home

java_runtime_enviroment_setup.exe

My Program

Information Technology Systems doo

The installer utilizes the installCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application java_runtime_enviroment_setup.exe, “My Program Setup ” by Information Technology Systems doo has been detected as adware by 11 anti-malware scanners. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The installer is marketed through download protals and search ads as the free Oracle Java Runtime but will also install additional software offers which include adware, PUPs and browser toolbars.
Publisher:
Information Technology Systems doo  (signed and verified)

Product:
My Program

Description:
My Program Setup

MD5:
5d5384fde46bc8985d7fcca522d7e7f1

SHA-1:
4e462c1365aeee7df290512069dabd08255f0cba

SHA-256:
8881a90e415a8f72fe409e42ba2e8b2c69569018292c0f7f253311a6f517e635

Scanner detections:
11 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:
This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:
12/27/2024 7:49:12 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/InstallCore.Gen9
7.11.168.126

AVG
Generic
2015.0.3375

Dr.Web
Adware.Downware.6398
9.0.1.05190

ESET NOD32
Win32/InstallCore.PZ potentially unwanted application
7.0.302.0

K7 AntiVirus
Unwanted-Program
13.183.13125

Malwarebytes
PUP.Optional.InfoTech
v2014.08.21.01

Reason Heuristics
PUP.Installer.InformationTechnologySystemsdoo.a
14.8.21.12

Sophos
Install Core Click run software
4.98

SUPERAntiSpyware
PUP.InstallCore/Variant
10408

VIPRE Antivirus
Threat.4150696
32210

Zillya! Antivirus
Adware.InstallCore.Win32.183
2.0.0.1897

File size:
733.3 KB (750,864 bytes)

Product version:
1.5

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\java_runtime_enviroment_setup.exe

Digital Signature
Signed by:
Information Technology Systems doo

Authority:
COMODO CA Limited

Valid from:
2/18/2014 12:00:00 AM

Valid to:
2/18/2016 11:59:59 PM

Subject:
CN=Information Technology Systems doo, O=Information Technology Systems doo, STREET=Bulevar Dzordza Vasingtona 60, L=Podgorica, S=Montenegro, PostalCode=81000, C=ME

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00C5C6AC5F85C769596A73A863C86D258C

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:pbeFa9UnAqpisjqQCo8cXuYltPcM2y0pPF+9DlO7xJR2hzwwGx:piFs9qpFjtBv08jZlqzRRx

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, BF, A9, FF, FF, E8, 5E, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE...
 
[+]

Entropy:
7.8866

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

Remove java_runtime_enviroment_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.