home

WinZipper.exe

WinZipper

Taiwan Shui Mu Chih Ching Technology Limited

The application WinZipper.exe, “WinZipper application” by Taiwan Shui Mu Chih Ching Technology Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program WinZipper by Taiwan Shui Mu Chih Ching Technology Limited. which is a potentially unwanted software program. It is also typically executed from the user's temporary directory.
Publisher:
Taiwan Shui Mu Chih Ching Technology Limited.  (signed by Taiwan Shui Mu Chih Ching Technology Limited)

Product:
WinZipper

Description:
WinZipper application

Version:
1.5.90.8812

MD5:
6c176619e4004345e48b9d4b12e21511

SHA-1:
42c2197ddc185dd1a97ec21461ddca4c9474cd49

SHA-256:
277893999935b8d39059789786121ecf59154a857182decb7796018db5d18d1b

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/27/2024 1:40:04 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.TaiwanShuiMuChihChingTechnology
15.3.5.9

File size:
495.2 KB (507,056 bytes)

Product version:
1.5.90.8812

Copyright:
Copyright (c) 2011-2015 Taiwan Shui Mu Chih Ching Technology Limited.

Original file name:
WinZipper.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\omigazip_patch\winzipper.exe

Digital Signature
Signed by:
Taiwan Shui Mu Chih Ching Technology Limited

Authority:
GlobalSign nv-sa

Valid from:
3/4/2015 10:26:37 AM

Valid to:
3/4/2016 10:26:37 AM

Subject:
CN=Taiwan Shui Mu Chih Ching Technology Limited, O=Taiwan Shui Mu Chih Ching Technology Limited, L=Taipei City, S=Taiwan, C=TW

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121003857AB2AD439A7293EF2F1A8B3DCB6

File PE Metadata
Compilation timestamp:
3/5/2015 6:37:00 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:WF4FcH9nbQ7miqlZArpJ+7e8pnZfY7P9ePWP1loNA23QzFC:g4yhbQxSZOfk

Entry address:
0x4A1E2

Entry point:
E8, 6C, 04, 00, 00, E9, 6B, FD, FF, FF, FF, 25, 3C, 32, 45, 00, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 38, C0, 46, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F4, 64, 89, 0D, 00, 00, 00, 00, 59, 5F, 5F, 5E, 5B, 8B, E5, 5D, 51, C3, CC, FF, 25, 38, 32, 45, 00, 8B, FF, 55, 8B, EC, FF, 75, 14, FF, 75, 10, FF, 75, 0C, FF, 75, 08, 68, C1, 9C, 44, 00, 68, 38, C0, 46, 00, E8, 8E, 04, 00, 00, 83, C4...
 
[+]

Code size:
324.5 KB (332,288 bytes)

The file WinZipper.exe has been discovered within the following program.

WinZipper  by Taiwan Shui Mu Chih Ching Technology Limited.
The free and trial versions bundle various potentually unwanted toolbars and web browser extensions including the AVG Toolbar which modifies the browser's search and home page settings..
www.winzipper.com
75% remove it
 
Powered by Should I Remove It?

Remove WinZipper.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.