If you are a regular here on the FreeFixer blog you know that I’ve been looking on the certificates used to sign files that bundled various types of unwanted software.

While I was looking around on some recently submitted files here on freefixer.com I found a file called java_setup.exe signed by a company called File Monarch. The problem here is that if this really was a setup file for Java, it would have been digitally signed by Oracle and not by  some unknown company. This looks very suspicious. And the VirusTotal report shows that the File Monarch file should be avoided, since java_setup.exe is detected as Adware.IBryte, Optimum Installer and Trojan.Win32.Buzus.

This tactic appears to be pretty common to get users to install something that they didn’t want: Pop up some file and claim that Java or the Flash Player needs to be updated.

Well, hope that helped you avoid some adware or whatever this java_setup.exe file would install.

Did you also find some file signed by File Monarch, or a file falsely claiming to be a Java setup file? Where did you find them?

I’ll dig around a bit more in the FreeFixer database to see if there’s some other faked Java setup files.