home

wzUninstall.exe

WinZipper

Chencheng Cai

The application wzUninstall.exe, “Winziper uninstall application” by Chencheng Cai has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. This is the uninstaller utility registered in the Windows Control Panel for the program WinZip by Winzipper Pvt Ltd..
Publisher:
Winziper Pvt Ltd.  (signed by Chencheng Cai)

Product:
WinZipper

Description:
Winziper uninstall application

Version:
2.2.28.0

MD5:
ad934a5844edae74b0769bf6d1f32776

SHA-1:
7137c957b48b3678c706909b109c048ee8c6cf79

SHA-256:
5e2d5ad2d89f6723a2633aaf9977abdfb9903fb955b324cf779656fd1062d259

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
1/13/2025 7:23:55 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Winzipper.Chenchen.Installer.Meta (M)
16.7.12.9

File size:
1 MB (1,069,656 bytes)

Product version:
2.2.28.0

Copyright:
Copyright (c) 2015 Winziper Pvt Ltd. All Rights Reserved.

Original file name:
wzUninstall.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\winzipper\wzuninstall.exe

Digital Signature
Signed by:
Chencheng Cai

Authority:
thawte, Inc.

Valid from:
7/11/2016 2:00:00 AM

Valid to:
1/18/2017 12:59:59 AM

Subject:
CN=Chencheng Cai, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
41D3AD9B335343BDEB86F57313EA2CB2

File PE Metadata
Compilation timestamp:
7/12/2016 3:46:35 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:QEXyl+N+kuMGjYRlGkKBr7VEaMc8TkqZGpFd85AEvQLKU:QSyAyxVvmTkfFdrKU

Entry address:
0x857C6

Entry point:
E8, FE, 65, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 08, 85, F6, 75, 13, E8, 18, 2C, 00, 00, 6A, 16, 5E, 89, 30, E8, EE, 39, 00, 00, 8B, C6, EB, 24, 68, 80, 00, 00, 00, FF, 75, 10, FF, 75, 0C, E8, 17, 00, 00, 00, 83, C4, 0C, 89, 06, 85, C0, 74, 04, 33, C0, EB, 07, E8, E8, 2B, 00, 00, 8B, 00, 5E, 5D, C3, 6A, 0C, 68, A8, C8, 4D, 00, E8, AF, 49, 00, 00, 33, C9, 89, 4D, E4, 33, C0, 8B, 7D, 08, 85, FF, 0F, 95, C0, 85, C0, 75, 17, E8, BF, 2B, 00, 00, C7, 00, 16, 00, 00, 00, E8, 94, 39, 00, 00, 33, C0...
 
[+]

Code size:
682 KB (698,368 bytes)

Program Uninstaller
Program name:
WinZip

Display publisher:
Winzipper Pvt Ltd.

Display version:
2.2.59

Uninstall string:
C:\Program Files (x86)\WinZipper\wzUninstall.exe


Remove wzUninstall.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.