{"id":1284,"date":"2014-08-07T22:06:09","date_gmt":"2014-08-07T22:06:09","guid":{"rendered":"http:\/\/www.freefixer.com\/b\/?p=1284"},"modified":"2018-05-29T12:02:48","modified_gmt":"2018-05-29T12:02:48","slug":"file-monarch-java_setup-exe","status":"publish","type":"post","link":"https:\/\/www.freefixer.com\/b\/file-monarch-java_setup-exe\/","title":{"rendered":"File Monarch & java_setup.exe – Stay away from it – 34% detection rate"},"content":{"rendered":"

If you are a regular here on the FreeFixer blog you know that I’ve been looking on the certificates used to sign files that bundled various types of unwanted software.<\/p>\n

While I was looking around on some recently submitted files here on freefixer.com<\/a> I found a file called java_setup.exe<\/a> signed by a company called File Monarch<\/strong>. The problem here is that if this really was a setup file for Java<\/a>, it would have been digitally signed by Oracle<\/a> and not by \u00a0some unknown company. This looks very suspicious. And the VirusTotal report shows that the File Monarch<\/strong>\u00a0file should be avoided, since java_setup.exe<\/strong> is detected as Adware.IBryte<\/strong>, Optimum Installer<\/strong> and Trojan.Win32.Buzus<\/strong>.<\/p>\n

\"File<\/a><\/p>\n

This tactic appears to be pretty common to get users to install something that they didn’t want: Pop up some file and claim that Java or the Flash Player needs to be updated.<\/p>\n

Well, hope that helped you avoid some adware or whatever this java_setup.exe<\/strong> file would install.<\/p>\n

Did you also find some file signed by File Monarch<\/strong>, or a file falsely claiming to be a Java setup file? Where did you find them?<\/p>\n

I’ll dig around a bit more in the FreeFixer database to see if there’s some other faked Java setup files.<\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

If you are a regular here on the FreeFixer blog you know that I’ve been looking on the certificates used to sign files that bundled various types of unwanted software. While I was looking around on some recently submitted files here on freefixer.com I found a file called java_setup.exe signed by a company called File … Continue reading File Monarch & java_setup.exe – Stay away from it – 34% detection rate<\/span> →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3,54],"tags":[141],"_links":{"self":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/1284"}],"collection":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/comments?post=1284"}],"version-history":[{"count":9,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/1284\/revisions"}],"predecessor-version":[{"id":1294,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/1284\/revisions\/1294"}],"wp:attachment":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/media?parent=1284"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/categories?post=1284"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/tags?post=1284"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}