“WARNING!!! Your Java Version is Outdated, Have Security Risks, Please Update Now!”

Are you getting messages or pop-ups while browsing the web saying:

“The page at http://s.mjytsw com says: WARNING!!! Your Java Version is Outdated, Have Security Risks, Please Update Now!”

WARNING!!! Your Java Version is Outdated, Have Security Risks, Please Update Now!

When I got this message I was redirected to a “Java Update”. The update was digitally signed by a company called Fileangels, so it’s clearly not an official Java update. The Fileangels file is detected by some of the anti-virus programs at VirusTotal. A real Java update should be digitally signed by the company that owns Java, that is Oracle America, Inc.

I got these faked Java warnings while browsing with Firefox, but they can probably also appear if you are using Chrome or Internet Explorer as you web browser.

So, why are you getting these faked Java Update pop-ups? Most likely you have some adware installed on your machine. When I got these ads, I had lots of adwares installed on my lab machine. After removing them with FreeFixer, the “Java Update” pop-ups stopped. These where the adware programs I had and uninstalled: Browser WardenSmartOnesTinyWalletBlockAndSurfHQ-Video-Pro-2.1c.

To remove these faked Java warnings I would begin to examine the Add/Remove programs dialog in the Control Panel to see if something suspicious is listed there and remove it. Do you see some program that you don’t remember installing? If you sort the programs on the “Installed On” date, do you see anything that was installed approximately about the same time as you first noticed the “Java” warnings?

I think you should also check the add-ons installed into Chrome, Firefox, Internet Explorer. Do you see anything suspicious? Something that you don’t remember installing?

If that did not fix the problem, you can give FreeFixer a try. It’s a tool that I’ve been working on for some time now. FreeFixer is designed to help you manually identify and remove unwanted software, such as the adware that’s running on your machine. FreeFixer scans the processes running on your computer, browser add-ons, startups, scheduled tasks, recently modified files, and lots of other locations. FreeFixer is freeware and its removal feature is not crippled liked many other malware removers out there. If FreeFixer solved your problem, please help me spread the word and let your friends know about it.

Tip: If you are having difficulties to figure out whether a file or setting in FreeFixer’s scan result is legitimate or if it should be removed, please check out the information shown on the More Info page. It will show a VirusTotal report which can be quite useful when trying to determine whether to keep or remove a file.

Click the More Info links to get a VirusTotal report about the file.
The “More Info” links in FreeFixer. Click for full size.

Which adware programs did you have to uninstall to get rid of the “Java Update” warnings?

And if you are looking for the real Java download, go to the official Java site: https://www.java.com/en/

Thanks for reading.

Update 2014-10-26: These fake Java warnings are still going on. Found the same type of pop-up, but this time it mentions another web site: d.andoie.com. What web site does your  warning message mention?

d.andoie.com fake java warning pop-up

When clicking on the warning message, the faked Java site at phohyt.com opens up. Is this the site you are redirected to as well?

phohyt.com fake java site

Update 2014-10-27: The pop-ups are still appearing. Now they mention d.mobcgm.com and d.mobdty.com. If clicking the OK button in the dialog, apprfv.com opens up containing a faked java update site.

d.mobcgm.com pop-up d.mobdty.com fake java

s4.apprfv.com site

Update 2014-10-30: These fake Java warnings and faked Java sites are still popping up. Today the pop-up mention www.qposwe.com and debajxcj.com and the faked site is hosted at irzsmdcs.com:

debajxcj.com warning

www.qposwe.com warning

irzsmdcs.com fake java site


Update 2014-11-11: This is still going on. zpkaid.com is used host the fake Java Update site. The title of the page is “Update for Your Computer” and the download is signed by Safe Down.

zpkaid.com java warning

Update 2014-11-13: Today the fake update site is hosted zrmica.com.

Update 2014-11-14: Today the fake site is hosted at zszpkt.com and ztcdnr.com. The downloads are signed by “Safe Down” and Fileangels.

Update 2014-11-16: Now the fake site is hosted at zwkuvp.com.

9 thoughts on ““WARNING!!! Your Java Version is Outdated, Have Security Risks, Please Update Now!”

  1. I have the java popup problem exactly as described on you site here. However, after running 3 other programs and finally coming across yours I dont have anything that looks like adware. I have click on more info for everything I do not recognize.
    Do you have any suggestions for me. Thank you for your time.

    Dr Allen

  2. Hi,I’ve been getting all the “Your Java version is outdated,have serucity risks..” popups for quite some time now.Many sites that I’ve visited recommend downloading virus removals and spywares but everytime I download the softwares,they require you to purchase them to get rid of the threats in your computer.I’m sick and frustrated because I have already wasted lots of time scanning and downloading the softwares into my computer.I would like to know if this software you have recommended is free or does it require you to purchase it to get rid of the viruses?hope you’ll reply to this comment because it’s very important to me.


  4. I keep getting this pop-up periodically, along with some really annoying ads on google and other webpages. Does not seem to affect email and Facebook. I forget the name of the previous ones, but this around it’s from “http://b1.zeefie.com”, and the ads say “Ad by Topbuyer”.
    Only way around this is to uninstall the suspicious stuff (how the hell did it get there?!!) and reset the Forefox settings. It seems like it happens overnight without me noticing (this is my work pc).
    So annoying. I hope it helps, let us know if you’re onto something!!

    OS: Windows 10 Preview, 32-bit installation. Firefox v33.1.1

    Uninstalling Mozilla Firefox will not resolve this issue, nor will any spyware remover I tried. Adwcleaner got close after several runs of it, however one file it kept removing continued to return, located in the folder named below.

    NOTE: The uninstall of Firefox DOES NOT remove a hidden folder. Deleting the hidden folder resolved the issue for me. My last recourse was to dump and re-install Win10. Na-ga-da.

    SOLUTION: (mine, anyway)
    1) Set the folder options to show hidden system folders. [Win 8&10: in any folder, select View>Options>View tab, uncheck “Hide protected operating system files”
    2) Delete the “Mozilla” roaming folder at this location:
    C:\users\[your user name]\AppData\Roaming\Mozilla.


Comments are closed.