Jump to content

Recommended Posts

What is WinZip DriverUpdater?

The Malwarebytes research team has determined that WinZip DriverUpdater is a "driver updater". These so-called "system optimizers" use intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems.
More information can be found on our Malwarebytes Labs blog.

How do I know if I am infected with WinZip DriverUpdater?

This is how the main screen of the system optimizer looks:

main.png

You will find these icons in your taskbar, your startmenu, and on your desktop:

icons.png

and see this warning during install:

warning1.png

and these screens during "operations":

warning5.png

warning6.png

You may see this entry in your list of installed programs:

warning4.png

and these tasks in your list of Scheduled Tasks:

warning3.png

How did WinZip DriverUpdater get on my computer?

These so-called system optimizers use different methods of getting installed. This particular one was downloaded from their website:

website.png

How do I remove WinZip DriverUpdater?

Our program Malwarebytes can detect and remove this potentially unwanted application.

  • Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.

Is there anything else I need to do to get rid of WinZip DriverUpdater?

  • No, Malwarebytes removes WinZip DriverUpdater completely.
  • This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks.

How would the full version of Malwarebytes help protect me?

We hope our application and this guide have helped you eradicate this system optimizer.

As you can see below the full version of Malwarebytes would have protected you against the WinZip DriverUpdater installer. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late.
 

protection1.png


and we block access to their domain:
 

protection2.png


Technical details for experts

You may see these entries in FRST logs:
 

() C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe
(Corel Corporation) C:\Program Files\WinZip Driver Updater\DriverUpdater.exe
(Corel Corporation) C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitor.exe
R2 WinZip Smart Monitor Service; C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe [816896 2017-12-04] ()
C:\Windows\System32\Tasks\Start WinZip Driver Updater Schedule
C:\Windows\System32\Tasks\Start WinZip Driver Updater Update
C:\Windows\System32\Tasks\Start WinZip Driver Updater for {computername}@{username}(logon)
C:\Users\Public\Desktop\WinZip Driver Updater.lnk
C:\Windows\Tasks\Start WinZip Driver Updater for {computername}@{username}(logon).job
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
C:\ProgramData\WinZip
C:\Program Files\WinZip Smart Monitor
C:\Program Files\WinZip Driver Updater

WinZip Driver Updater (HKLM\...\WinZip Driver Updater) (Version: 5.25.3.6 - Corel Corporation)
Task: {3E6BA1EC-1D92-4073-A7DF-EADE1A17FB29} - System32\Tasks\Start WinZip Driver Updater for {computername}@{username}(logon) => C:\Program Files\WinZip Driver Updater\DriverUpdater.exe [2018-01-22] (Corel Corporation)
Task: {91A08D31-A6DA-4E07-8567-11463B0EC0FD} - System32\Tasks\Start WinZip Driver Updater Update => C:\Program Files\WinZip Driver Updater\DriverUpdater.exe [2018-01-22] (Corel Corporation)
Task: {E2140951-A5BB-4ED9-A854-C4660836C649} - System32\Tasks\Start WinZip Driver Updater Schedule => C:\Program Files\WinZip Driver Updater\DriverUpdater.exe [2018-01-22] (Corel Corporation)
Task: C:\Windows\Tasks\Start WinZip Driver Updater for {computername}@{username}(logon).job => C:\Program Files\WinZip Driver Updater\DriverUpdater.exe

Alterations made by the installer:
 

File system details [View: All details] (Selection)
---------------------------------------------------
    Adds the folder C:\Program Files\WinZip Driver Updater
       Adds the file 7za.exe"="8/10/2018 12:00 PM, 591104 bytes, A
       Adds the file DriverUpdater.exe"="1/22/2018 2:57 PM, 31463168 bytes, A
       Adds the file DriverUpdater.mab"="1/22/2018 2:57 PM, 2430086 bytes, A
       Adds the file DriverUpdaterUpdater.exe"="1/22/2018 2:57 PM, 80640 bytes, A
       Adds the file DriverUpdaterUpdater.mab"="1/22/2018 2:57 PM, 10443 bytes, A
       Adds the file lci.lci"="8/10/2018 12:00 PM, 648 bytes, H
       Adds the file notifier.exe"="1/22/2018 2:57 PM, 2490624 bytes, A
       Adds the file notifier.mab"="1/22/2018 2:57 PM, 698833 bytes, A
       Adds the file tray.exe"="1/22/2018 2:57 PM, 2696448 bytes, A
       Adds the file tray.mab"="1/22/2018 2:57 PM, 253763 bytes, A
       Adds the file Uninstall.exe"="1/22/2018 2:57 PM, 551904 bytes, A
    Adds the folder C:\Program Files\WinZip Smart Monitor
       Adds the file apps"="12/4/2017 9:28 AM, 2864 bytes, A
       Adds the file msvcp100.dll"="5/11/2016 6:02 PM, 608080 bytes, A
       Adds the file msvcr100.dll"="5/11/2016 6:02 PM, 829264 bytes, A
       Adds the file SystemInfo-vc100-mt.dll"="12/4/2017 9:46 AM, 2238208 bytes, A
       Adds the file SystemInfo-vc100-mt.mab"="12/4/2017 9:46 AM, 985327 bytes, A
       Adds the file Uninstall.exe"="12/4/2017 9:46 AM, 227440 bytes, A
       Adds the file WinZip Smart Monitor Service.exe"="12/4/2017 9:46 AM, 816896 bytes, A
       Adds the file WinZip Smart Monitor Service.mab"="12/4/2017 9:46 AM, 260502 bytes, A
       Adds the file WinZipSmartMonitor.exe"="12/4/2017 9:46 AM, 3351808 bytes, A
       Adds the file WinZipSmartMonitor.mab"="12/4/2017 9:46 AM, 913751 bytes, A
    Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip\WinZip Driver Updater
       Adds the file Uninstall.lnk"="8/10/2018 12:00 PM, 932 bytes, A
       Adds the file WinZip Driver Updater.lnk"="8/10/2018 12:00 PM, 952 bytes, A
    Adds the folder C:\ProgramData\WinZip\WinZip Driver Updater
       Adds the file CommonSettings.xml"="8/10/2018 12:00 PM, 426 bytes, A
       Adds the file freeDriver"="8/10/2018 12:00 PM, 101 bytes, A
    Adds the folder C:\ProgramData\WinZip\WinZip Driver Updater\backups
       Adds the file BackupInfo.xml"="8/10/2018 12:00 PM, 399 bytes, A
    Adds the folder C:\ProgramData\WinZip\WinZip Driver Updater\Language
       Adds the file Brazilian.xml"="1/22/2018 2:37 PM, 32752 bytes, A
       Adds the file Danish.xml"="1/22/2018 2:37 PM, 32031 bytes, A
       Adds the file Dutch.xml"="1/22/2018 2:37 PM, 33587 bytes, A
       Adds the file English.xml"="1/22/2018 2:37 PM, 30203 bytes, A
       Adds the file Finnish.xml"="1/22/2018 2:37 PM, 32204 bytes, A
       Adds the file French.xml"="1/22/2018 2:37 PM, 36420 bytes, A
       Adds the file German.xml"="1/22/2018 2:37 PM, 34798 bytes, A
       Adds the file Italian.xml"="1/22/2018 2:37 PM, 32882 bytes, A
       Adds the file Japanese.xml"="1/22/2018 2:37 PM, 39160 bytes, A
       Adds the file Norwegian.xml"="1/22/2018 2:37 PM, 31154 bytes, A
       Adds the file Russian.xml"="1/22/2018 2:37 PM, 49727 bytes, A
       Adds the file Spanish.xml"="1/22/2018 2:37 PM, 35321 bytes, A
       Adds the file Swedish.xml"="1/22/2018 2:37 PM, 32551 bytes, A
       Adds the file TradChinese.xml"="1/22/2018 2:37 PM, 29484 bytes, A
       Adds the file Turkish.xml"="1/22/2018 2:37 PM, 33841 bytes, A
    Adds the folder C:\ProgramData\WinZip\WinZip Driver Updater\{userID}
       Adds the file app_log.log"="8/10/2018 12:01 PM, 3530 bytes, A
       Adds the file AppSettings.xml"="8/10/2018 12:01 PM, 2518 bytes, A
       Adds the file DRmanager_log.log"="8/10/2018 12:01 PM, 1366 bytes, A
       Adds the file du_statistic"="8/10/2018 12:01 PM, 32768 bytes, A
       Adds the file Request.xml"="8/10/2018 12:01 PM, 28564 bytes, A
       Adds the file Response.xml"="8/10/2018 12:01 PM, 474 bytes, A
    Adds the folder C:\ProgramData\WinZip\WinZip Smart Monitor\{userID}
       Adds the file settings.data"="8/10/2018 12:00 PM, 675 bytes, A
       Adds the file smsettings"="8/10/2018 12:00 PM, 44 bytes, A
    In the existing folder C:\Users\Public\Desktop
       Adds the file WinZip Driver Updater.lnk"="8/10/2018 12:00 PM, 928 bytes, A
    In the existing folder C:\Windows\System32\Tasks
       Adds the file Start WinZip Driver Updater for {computername}@{username}(logon)"="8/10/2018 12:00 PM, 2646 bytes, A
       Adds the file Start WinZip Driver Updater Schedule"="8/10/2018 12:00 PM, 3432 bytes, A
       Adds the file Start WinZip Driver Updater Update"="8/10/2018 12:00 PM, 3364 bytes, A
    In the existing folder C:\Windows\Tasks
       Adds the file Start WinZip Driver Updater for {computername}@{username}(logon).job"="8/10/2018 12:00 PM, 338 bytes, A

Registry details [View: All details] (Selection)
------------------------------------------------
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinZip.SMSettings]
       "(Default)"="REG_SZ", "SMSettings Class"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinZip.SMSettings\CLSID]
       "(Default)"="REG_SZ", "{B5E0AC71-16D8-4F94-BD38-6373721A3995}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinZip.SMSettings\CurVer]
       "(Default)"="REG_SZ", "WinZip.SMSettings.1.1"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinZip.SMSettings.1.1]
       "(Default)"="REG_SZ", "WinZipSmartMonitor settings"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WinZip.SMSettings.1.1\CLSID]
       "(Default)"="REG_SZ", "{B5E0AC71-16D8-4F94-BD38-6373721A3995}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZip Driver Updater]
       "BID"="REG_SZ", "34"
       "DisplayIcon"="REG_SZ", "C:\Program Files\WinZip Driver Updater\DriverUpdater.exe"
       "DisplayName"="REG_SZ", "WinZip Driver Updater"
       "DisplayVersion"="REG_SZ", "5.25.3.6"
       "InstallLocation"="REG_SZ", "C:\Program Files\WinZip Driver Updater"
       "InstallPath"="REG_SZ", "C:\Program Files\WinZip Driver Updater"
       "MajorVersion"="REG_DWORD", 5
       "MinorVersion"="REG_DWORD", 25
       "OSOURCE"="REG_SZ", ""
       "Publisher"="REG_SZ", "Corel Corporation"
       "TID"="REG_SZ", ""
       "UninstallString"="REG_SZ", "C:\Program Files\WinZip Driver Updater\Uninstall.exe"
       "URLInfoAbout"="REG_SZ", "http://esupport.winzipsystemtools.com/driver-updater/"
       "VersionMajor"="REG_DWORD", 5
       "VersionMinor"="REG_DWORD", 25
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures]
       "Start WinZip Driver Updater for {computername}@{username}(logon).job"="REG_BINARY, ................................
       "Start WinZip Driver Updater for {computername}@{username}(logon).job.fp"="REG_DWORD", -1506061711
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\WinZip Smart Monitor Service]
       "DependOnService"="REG_MULTI_SZ, "RPCSS "
       "Description"="REG_SZ", "WinZip Smart Monitor Service"
       "DisplayName"="REG_SZ", "WinZip Smart Monitor Service"
       "ErrorControl"="REG_DWORD", 1
       "FailureActions"="REG_BINARY, ......................
       "ImagePath"="REG_EXPAND_SZ, ""C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe""
       "ObjectName"="REG_SZ", "LocalSystem"
       "Start"="REG_DWORD", 2
       "Type"="REG_DWORD", 16

Malwarebytes log:
 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 8/10/18
Scan Time: 12:22 PM
Log File: 406eb921-9c87-11e8-9457-00ffdcc6fdfc.json
Administrator: Yes

-Software Information-
Version: 3.5.1.2522
Components Version: 1.0.391
Update Package Version: 1.0.6285
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: {computername}\{username}

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 251343
Threats Detected: 91
Threats Quarantined: 89
Time Elapsed: 3 min, 54 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 3
PUP.Optional.WinZipDriverUpdater, C:\Program Files\WinZip Driver Updater\DriverUpdater.exe, Quarantined, [1603], [364824],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitor.exe, Quarantined, [1604], [456267],1.0.6285

Module: 9
PUP.Optional.WinZipDriverUpdater, C:\Program Files\WinZip Driver Updater\DriverUpdater.exe, Quarantined, [1603], [364824],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\msvcp100.dll, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\msvcp100.dll, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\msvcr100.dll, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\msvcr100.dll, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\SystemInfo-vc100-mt.dll, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\SystemInfo-vc100-mt.dll, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitor.exe, Quarantined, [1604], [456267],1.0.6285

Registry Key: 11
PUP.Optional.WinZipDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Start WinZip Driver Updater for {computername}@{username}(logon), Quarantined, [1603], [307837],1.0.6285
PUP.Optional.WinZipDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3E6BA1EC-1D92-4073-A7DF-EADE1A17FB29}, Quarantined, [1603], [307837],1.0.6285
PUP.Optional.WinZipDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{3E6BA1EC-1D92-4073-A7DF-EADE1A17FB29}, Quarantined, [1603], [307837],1.0.6285
PUP.Optional.WinZipDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Start WinZip Driver Updater Schedule, Quarantined, [1603], [307837],1.0.6285
PUP.Optional.WinZipDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E2140951-A5BB-4ED9-A854-C4660836C649}, Quarantined, [1603], [307837],1.0.6285
PUP.Optional.WinZipDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E2140951-A5BB-4ED9-A854-C4660836C649}, Quarantined, [1603], [307837],1.0.6285
PUP.Optional.WinZipDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Start WinZip Driver Updater Update, Quarantined, [1603], [307837],1.0.6285
PUP.Optional.WinZipDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{91A08D31-A6DA-4E07-8567-11463B0EC0FD}, Quarantined, [1603], [307837],1.0.6285
PUP.Optional.WinZipDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{91A08D31-A6DA-4E07-8567-11463B0EC0FD}, Quarantined, [1603], [307837],1.0.6285
PUP.Optional.WinZipDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WinZip Driver Updater, Quarantined, [1603], [364824],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinZip Smart Monitor Service, Quarantined, [1604], [456267],1.0.6285

Registry Value: 3
PUP.Optional.WinZipDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3E6BA1EC-1D92-4073-A7DF-EADE1A17FB29}|PATH, Quarantined, [1603], [307843],1.0.6285
PUP.Optional.WinZipDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{91A08D31-A6DA-4E07-8567-11463B0EC0FD}|PATH, Quarantined, [1603], [307843],1.0.6285
PUP.Optional.WinZipDriverUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E2140951-A5BB-4ED9-A854-C4660836C649}|PATH, Quarantined, [1603], [307843],1.0.6285

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 9
PUP.Optional.WinZipDriverUpdater, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\WINZIP\WINZIP DRIVER UPDATER, Quarantined, [1603], [310354],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\{userID}, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\Language, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\backups, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\PROGRAMDATA\WINZIP\WINZIP DRIVER UPDATER, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\PROGRAM FILES\WinZip Driver Updater, Quarantined, [1603], [364824],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\PROGRAM FILES\WINZIP SMART MONITOR, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\ProgramData\WinZip\WinZip Smart Monitor\{userID}, Removal Failed, [1604], [458272],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\PROGRAMDATA\WINZIP\WINZIP SMART MONITOR, Removal Failed, [1604], [458272],1.0.6285

File: 56
PUP.Optional.WinZipDriverUpdater, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\WINZIP\WINZIP DRIVER UPDATER\WINZIP DRIVER UPDATER.LNK, Quarantined, [1603], [310354],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip\WinZip Driver Updater\Uninstall.lnk, Quarantined, [1603], [310354],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\WINDOWS\SYSTEM32\TASKS\Start WinZip Driver Updater for {computername}@{username}(logon), Quarantined, [1603], [307837],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\WINDOWS\SYSTEM32\TASKS\Start WinZip Driver Updater Schedule, Quarantined, [1603], [307837],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\WINDOWS\SYSTEM32\TASKS\Start WinZip Driver Updater Update, Quarantined, [1603], [307837],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\USERS\PUBLIC\DESKTOP\WINZIP DRIVER UPDATER.LNK, Quarantined, [1603], [310353],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\WINDOWS\TASKS\Start WinZip Driver Updater for {computername}@{username}(logon).job, Quarantined, [1603], [307836],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\backups\BackupInfo.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\Language\Brazilian.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\Language\Danish.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\Language\Dutch.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\Language\English.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\Language\Finnish.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\Language\French.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\Language\German.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\Language\Italian.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\Language\Japanese.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\Language\Norwegian.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\Language\Russian.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\Language\Spanish.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\Language\Swedish.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\Language\TradChinese.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\Language\Turkish.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\{userID}\AppSettings.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\{userID}\app_log.log, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\{userID}\DRmanager_log.log, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\{userID}\du_statistic, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\{userID}\Request.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\{userID}\Response.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\CommonSettings.xml, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\ProgramData\WinZip\WinZip Driver Updater\freeDriver, Quarantined, [1603], [307835],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\Program Files\WinZip Driver Updater\7za.exe, Quarantined, [1603], [364824],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\Program Files\WinZip Driver Updater\DriverUpdater.exe, Quarantined, [1603], [364824],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\Program Files\WinZip Driver Updater\DriverUpdater.mab, Quarantined, [1603], [364824],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\Program Files\WinZip Driver Updater\DriverUpdaterUpdater.exe, Quarantined, [1603], [364824],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\Program Files\WinZip Driver Updater\DriverUpdaterUpdater.mab, Quarantined, [1603], [364824],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\Program Files\WinZip Driver Updater\lci.lci, Quarantined, [1603], [364824],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\Program Files\WinZip Driver Updater\notifier.exe, Quarantined, [1603], [364824],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\Program Files\WinZip Driver Updater\notifier.mab, Quarantined, [1603], [364824],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\Program Files\WinZip Driver Updater\tray.exe, Quarantined, [1603], [364824],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\Program Files\WinZip Driver Updater\tray.mab, Quarantined, [1603], [364824],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\Program Files\WinZip Driver Updater\Uninstall.exe, Quarantined, [1603], [364824],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\WinZip Driver Updater.lnk, Quarantined, [1603], [364824],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\apps, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\msvcp100.dll, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\msvcr100.dll, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\SystemInfo-vc100-mt.dll, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\SystemInfo-vc100-mt.mab, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\Uninstall.exe, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.mab, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitor.exe, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitor.mab, Quarantined, [1604], [456267],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\ProgramData\WinZip\WinZip Smart Monitor\{userID}\settings.data, Quarantined, [1604], [458272],1.0.6285
PUP.Optional.WinzipSystemUtilitiesSuite, C:\ProgramData\WinZip\WinZip Smart Monitor\{userID}\smsettings, Quarantined, [1604], [458272],1.0.6285
PUP.Optional.WinZipDriverUpdater, C:\USERS\{username}\DESKTOP\WZDU34.EXE, Quarantined, [1603], [484645],1.0.6285

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

As mentioned before the full version of Malwarebytes could have protected your computer against this threat.
We use different ways of protecting your computer(s):

  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention

Save yourself the hassle and get protected. 

Link to post
Share on other sites
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.