Avast antivirus claims java update is infected



  • Avast antivirus claims the "chrome.java-api-update . com" is infected with JS:Cryptonight[Trj]. Frequently when clicking the mouse, I get a popup informing me that the connection was aborted. It has become more than annoying. Any suggestions. Only happens in Vivaldi, not in the latest version of Opera. Haven't tried other browsers since it seems to be a Chrome based problem.



  • Strange, I didn't think any Chromium-based browsers still supported Java ...



  • I have java in my PC for being used by some utilities that I use, but this link necessarily has to be a fake, since no Chromium uses Java and the link of Java update can not have therefore the string 'chrome-java....'

    The official address is https://www.java.com/



  • The IP for chrome.java-api-update. com crosses to 178.63.71.22 with a server hostname of "static.22.71.63.178 clients.your-server. de" owned by Hetzner Online GmbH. (I've intentionally obfuscated all links). I couldn't find any blacklistings for the IP, but it seems peculiar that anything related to Chrome or Java would operate via an obscure webserver in Kassel, Germany.


  • Moderator

    Let check Virustotal the domain at and you will see found Malware alerts.



  • @blackbird Thank you. Jerry


Log in to reply
 

Looks like your connection to Vivaldi Forum was lost, please wait while we try to reconnect.