

Discord Shows Black Screen when Sharing Screen

How To Fix 'Printer Driver is Unavailable' Error

What is Msedge.exe?