PUP.WinZipper Removal Report

Table of Contents

Aliases

5 security vendors flagged this file as malicious.

Anti-Virus Software	Detection
McAfee	Artemis!FD4518DBC764
McAfee-GW-Edition	Artemis
AVG	Taishumu.511
DrWeb	Adware.Mutabaha.343
Symantec	PUA.WinZipper

SpyHunter Detects & Remove PUP.WinZipper

File System Details

PUP.WinZipper may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	winzipersvc.exe	95ce1937af02ab3c2d822d546e9fb378	972
Name: winzipersvc.exe MD5: 95ce1937af02ab3c2d822d546e9fb378 Size: 682.24 KB (682240 bytes) Detections: 972 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\AppData\Local\Temp\istA38E.tmp\omigazip\winzipersvc.exe Group: Malware file Last Updated: April 6, 2024
2.	WinZipper.exe	fcae645169e565050a9a5be27ebe4033	260
Name: WinZipper.exe MD5: fcae645169e565050a9a5be27ebe4033 Size: 1.65 MB (1657520 bytes) Detections: 260 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\AppData\Local\Temp\istFB22.tmp\OmigaZip_patch\WinZipper.exe Group: Malware file Last Updated: April 6, 2024
3.	A0056866.exe	1349aa702ed846d801971837fb4354c9	257
Name: A0056866.exe MD5: 1349aa702ed846d801971837fb4354c9 Size: 1.55 MB (1559216 bytes) Detections: 257 Type: Executable File Path: C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP126\A0056866.exe Group: Malware file Last Updated: September 23, 2023
4.	A0077943.exe	538ad7c45fd01c52196b6756034ab914	234
Name: A0077943.exe MD5: 538ad7c45fd01c52196b6756034ab914 Size: 1.69 MB (1698312 bytes) Detections: 234 Type: Executable File Path: C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP144\A0077943.exe Group: Malware file Last Updated: October 9, 2021
5.	A0035920.exe	53f45b558a0aebd79f9edc2142fa26da	174
Name: A0035920.exe MD5: 53f45b558a0aebd79f9edc2142fa26da Size: 1.65 MB (1657520 bytes) Detections: 174 Type: Executable File Path: C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP112\A0035920.exe Group: Malware file Last Updated: July 12, 2023
6.	A0126475.exe	df667a225fad7706c3dc45fcc01314cc	173
Name: A0126475.exe MD5: df667a225fad7706c3dc45fcc01314cc Size: 2.92 MB (2921072 bytes) Detections: 173 Type: Executable File Path: %SYSTEMDRIVE%\System Volume Information\_restore{4EC8B925-B0B0-414B-9CB6-B2AB003E7B01}\RP193\A0126475.exe Group: Malware file Last Updated: March 21, 2024
7.	zip_update_v1.5.132.exe.vir	24ad81381458213d104bdd85d310b177	107
Name: zip_update_v1.5.132.exe.vir MD5: 24ad81381458213d104bdd85d310b177 Size: 432.12 KB (432128 bytes) Detections: 107 Path: C:\AdwCleaner\Quarantine\C\Users\<username>\AppData\Roaming\WinZipper\update\zip_update_v1.5.132.exe.vir Group: Malware file Last Updated: May 16, 2023
8.	A0056875.exe	339d68e8f09c4471019055156b3e3650	92
Name: A0056875.exe MD5: 339d68e8f09c4471019055156b3e3650 Size: 731.82 KB (731824 bytes) Detections: 92 Type: Executable File Path: C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP126\A0056875.exe Group: Malware file Last Updated: November 12, 2022
9.	winzipersvc.exe	d1b002ea33d858b4a8b4ca47b3fad152	89
Name: winzipersvc.exe MD5: d1b002ea33d858b4a8b4ca47b3fad152 Size: 711.34 KB (711344 bytes) Detections: 89 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\AppData\Local\Temp\istFB22.tmp\OmigaZip_patch\winzipersvc.exe Group: Malware file Last Updated: April 6, 2024
10.	winzipersvc.exe	99b530198e86d4335606fff8f9bf1f5b	83
Name: winzipersvc.exe MD5: 99b530198e86d4335606fff8f9bf1f5b Size: 705.52 KB (705520 bytes) Detections: 83 Type: Executable File Path: %PROGRAMFILES%\WinZipper Group: Malware file Last Updated: July 16, 2020
11.	dup.exe	86225b87712ed35ecf8c0a7038e11270	82
Name: dup.exe MD5: 86225b87712ed35ecf8c0a7038e11270 Size: 428.2 KB (428208 bytes) Detections: 82 Type: Executable File Path: %SYSTEMDRIVE%\Users\<username>\AppData\Local\Temp\istFB22.tmp\OmigaZip_patch\dup.exe Group: Malware file Last Updated: April 6, 2024
12.	A0046663.exe	64551e1f5a559f95afe182314736bf6d	54
Name: A0046663.exe MD5: 64551e1f5a559f95afe182314736bf6d Size: 711.34 KB (711344 bytes) Detections: 54 Type: Executable File Path: C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP118\A0046663.exe Group: Malware file Last Updated: June 6, 2022
13.	A0035933.exe	ac635d9c14f825f18a5752b537e13c3e	45
Name: A0035933.exe MD5: ac635d9c14f825f18a5752b537e13c3e Size: 711.34 KB (711344 bytes) Detections: 45 Type: Executable File Path: C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP112\A0035933.exe Group: Malware file Last Updated: June 6, 2022
14.	winzipersvc.exe	a6669dc82b49008bc9b26ba3532e7062	42
Name: winzipersvc.exe MD5: a6669dc82b49008bc9b26ba3532e7062 Size: 693.29 KB (693296 bytes) Detections: 42 Type: Executable File Path: C:\Users\<username>\AppData\Local\Temp\ist1844.tmp\omigazip\winzipersvc.exe Group: Malware file Last Updated: September 1, 2022
15.	A0077958.exe	4bfaf6d7fb8e99ce5dc93bb121235567	41
Name: A0077958.exe MD5: 4bfaf6d7fb8e99ce5dc93bb121235567 Size: 399.36 KB (399360 bytes) Detections: 41 Type: Executable File Path: C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP144\A0077958.exe Group: Malware file Last Updated: October 10, 2023
16.	BC35F18B-8C50-2682-0217-29C3DBAA9980	2e615af5bd3caa1f655aa9f1f112ce83	35
Name: BC35F18B-8C50-2682-0217-29C3DBAA9980 MD5: 2e615af5bd3caa1f655aa9f1f112ce83 Size: 701.96 KB (701960 bytes) Detections: 35 Path: C:\Windows\System32\MRT\3AC662F4-BBD5-4771-B2A0-164912094D5D\FilesStash\BC35F18B-8C50-2682-0217-29C3DBAA9980 Group: Malware file Last Updated: October 8, 2022
17.	dup.exe	dbe8b7379813789ad09dae023a53db9f	26
Name: dup.exe MD5: dbe8b7379813789ad09dae023a53db9f Size: 363.69 KB (363696 bytes) Detections: 26 Type: Executable File Path: C:\Program Files\WinZipper\dup.exe Group: Malware file Last Updated: September 28, 2022
18.	winzipersvc.exe	85e4c66ca3e06ec0c70e0dca4dc5278c	25
Name: winzipersvc.exe MD5: 85e4c66ca3e06ec0c70e0dca4dc5278c Size: 682.24 KB (682240 bytes) Detections: 25 Type: Executable File Path: %PROGRAMFILES(x86)%\WinZip Group: Malware file Last Updated: March 26, 2016
19.	A0046654.exe	491fbc8fbb2041485c9ff136665040ef	23
Name: A0046654.exe MD5: 491fbc8fbb2041485c9ff136665040ef Size: 1.65 MB (1657520 bytes) Detections: 23 Type: Executable File Path: C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP118\A0046654.exe Group: Malware file Last Updated: June 10, 2022
20.	dup.exe	afdbbea6c5614902e1528f9bb3442e50	22
Name: dup.exe MD5: afdbbea6c5614902e1528f9bb3442e50 Size: 363.65 KB (363656 bytes) Detections: 22 Type: Executable File Path: C:\Program Files (x86)\WinZipper\dup.exe Group: Malware file Last Updated: November 19, 2021
21.	dup.exe	914816cfb260349a1b56c054612b3062	17
Name: dup.exe MD5: 914816cfb260349a1b56c054612b3062 Size: 442.54 KB (442544 bytes) Detections: 17 Type: Executable File Path: C:\Users\<username>\AppData\Local\Temp\NSIS_00000000\OmigaZip_patch\dup.exe Group: Malware file Last Updated: September 23, 2023
22.	winzipersvc.exe	eaa505c44ebe68369557daeb0d7ee8a2	16
Name: winzipersvc.exe MD5: eaa505c44ebe68369557daeb0d7ee8a2 Size: 711.34 KB (711344 bytes) Detections: 16 Type: Executable File Path: %PROGRAMFILES(x86)%\WinZipper Group: Malware file Last Updated: May 21, 2022
23.	dup.exe	6c41abe6ea5dd70f01e6fc9ea84d7703	8
Name: dup.exe MD5: 6c41abe6ea5dd70f01e6fc9ea84d7703 Size: 428.2 KB (428208 bytes) Detections: 8 Type: Executable File Path: %PROGRAMFILES%\WinZipper Group: Malware file Last Updated: May 21, 2022
24.	winzipersvc.exe	2a5fee3c177bd0c70311f859e941f47a	4
Name: winzipersvc.exe MD5: 2a5fee3c177bd0c70311f859e941f47a Size: 689.82 KB (689824 bytes) Detections: 4 Type: Executable File Path: %PROGRAMFILES%\WinZipper Group: Malware file Last Updated: March 26, 2016
25.	winzipersvc.exe	0e557023dbdb28a18b2018dd2a40ca95	3
Name: winzipersvc.exe MD5: 0e557023dbdb28a18b2018dd2a40ca95 Size: 682.24 KB (682240 bytes) Detections: 3 Type: Executable File Path: %PROGRAMFILES(x86)%\WinZip Group: Malware file Last Updated: March 26, 2016
26.	winzipersvc.exe	258bd28e3f00871d59cf0f4cd0e7d250	2
Name: winzipersvc.exe MD5: 258bd28e3f00871d59cf0f4cd0e7d250 Size: 708.24 KB (708248 bytes) Detections: 2 Type: Executable File Path: %PROGRAMFILES%\WinZipper Group: Malware file Last Updated: March 26, 2016
27.	WinZipper.exe	fd2b67cc95adb0dfd9e1fd4a919219c8	1
Name: WinZipper.exe MD5: fd2b67cc95adb0dfd9e1fd4a919219c8 Size: 1.65 MB (1657520 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\WinZipper Group: Malware file Last Updated: February 11, 2016
28.	winzipersvc.exe	f1e72a9670e0d1d8bf3c718aac576235	1
Name: winzipersvc.exe MD5: f1e72a9670e0d1d8bf3c718aac576235 Size: 693.33 KB (693336 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES(x86)%\WinZip Group: Malware file Last Updated: March 26, 2016
29.	winzipersvc.exe	ec4cde48d83f3b73524fd25ba6f04d72	1
Name: winzipersvc.exe MD5: ec4cde48d83f3b73524fd25ba6f04d72 Size: 705.52 KB (705520 bytes) Detections: 1 Type: Executable File Path: %PROGRAMFILES%\WinZipper Group: Malware file Last Updated: March 26, 2016

More files

Registry Details

PUP.WinZipper may create the following registry entry or registry entries:

CLSID

{4F622628-7632-4B28-B184-D7BA0CA3273B}

{DC638EEA-2BA2-4459-9C46-85A2F0BE6040}

HKEY..\..\..\..{RegistryKeys}

SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper

SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper

SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\WinZipper

SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper

Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids\WinZipper.cab

Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids\WinZipper.zip

SOFTWARE\WinZiper

SOFTWARE\winzipersvc

SOFTWARE\Wow6432Node\WinZiper

SOFTWARE\Wow6432Node\winzipersvc

SYSTEM\ControlSet001\services\eventlog\Application\winzipersvc

SYSTEM\ControlSet001\services\winzipersvc

SYSTEM\ControlSet002\services\eventlog\Application\winzipersvc

SYSTEM\ControlSet002\services\winzipersvc

SYSTEM\CurrentControlSet\services\eventlog\Application\winzipersvc

SYSTEM\CurrentControlSet\services\winzipersvc

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

WinZipper

Directories

PUP.WinZipper may create the following directory or directories:

%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WinZipper

%ALLUSERSPROFILE%\Start Menu\Programs\WinZipper

%APPDATA%\WinZiper

%APPDATA%\WinZipper

%PROGRAMFILES%\WinZipper

%PROGRAMFILES(x86)%\WinZipper

Ranking:	1,952
Threat Level:	10 % (Normal)
Infected Computers:	167,998

First Seen:	March 23, 2015
Last Seen:	April 6, 2024
OS(es) Affected:	Windows

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

PUP.WinZipper

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove PUP.WinZipper

File System Details

Registry Details

Directories

Submit Comment

Trending

Captchastone.azurewebsites.net

WinUpdatesDisabler Ransomware

Necticalcatha.com

Most Viewed

Discord Shows Black Screen when Sharing Screen

How To Fix 'Printer Driver is Unavailable' Error

What is Msedge.exe?