Tag Archives: TR/Dropper.Gen

InstallVibes Digital Signature – Bundling, VirusTotal detections and Promotions

I just found a file digitally signed by InstallVibes. You might have noticed that InstallVibes appears as the publisher in the User Account Control dialog that pops up when double-clicking on the file and came here to find more about it.

InstallVibes Publisher

Information about a digital signature and the certificate can also be found under the Digital Signature tab. The two screenshots below shows the InstallVibes certificate and that the “Subject” is located in Tel Aviv, Israel.

InstallVibes Digital Signature

InstallVibes Certificate TelAviv Israel

I decided to upload the InstallVibes file to VirusTotal. The file was detected by some of the anti-virus programs, with names such as: TR/Dropper.GenPUP.Optional.Bundlore and Bundlore.

InstallVibes scan result from Virus Total

Since some of the anti-virus programs detected the InstallVibes file, I got curious and decided to test it to see what it installed. The following software is bundled and disclosed in the InstallVibes installer:

  • Qone8
  • ProductivityPro
  • Optimizer Pro
  • Wajam
  • BestMarkit
  • MoboGenies
  • PriceMeter
  • OMG (OnlineMusicGroove)
  • ClipHD
  • MyPcBackup

This is how the web page looked like when I found the InstallVibes file. It appeared in a few variants:

InstallVibes Video Downloader InstallVibes "Highly Recommened" InstallVibes "Download Ready" using user interface that looks like the Windows 7 user interface style.

Did you also find an InstallVibes file? What kind of download was it?

If you also have a file digitally signed by InstallVibes, please upload at www.virustotal.com to see if anything is detected or if it comes up clean. I’d be very interested to see the scan result. Please post the link to the scan result in the comments field below. Thank you!