winzipersvc.exe

dsk service

Taiwan Shui Mu Chih Ching Technology Limited

The application winzipersvc.exe by Taiwan Shui Mu Chih Ching Technology Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a separate (within the context of its own process) windows Service named “WinZiper service”. This file is typically installed with the program WinZipper by Taiwan Shui Mu Chih Ching Technology Limited. which is a potentially unwanted software program.
Publisher:
Taiwan Shui Mu Chih Ching Technology Limited.  (signed by Taiwan Shui Mu Chih Ching Technology Limited)

Product:
dsk service

Version:
1.5.90.8812

MD5:
e14e883aea687b850fe6eed517f9db64

SHA-1:
55fcfdf92eec645246ed75c576754467fb860c39

SHA-256:
dc94444df9902bf8e4aa05f6bba59f910cbecf6ecc521bbac6e7459c538f33d7

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/27/2024 1:22:23 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Thinknice (M)
16.8.23.0

File size:
416.2 KB (426,160 bytes)

Product version:
1.5.90.8812

Copyright:
Copyright (c) 2011-2015 Taiwan Shui Mu Chih Ching Technology Limited.

Original file name:
dsk service.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\winzipper\winzipersvc.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
3/4/2015 11:26:37 AM

Valid to:
3/4/2016 11:26:37 AM

Subject:
CN=Taiwan Shui Mu Chih Ching Technology Limited, O=Taiwan Shui Mu Chih Ching Technology Limited, L=Taipei City, S=Taiwan, C=TW

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121003857AB2AD439A7293EF2F1A8B3DCB6

File PE Metadata
Compilation timestamp:
3/5/2015 7:37:22 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:4/7Rye7TFS9Qxw9WwdIgH1gbs08Gi7Nttn6/tma:n95JH1gbr8RNtmtma

Entry address:
0x332E8

Entry point:
E8, 16, A2, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 83, 65, FC, 00, 56, 8D, 45, FC, 50, FF, 75, 0C, FF, 75, 08, E8, 92, A2, 00, 00, 8B, F0, 83, C4, 0C, 85, F6, 75, 18, 39, 45, FC, 74, 13, E8, 4F, 41, 00, 00, 85, C0, 74, 0A, E8, 46, 41, 00, 00, 8B, 4D, FC, 89, 08, 8B, C6, 5E, C9, C3, 8B, FF, 55, 8B, EC, 8B, 45, 08, 85, C0, 74, 12, 83, E8, 08, 81, 38, DD, DD, 00, 00, 75, 07, 50, E8, 37, DE, FF, FF, 59, 5D, C3, 8B, FF, 55, 8B, EC, 51, 51, A1, C0, D6, 45, 00, 33, C5, 89, 45, FC, 53, 56, 8B, F1, 33...
 
[+]

Entropy:
6.4204

Code size:
308 KB (315,392 bytes)

Service
Display name:
WinZiper service

Service name:
winzipersvc

Description:
WinZipper service

Type:
Win32OwnProcess

Group:
SchedulerGroup


The file winzipersvc.exe has been discovered within the following program.

WinZipper  by Taiwan Shui Mu Chih Ching Technology Limited.
The free and trial versions bundle various potentually unwanted toolbars and web browser extensions including the AVG Toolbar which modifies the browser's search and home page settings..
www.winzipper.com
75% remove it
 
Powered by Should I Remove It?

Remove winzipersvc.exe - Powered by Reason Core Security