unziplite.exe

SafeInstaller

InstallX, LLC

This is the InstallX/InstallIQ download manager and installer that will bundle offers during setup for additional PUPs and other unwanted software. The application unziplite.exe by InstallX has been detected as adware by 19 anti-malware scanners. The program is a setup application that uses the InstallIQ Installation Manager installer. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.
Publisher:
SafeInstall, LLC  (signed by InstallX, LLC)

Product:
SafeInstaller

Description:
Safe Installer

Version:
1.0.61.0

MD5:
9efaed1eba4bdd694583b5f8e824f21d

SHA-1:
f1c77e1201dc45a6a99974dd2848133a48c3e285

SHA-256:
ac57f35be0a8ed171dfe41b4a07c7926abd14c65d49d2e5643dad210fbaea624

Scanner detections:
19 / 68

Status:
Adware

Explanation:
Uses the InstallIQ (by InstallX) software bundler that may include toolbars and other browser extensions offers.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
12/23/2024 4:04:29 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.Graftor.155902
827

AhnLab V3 Security
PUP/Win32.Generic
2014.10.31

Avira AntiVirus
APPL/InstallIQ.Gen4
7.11.182.126

AVG
Adware Generic_r.NT
2014.0.4040

Bitdefender
Gen:Variant.Application.Bundler.Graftor.155902
1.0.20.1520

Comodo Security
Application.Win32.InstallIQ.B
19950

Dr.Web
Threat.Undefined
9.0.1.05190

ESET NOD32
Win32/InstallIQ.A potentially unwanted application
7.0.302.0

F-Secure
Gen:Variant.Application.Bundler
11.2014-31-10_6

G Data
Gen:Variant.Application.Bundler.Graftor.155902
14.10.24

K7 AntiVirus
Unwanted-Program
13.185.13853

Kaspersky
not-a-virus:Downloader.NSIS.Agent
15.0.0.494

Malwarebytes
PUP.Optional.SafeInstall.A
v2014.10.31.03

MicroWorld eScan
Gen:Variant.Application.Bundler.Graftor.155902
15.0.0.912

NANO AntiVirus
Riskware.Win32.Searcher.csnymk
0.28.6.62995

Reason Heuristics
PUP.Installer.InstallX.J
14.10.29.2

Sophos
InstallQ
4.98

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
3.12.26.3

VIPRE Antivirus
Threat.4783689
34232

File size:
1.9 MB (1,991,704 bytes)

Product version:
1.0.61.0

Copyright:
Copyright (C) 2014

Original file name:
safeinstall.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
InstallIQ Installation Manager

Language:
English (United States)

Digital Signature
Signed by:

Authority:
DigiCert Inc

Valid from:
3/20/2014 7:00:00 PM

Valid to:
4/8/2015 7:00:00 AM

Subject:
CN="InstallX, LLC", O="InstallX, LLC", L=Sartell, S=Minnesota, C=US

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0F4D188192318D28510FC886CBB855E6

File PE Metadata
Compilation timestamp:
9/10/2014 10:25:18 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:cZsonQHxM3RxxQ4SMix6y6YqEe7RoNHphhIXro5EjV7r7A6Rf+ADStVIlu6+q5wA:Xp6y6bUphmrL7o655DSoIq5B86T1heqr

Entry address:
0x5AC3A

Entry point:
E8, E3, 3B, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 10, B0, 54, 00, E8, 20, 2C, 00, 00, E8, B0, 3D, 00, 00, 0F, B7, F0, 6A, 02, E8, 76, 3B, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 57, 35, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
7.0529

Code size:
1.1 MB (1,116,672 bytes)

Remove unziplite.exe - Powered by Reason Core Security