PUP.LuDaShi

By CagedTech in Potentially Unwanted Programs

Threat Scorecard

Ranking:	830
Threat Level:	10 % (Normal)
Infected Computers:	141,864

First Seen:	March 16, 2016
Last Seen:	March 1, 2025
OS(es) Affected:	Windows

Table of Contents

File System Details

PUP.LuDaShi may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	MobileDeviceSrv.exe	ccd8369cc281c091ce86766004b3e669	378
Name: MobileDeviceSrv.exe MD5: ccd8369cc281c091ce86766004b3e669 Size: 1.95 MB (1954728 bytes) Detections: 378 Type: Executable File Path: D:\ProgramFiles\LuDaShi\Utils\MobileDeviceSrv.exe Group: Malware file Last Updated: December 17, 2024
2.	LockHomePage.exe	02446ad15a7a7fcfd3a6e313c4833b13	162
Name: LockHomePage.exe MD5: 02446ad15a7a7fcfd3a6e313c4833b13 Size: 544.16 KB (544168 bytes) Detections: 162 Type: Executable File Path: %SYSTEMDRIVE%\Windows.old\Program Files (x86)\LuDaShi\Utils\LockHomePage.exe Group: Malware file Last Updated: December 29, 2024
3.	MiniNews.exe	06ce90f74c9daa023a89030acb30466c	80
Name: MiniNews.exe MD5: 06ce90f74c9daa023a89030acb30466c Size: 2.94 MB (2947496 bytes) Detections: 80 Type: Executable File Path: C:\RECYCLER\S-1-5-21-1957994488-573735546-1801674531-1003\Dc35\Utils\MiniNews.exe Group: Malware file Last Updated: October 15, 2023
4.	LdsLite.exe	45ebc4be21df257e03feee5a87917186	32
Name: LdsLite.exe MD5: 45ebc4be21df257e03feee5a87917186 Size: 1.65 MB (1651624 bytes) Detections: 32 Type: Executable File Path: C:\ProgramData\{DDB7F9B0-0778-4f84-927E-D13D949243A2}.tmp\LdsLite.exe Group: Malware file Last Updated: December 23, 2022
5.	ComputerZ14.exe	b1d87da50bad52902a6d90c593516ddc	21
Name: ComputerZ14.exe MD5: b1d87da50bad52902a6d90c593516ddc Size: 488.87 KB (488872 bytes) Detections: 21 Type: Executable File Path: %PROGRAMFILES%\LdsLite\Utils Group: Malware file Last Updated: December 15, 2016
6.	removelds_gcenter.bat	675c6ca06e9232982c828455cb91f05f	1
Name: removelds_gcenter.bat MD5: 675c6ca06e9232982c828455cb91f05f Size: 374B (374 bytes) Detections: 1 Type: Batch file Path: %TEMP% Group: Malware file Last Updated: November 10, 2016
7.	removelds.bat	366688c29407dd45b8b5738e9f769249	1
Name: removelds.bat MD5: 366688c29407dd45b8b5738e9f769249 Size: 534B (534 bytes) Detections: 1 Type: Batch file Path: %TEMP% Group: Malware file Last Updated: November 10, 2016

More files

Registry Details

PUP.LuDaShi may create the following registry entry or registry entries:

CLSID

{34B3C588-D06C-4F92-929C-2C3A0BC7F821}

Regexp file mask

%TEMP%\ludashisetup.exe

%Temp%\removelds.bat

%Temp%\removelds_gcenter.bat

%WINDIR%\System32\Tasks\ComputerZ-Tray

%WINDIR%\System32\Tasks\LDSGameCenter

HKEY..\..\..\..{RegistryKeys}

SOFTWARE\Classes\ComputerZ8.DeskBandExt

SOFTWARE\Classes\ComputerZ8.DeskBandExt.1

SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ludashi.com

SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.ludashi.com

SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ludashi.com

SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.ludashi.com

SOFTWARE\LDSGameCenter

SOFTWARE\ldssrv

SOFTWARE\Ludashi

SOFTWARE\LudashiLspUrl

SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT\mininews.exe

SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT\mininews.exe

SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\mininews.exe

SOFTWARE\Microsoft\Tracing\ComputerZTray_RASAPI32

SOFTWARE\Microsoft\Tracing\ComputerZTray_RASMANCS

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ComputerZ-Tray

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ComputerZLite

SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ComputerZ_CN.exe

Software\QiLu Inc.\mininews

SOFTWARE\WOW6432Node\LDSGameCenter

SOFTWARE\WOW6432Node\LdsLite

SOFTWARE\WOW6432Node\ldssrv

SOFTWARE\WOW6432Node\LuDaShi

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT\mininews.exe

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT\mininews.exe

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION\mininews.exe

SOFTWARE\WOW6432Node\Microsoft\Tracing\ComputerZTray_RASAPI32

SOFTWARE\WOW6432Node\Microsoft\Tracing\ComputerZTray_RASMANCS

SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\App Paths\ComputerZ_CN.exe

SYSTEM\ControlSet001\Enum\Root\LEGACY_COMPUTERZ_X64

SYSTEM\ControlSet001\Enum\Root\LEGACY_COMPUTERZLOCK

SYSTEM\ControlSet001\Services\ComputerZ_x64

SYSTEM\ControlSet001\services\ComputerZLock

SYSTEM\ControlSet002\Enum\Root\LEGACY_COMPUTERZ_X64

SYSTEM\ControlSet002\Enum\Root\LEGACY_COMPUTERZLOCK

SYSTEM\ControlSet002\Services\ComputerZ_x64

SYSTEM\ControlSet002\services\ComputerZLock

SYSTEM\CurrentControlSet\Enum\Root\LEGACY_COMPUTERZ_X64

SYSTEM\CurrentControlSet\Enum\Root\LEGACY_COMPUTERZLOCK

SYSTEM\CurrentControlSet\Services\ComputerZ_x64

SYSTEM\CurrentControlSet\services\ComputerZLock

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

LdsLite

Ludashi_is1

Directories

PUP.LuDaShi may create the following directory or directories:

%APPDATA%\360bizhi\Utils

%APPDATA%\360bizhi\softmgr

%APPDATA%\360bizhi\wallpaperhelper

%APPDATA%\ABCPhoto\mininews

%APPDATA%\youku

%APPDATA%\ytmediacenter

%AppData%\Ludashi

%PROGRAMFILES%\LDSGameCenter

%PROGRAMFILES%\LdsLite

%PROGRAMFILES%\LuDaShi

%PROGRAMFILES(x86)%\LDSGameCenter

%PROGRAMFILES(x86)%\LdsLite

%PROGRAMFILES(x86)%\LuDaShi

%WINDIR%\Syswow64\config\systemprofile\AppData\Roaming\LDSGameCenter

%WINDIR%\Syswow64\config\systemprofile\AppData\Roaming\Ludashi

%WINDIR%\system32\config\systemprofile\AppData\Roaming\LDSGameCenter

%WINDIR%\system32\config\systemprofile\AppData\Roaming\Ludashi

%appdata%\LDSGameAssistant

%appdata%\LDSGameCenter

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

PUP.LuDaShi

Threat Scorecard

EnigmaSoft Threat Scorecard

File System Details

Registry Details

Directories

Submit Comment

Trending

Microsoft Patches 'Wormable' Windows Flaw and...

Enigma Software Group's SpyHunter® Receives...

Enigma Software Group's SpyHunter® Receives 100%...

Most Viewed

Discord Is Stuck on Gray Screen

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen