winzipersvc.exe

Winzipper Application

Taiwan Shui Mu Chih Ching Technology Limited

The application winzipersvc.exe, “Winzipper service” by Taiwan Shui Mu Chih Ching Technology Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a separate (within the context of its own process) windows Service named “WinZiper service”. This file is typically installed with the program WinZipper by Taiwan Shui Mu Chih Ching Technology Limited. which is a potentially unwanted software program.
Publisher:

Product:
Winzipper Application

Description:
Winzipper service

Version:
1.5.115.1014

MD5:
4bd4087c2fc071a390aa8dec6cc750ce

SHA-1:
43990ea85b207c29976841cff99114300f527a9a

SHA-256:
03258b468ad67e45e968b5bd5340589e19262ea9e689a8646584f34c15104967

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 3:48:54 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Thinknice (M)
17.2.17.16

File size:
691.2 KB (707,760 bytes)

Product version:
1.5.115.1014

Copyright:
Copyright (c)Taiwan Shui Mu Chih Ching Technology Limited. All Rights Reserved.

Original file name:
Winzipper.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\winzipper\winzipersvc.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
3/6/2015 9:19:12 AM

Valid to:
3/4/2016 12:26:37 PM

Subject:
CN=Taiwan Shui Mu Chih Ching Technology Limited, O=Taiwan Shui Mu Chih Ching Technology Limited, L=Taipei City, S=Taiwan, C=TW

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112127474DE010DA49D31D0EE8193EAC2D0E

File PE Metadata
Compilation timestamp:
10/10/2015 5:31:30 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

Entry address:
0x50CF3

Entry point:
E8, FF, DA, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, 83, 3D, 30, C2, 49, 00, 01, 72, 5F, 0F, B6, 44, 24, 08, 8B, D0, C1, E0, 08, 0B, D0, 66, 0F, 6E, DA, F2, 0F, 70, DB, 00, 0F, 16, DB, 8B, 54, 24, 04, B9, 0F, 00, 00, 00, 83, C8, FF, 23, CA, D3, E0, 2B, D1, F3, 0F, 6F, 0A, 66, 0F, EF, D2, 66, 0F, 74, D1, 66, 0F, 74, CB, 66, 0F, EB, D1, 66, 0F, D7, CA, 23, C8, 75, 08, 83, C8, FF, 83, C2, 10, EB, DC, 0F, BC, C1, 03, C2, 66, 0F, 7E, DA, 33, C9, 3A, 10, 0F, 45, C1, C3, 33, C0, 8A, 44, 24, 08, 53, 8B, D8, C1, E0...
 
[+]

Entropy:
5.9838

Code size:
441.5 KB (452,096 bytes)

Service
Display name:
WinZiper service

Service name:
winzipersvc

Description:
WinZipper service

Type:
Win32OwnProcess

Group:
SchedulerGroup


The file winzipersvc.exe has been discovered within the following program.

WinZipper  by Taiwan Shui Mu Chih Ching Technology Limited.
The free and trial versions bundle various potentually unwanted toolbars and web browser extensions including the AVG Toolbar which modifies the browser's search and home page settings..
www.winzipper.com
75% remove it
 
Powered by Should I Remove It?

Remove winzipersvc.exe - Powered by Reason Core Security