Remove „ZEUS VIRUS DETECTED“ Scam

Remove “ZEUS VIRUS DETECTED” Scam

This article will help you remove “ZEUS VIRUS DETECTED” fully. Follow the tech support scam removal instructions at the end of the article.

“ZEUS VIRUS DETECTED” is a message which is related to a huge amount of scams, involving fake tech support teams. Trojan horse and ransomware viruses might be implemented in the scheme as well. These scams usually have websites that spread them, and can lock you out of your browser, making it unreachable. Some of the “ZEUS VIRUS DETECTED” scams are more detailed and interact with your PC in a more complex way. They can lock your desktop, holding your system as a hostage similarly to ransomware viruses. Your files won’t be encrypted unless such a threat is accompanying the scam. Heaps of fake phone numbers are used to siphon money from callers. In most cases on the other line the cybercriminals pretend to work for Microsoft.

Threat Summary

Name"ZEUS VIRUS DETECTED" Scam
TypeTech Support Scam
Short DescriptionA tech support scam stating that your computer is blocked due to the infamous Zeus virus. In some cases your PC is indeed blocked, almost beyond repair. The trick to the scam is to call a phone number, that is usually presented as a Microsoft Help Desk one.
SymptomsA message such as “ZEUS VIRUS DETECTED” pops up on your screen in the form of boxes, full-page or in any kind of other alert or notification message. While the messages appear, your PC or screen will get locked, and you will be asked to contact a phone number. That number is related to cybercriminals that pretend to be tech support.
Distribution MethodFreeware Installers, Suspicious Sites, Redirects, Trojan Horse
Detection Tool See If Your System Has Been Affected by "ZEUS VIRUS DETECTED" Scam

Download

Malware Removal Tool

User ExperienceJoin Our Forum to Discuss "ZEUS VIRUS DETECTED" Scam.

“ZEUS VIRUS DETECTED” Scam – Spread

The “ZEUS VIRUS DETECTED” spreads in many ways. A common way for it to appear is when you are surfing the Web. When you visit websites which are suspicious and of unknown origin, they can spread the scam via redirect links or advertisements. Clicking on the ads or redirects is not always necessary as any interaction with the site might trigger them. Sometimes, just by leaving a website open can drop malicious files on your computer which load other sites supporting the scam. Phishing websites can make the message of the scam appear, too. It is easy to land on such sites because of a single spelling mistake in a URL.

The worst case scenario that can happen to show you the “ZEUS VIRUS DETECTED” scam message is if you have a Trojan horse present in your system. The Trojan horse may have installed itself using some of the spread methods mentioned above. In other cases, you may have installed it, without realizing that. You may have thought that you are installing an application which is useful. Many such third-party programs come bundled with other freeware and supposedly useful software. Unfortunately, some can secretly install additive features or even malware. One way to avoid is to search for a tickbox or a setting that allows you to deselect the installment of such additive features.

“ZEUS VIRUS DETECTED” Scam – Analysis

“ZEUS VIRUS DETECTED” a message that can appear on your screen from a tech support scam. The message can appear in a website page, notification, an error or a pop-up message. A phone number is always provided, which is supposed to be a number for contacting support technicians from Microsoft or another reputable company from the security sphere. They might even use the Windows logo at some instances or even use the layout of the Windows website to make the scam more believable like shown below:

The message states the following:

** ZEUS VIRUS DETECTED – YOUR COMPUTER HAS BEEN BLOCKED **

Error: Virus – Trojan Backdoor Hijack #365838d7f8a4fa5

IP: [your ip address] Browser:Internet Explorer [Your ISP]

Please call computer system technician immediately on: (855) 247-2419

Please do not ignore this safety alert. Your Microsoft System Has Been Compromised. If you close this page before calling us, your computer access will be disabled to prevent further damage and your data from being stolen.

In this case you see that message, know that your screen will look like its locked, but that is just a presumption. What is actually being locked is the browser itself. Furthermore, the tab at the top will be changed to say something like Microsoft. You could get bombarded with pop-ups, redirects and new windows of your browser opening and doing the same. Clicking somewhere on the page should disable your cursor or you could select text depending on the browser.

The following two Web domains are known to be associated with the “ZEUS VIRUS DETECTED” scam:

  • http://54.71.45.30/18009196053/?3678338184=1493225951a13daffaa8febc91a72c9e105e814fb6ee4774c6
  • http://crash-h3a23z.info/contact/?a=AZ&pagex-7&s1=Ln792kKtyOyEUwaAqYnZPC4D-hlmPJcBJcBggHWaas-CRC8lfrDthVek73sOx

As your browser becomes locked, it could seem like your entire screen is blocked and you don’t have any access to it. In actuality, that is not true, as only your browser is locked but being pushed on top of all other windows, thus hiding them. You can still interact with your computer system by clicking the “Windows” button or the combinations known as “Ctrl+Alt+Del” etc. In some browsers, clicking on the “X” button also works, surprisingly.

Other examples of such messages include:

The text inside being:

**** Dont Restart Your Computer ****
Windows Detected ZEUS Virus, The Infection detected, indicate some recent downloads on the computer which in turn has created problems on the computer. Call technical support +1-800-919-6053 and share this B2957E to the Agent to Fix This.

and the following one threatening you that your hard drive will get wiped upon closing the browser’s page:

Your Hard drive will be DELETED if you close this page. You have a ZEUS virus! Please call Support Now!. Call Toll-Free: 0800-014-8826 To Stop This Process

Are you sure you want to leave this page?

Do not ignore this critical alert. If you close this page, your computer access will be disabled to prevent further damage to our network.Your computer has alerted us that it has been infected with a Pornographic Spyware and riskware. The following information is being stolen…
Financial Data
Facebook Logins
CC Details
Email Account Logins
Photos stored on this computer
You must contact us immediately so that our expert engineers can walk you through the removal process over the phone to protect your identity. Please call us within the next 5 minutes to prevent your computer from being disabled or from any information loss.

The con artists want to make you believe that the only way for fixing your computer machine is by calling a phone number, provided on the website. To help assist that further, a pre-recorded audio message will play, suggesting that your PC is infected with malware. They also will lie to you that they are part of the Microsoft technicians team or a similar one. That statement is not true and you should know that Microsoft doesn’t even have a phone number for Support. The whole charade is made in a way to convince you into calling the provided telephone number.

“ZEUS VIRUS DETECTED” Scam – Update September 2017

Throughout the period that these scams have been active, newer notifications and texts have come out. Below you can see some of the latest instances, which includes this message:

That message states the following:

Windows Defender Alert : Zeus Virus Detected In Your Computer
Please Do Not Shut Down or Reset Your Computer.

The following data will be compromised if you continue:

1. Passwords

2. Browser History

3. Credit Card Information

4.LocaI Hard Disk Files.

This virus is well known for complete identity and credit card theft Further

action through this computer or any computer on the network will reveal

private information and involve serious risks.
Call Microsoft Technical Department: +1 (888) 370-52-70 (Toll Free)

The next scam has also been reported by user fallen victim to it:

Its text reads:

Microsoft Alert

System Blocked for Security Reasons.

Call Microsoft Toll Free: 1-800-201-3517
Please ensure you do not restart your
computer it may lead to Permanent Damage to
the System or Data loss.

WARNING – Microsoft windows has detected
that a zeus virus has infected your system
and trying to steal FINANCIAL INFORMATION,
pictures, data and social networking
passwords.

Please Call Microsoft 1-800-201-3517 Now for
Support.

Error Code : rundll32.exe

Those are alerts that claim that they are official alerts of Microsoft Windows and that the Zeus virus was detected on your computer.

Do NOT try calling the phone number under any circumstances. It is not toll free as promoted on the website, and even the shortest call may cost you a fortune. Not to mention that, while the con artists can present themselves as Microsoft employees, or any other reputable partners, they will try to get personal information and financial data about you. That information can be sold, and you could get into bigger problems, such as identity theft, your bank accounts getting emptied etc.

“ZEUS VIRUS DETECTED” Scam Removal

To remove the “ZEUS VIRUS DETECTED” tech support scam and its related files manually from your PC, follow the step-by-step removal instructions provided below. If the manual removal guide does not get rid of the scam and its redirects completely, you should search for and remove any leftover items with an advanced anti-malware tool. Software like that will keep your system secure in the future.

Manually delete "ZEUS VIRUS DETECTED" Scam from Windows and your browser

Note! Substantial notification about the "ZEUS VIRUS DETECTED" Scam threat: Manual removal of "ZEUS VIRUS DETECTED" Scam requires interference with system files and registries. Thus, it can cause damage to your PC. Even if your computer skills are not at a professional level, don’t worry. You can do the removal yourself just in 5 minutes, using a malware removal tool.

1. Remove or Uninstall "ZEUS VIRUS DETECTED" Scam in Windows
2. Remove "ZEUS VIRUS DETECTED" Scam from Your Browser and Your Registry Editor

Automatically remove "ZEUS VIRUS DETECTED" Scam by downloading an advanced anti-malware program

1. Remove "ZEUS VIRUS DETECTED" Scam with SpyHunter Anti-Malware Tool and back up your data
Optional: Using Alternative Anti-Malware Tools

Berta Bilbao

Berta is the Editor-in-Chief of SensorsTechForum. She is a dedicated malware researcher, dreaming for a more secure cyber space.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...