I'll assume that you have already performed PBKDF2 with the static 1000 iterations defined (which is, uh, on the low end of security), and that the two key check bytes have been validated.
AES itself is no different, and it seems that Winzip doesn't use anything special. The only thing that is a bit weird is that the counter is in little endian. This is all C-code, so endianness is defined by the platform, and mostly that means little endian.
Nothing prohibits the use of a little endian counter for CTR mode, but in 99% of the cases it'll be big endian. You may need to implement CTR-LE yourself on top of the AES cipher (or AES-ECB, which is kind of the same).
Also note that the ZIP - uh - standard defines an encrypted header, so the start of the decrypted plaintext won't be the file contents.
Similarly, the authentication tag is just HMAC-SHA1-80 over the ciphertext. HMAC-SHA1-80 is just HMAC-SHA-1 of which only 80 bits are used, i.e. half of the output size of HMAC-SHA-1, usually the leftmost bits.
If you're stuck, I'd take a careful look at the code to check if you don't have any values backwards (e.g. maybe it uses the rightmost bytes of the HMAC, unlikely, but yeah).