home

winsere.exe

Yan Jiang

The application winsere.exe by Yan Jiang has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a windows Service named “Winsere”. This file is typically installed with the program yessearches Uninstall by ELEX which is a potentially unwanted software program.
Publisher:
Yan Jiang  (signed and verified)

MD5:
9d818b0b732c7e1e3ce1344b596e4d2e

SHA-1:
1bbf74e4842d55ae329b251469888a504676beae

SHA-256:
06ee540fbc70d0f6fe5e58d02b094ccdc7fae05e6b8c21975396f45505a001f0

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
1/2/2025 3:42:38 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ELEX (M)
16.12.8.9

File size:
299.5 KB (306,736 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\winsere\winsere\winsere.exe

Digital Signature
Signed by:
Yan Jiang

Authority:
thawte, Inc.

Valid from:
3/14/2016 5:30:00 AM

Valid to:
11/26/2016 5:29:59 AM

Subject:
CN=Yan Jiang, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
0D086736E024A587D6959B6C9B0C8655

File PE Metadata
Compilation timestamp:
3/15/2016 7:09:37 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x1D14E

Entry point:
E8, 81, 53, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 7F, 0F, B6, 44, 24, 08, 0F, BA, 25, 4C, 90, 44, 00, 01, 73, 0D, 8B, 4C, 24, 0C, 57, 8B, 7C, 24, 08, F3, AA, EB, 5D, 8B, 54, 24, 0C, 81, FA, 80, 00, 00, 00, 7C, 0E, 0F, BA, 25, 70, 74, 44, 00, 01, 0F, 82, 99, 58, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83...
 
[+]

Entropy:
6.4810

Code size:
218.5 KB (223,744 bytes)

Service
Display name:
Winsere

Description:
Enables the detection, download, and installation of updates for Winsere and other programs. If this service is disabled, users of this computer will not be able to use Winsere Update or its automatic

Type:
Win32OwnProcess, InteractiveProcess


The file winsere.exe has been discovered within the following program.

yessearches Uninstall  by ELEX
yessearches is a web browser search hijacker that modifies the assets of the user's web browser in order to redirect search results.
yessearches.com
88% remove it
 
Powered by Should I Remove It?

Remove winsere.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.