WinZipper
Posted: March 23, 2015
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 2,020 |
|---|---|
| Threat Level: | 1/10 |
| Infected PCs: | 392,098 |
| First Seen: | March 23, 2015 |
|---|---|
| Last Seen: | October 17, 2023 |
| OS(es) Affected: | Windows |
WinZipper is a file compression application that may often use deceptive marketing tricks to get to the machines of as many users as possible. This program isn't threatening, and its name isn't linked to any suspicious activities such as hijacking a Web browser's settings or injecting marketing content in the user's Web browser. However, WinZipper is identified as a Potentially Unwanted Program by many reputable anti-malware software vendors, and many users might want to consider removing this program from their computers if they didn't download and install it on purpose.
The WinZipper application may travel via low-quality software bundles that may utilize misleading installation instructions, confusing license agreements and other tricks whose goal is to convince users to authorize the installation of WinZipper unknowingly. When WinZipper is installed, it may set itself as a default program for opening all kinds of compressed files automatically, thus preventing users from utilizing their favorite file compression program. Furthermore, WinZipper's installation creates a Windows Service that will be started automatically whenever the computer is powered on, and all this is done automatically.
WinZipper doesn't include any limitations that may impair the utility's compression performance, so it is safe to say that users should not encounter any problems if they opt to use it. However, because of its ability to install itself stealthily, as well as to create an automatically started Windows Service, WinZipper is an application whose removal might not be a bad idea. If you find this tool useful, then removing it is not mandatory. However, if you found it on your computer and you didn't install it intentionally, then we advise you to remove WinZipper with the help of potent cyber security software.
Aliases
Artemis!FD4518DBC764 [McAfee]Artemis [McAfee-GW-Edition]Taishumu.511 [AVG]Adware.Mutabaha.343 [DrWeb]PUA.WinZipper [Symantec]
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP126\A0056866.exe
File name: A0056866.exeSize: 1.55 MB (1559216 bytes)
MD5: 1349aa702ed846d801971837fb4354c9
Detection count: 602
File type: Executable File
Mime Type: unknown/exe
Path: C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP126\A0056866.exe
Group: Malware file
Last Updated: September 23, 2023
C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP144\A0077943.exe
File name: A0077943.exeSize: 1.69 MB (1698312 bytes)
MD5: 538ad7c45fd01c52196b6756034ab914
Detection count: 548
File type: Executable File
Mime Type: unknown/exe
Path: C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP144\A0077943.exe
Group: Malware file
Last Updated: October 9, 2021
C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP112\A0035920.exe
File name: A0035920.exeSize: 1.65 MB (1657520 bytes)
MD5: 53f45b558a0aebd79f9edc2142fa26da
Detection count: 408
File type: Executable File
Mime Type: unknown/exe
Path: C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP112\A0035920.exe
Group: Malware file
Last Updated: July 12, 2023
%SYSTEMDRIVE%\System Volume Information\_restore{4EC8B925-B0B0-414B-9CB6-B2AB003E7B01}\RP193\A0126475.exe
File name: A0126475.exeSize: 2.92 MB (2921072 bytes)
MD5: df667a225fad7706c3dc45fcc01314cc
Detection count: 398
File type: Executable File
Mime Type: unknown/exe
Path: %SYSTEMDRIVE%\System Volume Information\_restore{4EC8B925-B0B0-414B-9CB6-B2AB003E7B01}\RP193\A0126475.exe
Group: Malware file
Last Updated: September 23, 2023
C:\AdwCleaner\Quarantine\C\Users\<username>\AppData\Roaming\WinZipper\update\zip_update_v1.5.132.exe.vir
File name: zip_update_v1.5.132.exe.virSize: 432.12 KB (432128 bytes)
MD5: 24ad81381458213d104bdd85d310b177
Detection count: 251
Mime Type: unknown/vir
Path: C:\AdwCleaner\Quarantine\C\Users\<username>\AppData\Roaming\WinZipper\update\zip_update_v1.5.132.exe.vir
Group: Malware file
Last Updated: May 16, 2023
C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP126\A0056875.exe
File name: A0056875.exeSize: 731.82 KB (731824 bytes)
MD5: 339d68e8f09c4471019055156b3e3650
Detection count: 215
File type: Executable File
Mime Type: unknown/exe
Path: C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP126\A0056875.exe
Group: Malware file
Last Updated: November 12, 2022
%PROGRAMFILES%\WinZipper\winzipersvc.exe
File name: winzipersvc.exeSize: 705.52 KB (705520 bytes)
MD5: 99b530198e86d4335606fff8f9bf1f5b
Detection count: 194
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\WinZipper
Group: Malware file
Last Updated: July 16, 2020
%SYSTEMDRIVE%\Users\<username>\AppData\Local\Temp\istFB22.tmp\OmigaZip_patch\dup.exe
File name: dup.exeSize: 428.2 KB (428208 bytes)
MD5: 86225b87712ed35ecf8c0a7038e11270
Detection count: 190
File type: Executable File
Mime Type: unknown/exe
Path: %SYSTEMDRIVE%\Users\<username>\AppData\Local\Temp\istFB22.tmp\OmigaZip_patch\dup.exe
Group: Malware file
Last Updated: August 1, 2023
C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP118\A0046663.exe
File name: A0046663.exeSize: 711.34 KB (711344 bytes)
MD5: 64551e1f5a559f95afe182314736bf6d
Detection count: 126
File type: Executable File
Mime Type: unknown/exe
Path: C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP118\A0046663.exe
Group: Malware file
Last Updated: June 6, 2022
C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP112\A0035933.exe
File name: A0035933.exeSize: 711.34 KB (711344 bytes)
MD5: ac635d9c14f825f18a5752b537e13c3e
Detection count: 105
File type: Executable File
Mime Type: unknown/exe
Path: C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP112\A0035933.exe
Group: Malware file
Last Updated: June 6, 2022
C:\Users\<username>\AppData\Local\Temp\ist1844.tmp\omigazip\winzipersvc.exe
File name: winzipersvc.exeSize: 693.29 KB (693296 bytes)
MD5: a6669dc82b49008bc9b26ba3532e7062
Detection count: 98
File type: Executable File
Mime Type: unknown/exe
Path: C:\Users\<username>\AppData\Local\Temp\ist1844.tmp\omigazip\winzipersvc.exe
Group: Malware file
Last Updated: September 1, 2022
C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP144\A0077958.exe
File name: A0077958.exeSize: 399.36 KB (399360 bytes)
MD5: 4bfaf6d7fb8e99ce5dc93bb121235567
Detection count: 96
File type: Executable File
Mime Type: unknown/exe
Path: C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP144\A0077958.exe
Group: Malware file
Last Updated: October 10, 2023
%PROGRAMFILES%\WinZipper\WinZipper.exe
File name: WinZipper.exeSize: 1.65 MB (1657520 bytes)
MD5: fd2b67cc95adb0dfd9e1fd4a919219c8
Detection count: 63
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\WinZipper
Group: Malware file
Last Updated: February 11, 2016
C:\Program Files\WinZipper\dup.exe
File name: dup.exeSize: 363.69 KB (363696 bytes)
MD5: dbe8b7379813789ad09dae023a53db9f
Detection count: 61
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files\WinZipper\dup.exe
Group: Malware file
Last Updated: September 28, 2022
%PROGRAMFILES(x86)%\WinZip\winzipersvc.exe
File name: winzipersvc.exeSize: 682.24 KB (682240 bytes)
MD5: 85e4c66ca3e06ec0c70e0dca4dc5278c
Detection count: 59
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\WinZip
Group: Malware file
Last Updated: March 26, 2016
C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP118\A0046654.exe
File name: A0046654.exeSize: 1.65 MB (1657520 bytes)
MD5: 491fbc8fbb2041485c9ff136665040ef
Detection count: 54
File type: Executable File
Mime Type: unknown/exe
Path: C:\System Volume Information\_restore{61313432-71E1-41E4-9839-B12335D1664E}\RP118\A0046654.exe
Group: Malware file
Last Updated: June 10, 2022
C:\Program Files (x86)\WinZipper\dup.exe
File name: dup.exeSize: 363.65 KB (363656 bytes)
MD5: afdbbea6c5614902e1528f9bb3442e50
Detection count: 52
File type: Executable File
Mime Type: unknown/exe
Path: C:\Program Files (x86)\WinZipper\dup.exe
Group: Malware file
Last Updated: November 19, 2021
C:\Users\<username>\AppData\Local\Temp\NSIS_00000000\OmigaZip_patch\dup.exe
File name: dup.exeSize: 442.54 KB (442544 bytes)
MD5: 914816cfb260349a1b56c054612b3062
Detection count: 40
File type: Executable File
Mime Type: unknown/exe
Path: C:\Users\<username>\AppData\Local\Temp\NSIS_00000000\OmigaZip_patch\dup.exe
Group: Malware file
Last Updated: September 23, 2023
%PROGRAMFILES%\WinZipper\winzipersvc.exe
File name: winzipersvc.exeSize: 705.52 KB (705520 bytes)
MD5: ec4cde48d83f3b73524fd25ba6f04d72
Detection count: 31
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\WinZipper
Group: Malware file
Last Updated: March 26, 2016
%PROGRAMFILES(x86)%\WinZip\winzipersvc.exe
File name: winzipersvc.exeSize: 693.33 KB (693336 bytes)
MD5: f1e72a9670e0d1d8bf3c718aac576235
Detection count: 24
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\WinZip
Group: Malware file
Last Updated: March 26, 2016
%PROGRAMFILES%\WinZipper\dup.exe
File name: dup.exeSize: 428.2 KB (428208 bytes)
MD5: 6c41abe6ea5dd70f01e6fc9ea84d7703
Detection count: 19
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\WinZipper
Group: Malware file
Last Updated: May 21, 2022
%PROGRAMFILES%\WinZipper\winzipersvc.exe
File name: winzipersvc.exeSize: 689.82 KB (689824 bytes)
MD5: 2a5fee3c177bd0c70311f859e941f47a
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\WinZipper
Group: Malware file
Last Updated: March 26, 2016
%PROGRAMFILES(x86)%\WinZip\winzipersvc.exe
File name: winzipersvc.exeSize: 682.24 KB (682240 bytes)
MD5: 0e557023dbdb28a18b2018dd2a40ca95
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES(x86)%\WinZip
Group: Malware file
Last Updated: March 26, 2016
%PROGRAMFILES%\WinZipper\winzipersvc.exe
File name: winzipersvc.exeSize: 708.24 KB (708248 bytes)
MD5: 258bd28e3f00871d59cf0f4cd0e7d250
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %PROGRAMFILES%\WinZipper
Group: Malware file
Last Updated: March 26, 2016
More files
Registry Modifications
The following newly produced Registry Values are:
CLSID{4F622628-7632-4B28-B184-D7BA0CA3273B}{DC638EEA-2BA2-4459-9C46-85A2F0BE6040}HKEY..\..\..\..{RegistryKeys}SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipperSOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipperSOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\WinZipperSOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipperSoftware\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids\WinZipper.cabSoftware\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids\WinZipper.zipSOFTWARE\WinZiperSOFTWARE\winzipersvcSOFTWARE\Wow6432Node\WinZiperSOFTWARE\Wow6432Node\winzipersvcSYSTEM\ControlSet001\services\eventlog\Application\winzipersvcSYSTEM\ControlSet001\services\winzipersvcSYSTEM\ControlSet002\services\eventlog\Application\winzipersvcSYSTEM\ControlSet002\services\winzipersvcSYSTEM\CurrentControlSet\services\eventlog\Application\winzipersvcSYSTEM\CurrentControlSet\services\winzipersvcHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}WinZipper
CLSID{4F622628-7632-4B28-B184-D7BA0CA3273B}{DC638EEA-2BA2-4459-9C46-85A2F0BE6040}HKEY..\..\..\..{RegistryKeys}SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipperSOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipperSOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\WinZipperSOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipperSoftware\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids\WinZipper.cabSoftware\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids\WinZipper.zipSOFTWARE\WinZiperSOFTWARE\winzipersvcSOFTWARE\Wow6432Node\WinZiperSOFTWARE\Wow6432Node\winzipersvcSYSTEM\ControlSet001\services\eventlog\Application\winzipersvcSYSTEM\ControlSet001\services\winzipersvcSYSTEM\ControlSet002\services\eventlog\Application\winzipersvcSYSTEM\ControlSet002\services\winzipersvcSYSTEM\CurrentControlSet\services\eventlog\Application\winzipersvcSYSTEM\CurrentControlSet\services\winzipersvcHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}WinZipper
Additional Information
The following directories were created:
%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\WinZipper%ALLUSERSPROFILE%\Start Menu\Programs\WinZipper%APPDATA%\WinZiper%APPDATA%\WinZipper%PROGRAMFILES%\WinZipper%PROGRAMFILES(x86)%\WinZipper
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.