THREAT REMOVAL

ZEUS VIRUS DETECTED Scam Removal

Are you seeing a pop-alert about a detected Trojan named Zeus? The pop-up could appear on both Windows and macOS operating systems. This article will help you remove “ZEUS VIRUS DETECTED” fully. Follow the tech support scam removal instructions at the end of the article.

ZEUS VIRUS DETECTED Virus Alert

ZEUS VIRUS DETECTED is a message which is related to a huge amount of scams, involving fake tech support teams. Trojan horse and ransomware viruses might be implemented in the scheme as well. These scams usually have websites that spread them, and can lock you out of your browser, making it unreachable.

Some of the ZEUS VIRUS DETECTED scams are more detailed and interact with your PC in a more complex way. They can lock your desktop, holding your system as a hostage similarly to ransomware viruses. Your files won’t be encrypted unless such a threat is accompanying the scam. Heaps of fake phone numbers are used to siphon money from callers. In most cases on the other line the cybercriminals pretend to work for Microsoft.

Threat Summary

Name "ZEUS VIRUS DETECTED" Scam
Type Tech Support Scam
Short Description A tech support scam stating that your computer is blocked due to the infamous Zeus virus. In some cases your PC (or Mac) is indeed blocked, almost beyond repair. The trick to the scam is to call a phone number, which is usually presented as a Microsoft Help Desk or Apple Support.
Symptoms A message such as ZEUS VIRUS DETECTED pops up on your screen in the form of boxes, full-page or in any kind of other alert or notification message. While the messages appear, your PC (Mac) or screen will get locked, and you will be asked to contact a phone number. That number is related to cybercriminals that pretend to be tech support.
Distribution Method Freeware Installers, Suspicious Sites, Redirects, Trojan Horse
Detection Tool See If Your System Has Been Affected by malware

Download

Malware Removal Tool

User Experience Join Our Forum to Discuss "ZEUS VIRUS DETECTED" Scam.

Zeus Trojan – Brief Description

Zeus Trojan horse is a piece of malware that injects itself right into a computer gadget, under incorrect pretenses, for example presenting itself as the famous program Skype. You will not be shocked to discover that the term Trojan horse in computer comes from the old Greek tale of exactly how Greek soldiers stealthily got into Troy, by using a large wooden steed, offered as a present. A infection is a destructive program that when executed, will coldly begin duplicating itself as well as infecting other programs by modifying them without the user’s authorization.

ZEUS VIRUS DETECTED Scam – Description

The ZEUS VIRUS DETECTED spreads in many ways. A common way for it to appear is when you are surfing the Web. When you visit websites which are suspicious and of unknown origin, they can spread the scam via redirect links or advertisements. Clicking on the ads or redirects is not always necessary as any interaction with the site might trigger them. Sometimes, just by leaving a website open can drop malicious files on your computer which load other sites supporting the scam. Phishing websites can make the message of the scam appear, too. It is easy to land on such sites because of a single spelling mistake in a URL.

The worst case scenario that can happen to show you the ZEUS VIRUS DETECTED scam message is if you have a Trojan horse present in your system. The Zeus Trojan horse may have installed itself using some of the spread methods mentioned above, but bear in mind that there is a clear difference between the Trojan and the scam itself. In other cases, you may have installed it, without realizing that. You may have thought that you are installing an application which is useful. Many such third-party programs come bundled with other freeware and supposedly useful software. Unfortunately, some can secretly install additive features or even malware. One way to avoid is to search for a tickbox or a setting that allows you to deselect the installment of such additive features.

ZEUS VIRUS DETECTED a message that can appear on your screen from a tech support scam. The message can appear in a website page, notification, an error or a pop-up message. A phone number is always provided, which is supposed to be a number for contacting support technicians from Microsoft/Apple or another reputable company from the security sphere. They might even use the Windows logo at some instances or even use the layout of the Windows website to make the scam more believable like shown below:

The message states the following:

** ZEUS VIRUS DETECTED – YOUR COMPUTER HAS BEEN BLOCKED **

Error: Virus – Trojan Backdoor Hijack #365838d7f8a4fa5

IP: [your ip address] Browser:Internet Explorer [Your ISP]

Please call computer system technician immediately on: (855) 247-2419

Please do not ignore this safety alert. Your Microsoft System Has Been Compromised. If you close this page before calling us, your computer access will be disabled to prevent further damage and your data from being stolen.

In this case you see that message, know that your screen will look like its locked, but that is just a presumption. What is actually being locked is the browser itself. Furthermore, the tab at the top will be changed to say something like Microsoft or maybe Apple. You could get bombarded with pop-ups, redirects and new windows of your browser opening and doing the same. Clicking somewhere on the page should disable your cursor or you could select text depending on the browser.

The following two Web domains are known to be associated with the ZEUS VIRUS DETECTED scam:

  • https://54.71.45.30/18009196053/?3678338184=1493225951a13daffaa8febc91a72c9e105e814fb6ee4774c6
  • https://crash-h3a23z.info/contact/?a=AZ&pagex-7&s1=Ln792kKtyOyEUwaAqYnZPC4D-hlmPJcBJcBggHWaas-CRC8lfrDthVek73sOx

As your browser becomes locked, it could seem like your entire screen is blocked and you don’t have any access to it. In actuality, that is not true, as only your browser is locked but being pushed on top of all other windows, thus hiding them. You can still interact with your computer system by clicking the “Windows” button or the combinations known as “Ctrl+Alt+Del” etc. In some browsers, clicking on the “X” button also works, surprisingly.

Other examples of such messages include:

The text inside being:

**** Dont Restart Your Computer ****
Windows Detected ZEUS Virus, The Infection detected, indicate some recent downloads on the computer which in turn has created problems on the computer. Call technical support +1-800-919-6053 and share this B2957E to the Agent to Fix This.

and the following one threatening you that your hard drive will get wiped upon closing the browser’s page:

Your Hard drive will be DELETED if you close this page. You have a ZEUS virus! Please call Support Now!. Call Toll-Free: 0800-014-8826 To Stop This Process

Are you sure you want to leave this page?

Do not ignore this critical alert. If you close this page, your computer access will be disabled to prevent further damage to our network.Your computer has alerted us that it has been infected with a Pornographic Spyware and riskware. The following information is being stolen…
Financial Data
Facebook Logins
CC Details
Email Account Logins
Photos stored on this computer
You must contact us immediately so that our expert engineers can walk you through the removal process over the phone to protect your identity. Please call us within the next 5 minutes to prevent your computer from being disabled or from any information loss.

The con artists want to make you believe that the only way for fixing your computer machine is by calling a phone number, provided on the website. To help assist that further, a pre-recorded audio message will play, suggesting that your PC is infected with malware. They also will lie to you that they are part of the Microsoft technicians team or a similar one. That statement is not true and you should know that Microsoft doesn’t even have a phone number for Support. The whole charade is made in a way to convince you into calling the provided telephone number.

What Is The Zeus Virus – Update November 2019

Zeus virus still spreads in some shape or form even in November 2019. But if we ask the question “What is the Zeus virus?” we might get different answers. As the real Zeus virus has stopped being pushed on the Internet in its original form a long time ago. Now we get banking Trojans based on Zeus which are all but forks of the code’s origins and used to steal banking information or open the door for bigger virus infections on computer systems. Unfortunately, it doesn’t stop there as the Zeus virus is also used in hoax messages inside some technical support scams trying to scare users into giving up personal information. In some cases the scams are used for getting victims to dial a telephone number to install malware without knowing it is such.

ZEUS VIRUS DETECTED Scam – Update February 2020

ZEUS VIRUS DETECTED is a messages that is still circling around the Internet. If you see the message, you should do your best to avoid it as nothing good will come out of it. Even if you know about the legendary Zeus virus, do not fall for the scam related to it. You do not have malware on your PC and do not have to do the action you are told to, by the ZEUS VIRUS DETECTED scam. However, many new victims fall into the trap amidst the panic that the landing page creates with the alerts and all bells and whistles thrown into the scam. That is why, even in October 2019, you should be wary of similar messages, but take time to examine them and think before you act.

ZEUS VIRUS DETECTED Scam – Update September 2019

Multiple reports have been shared in the last few months regarding new activity of the “ZEUS VIRUS DETECTED” scam. Note that this new activity may not be directly associated with fake tech support scammers. Multiple users, customers of Cox Communications (the third-largest U.S. cable company), have received weird emails from the company regarding a possible infection with the Zeus Trojan. What is most curious in these cases is that none of the customers had any malware related to Zeus on their machines, as revealed by scans with anti-virus tools.

So why are Cox’s customers receiving such warnings from the company? It may be that these users were indeed compromised by fake tech support scammers, and the company’s security somehow detected the activity and sent out warnings. Another option suggested by security forum moderators is that Cox was just trying to convince customers to subscribe to the company’s premium technical support which is paid. Of course, this hasn’t been confirmed in any way and is only a suggestion.

What we know is that there is certainly activity around the “ZEUS VIRUS DETECTED” scam and you should be on the lookout.

ZEUS VIRUS DETECTED Scam – Update January 2020

Throughout the period that these scams have been active, newer notifications and texts have come out. Below you can see some of the latest instances, which includes this message:

That message states the following:

Windows Defender Alert : Zeus Virus Detected In Your Computer
Please Do Not Shut Down or Reset Your Computer.

The following data will be compromised if you continue:

1. Passwords

2. Browser History

3. Credit Card Information

4.LocaI Hard Disk Files.

This virus is well known for complete identity and credit card theft Further

action through this computer or any computer on the network will reveal

private information and involve serious risks.
Call Microsoft Technical Department: +1 (888) 370-52-70 (Toll Free)

The next scam has also been reported by user fallen victim to it:

Its text reads:

Microsoft Alert

System Blocked for Security Reasons.

Call Microsoft Toll Free: 1-800-201-3517
Please ensure you do not restart your
computer it may lead to Permanent Damage to
the System or Data loss.

WARNING – Microsoft windows has detected
that a zeus virus has infected your system
and trying to steal FINANCIAL INFORMATION,
pictures, data and social networking
passwords.

Please Call Microsoft 1-800-201-3517 Now for
Support.

Error Code : rundll32.exe

Those are alerts that claim that they are official alerts of Microsoft Windows and that the Zeus virus was detected on your computer.

Do NOT try calling the phone number under any circumstances. It is not toll free as promoted on the website, and even the shortest call may cost you a fortune. Not to mention that, while the con artists can present themselves as Microsoft employees, or any other reputable partners, they will try to get personal information and financial data about you. That information can be sold, and you could get into bigger problems, such as identity theft, your bank accounts getting emptied etc.

How To Get Rid of ZEUS VIRUS Scam?

To remove the “ZEUS VIRUS DETECTED” tech support scam and its related files manually from your PC or Mac, follow the step-by-step removal instructions provided below. If the manual removal guide does not get rid of the scam and its redirects completely, you should search for and remove any leftover items with an advanced anti-malware tool. Software like that will keep your system secure in the future.

Tsetso Mihailov

Tsetso Mihailov

Tsetso Mihailov is a tech-geek and loves everything that is tech-related, while observing the latest news surrounding technologies. He has worked in IT before, as a system administrator and a computer repair technician. Dealing with malware since his teens, he is determined to spread word about the latest threats revolving around computer security.

More Posts

Follow Me:
Twitter


Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer

How to Remove "ZEUS VIRUS DETECTED" Scam from Windows.


Step 1: Boot Your PC In Safe Mode to isolate and remove "ZEUS VIRUS DETECTED" Scam

OFFER

Manual Removal Usually Takes Time and You Risk Damaging Your Files If Not Careful!
We Recommend To Scan Your PC with SpyHunter

Keep in mind, that SpyHunter’s scanner is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware removal tool to remove the malware threats. Read our SpyHunter 5 review. Click on the corresponding links to check SpyHunter's EULA, Privacy Policy and Threat Assessment Criteria

1. Hold Windows key() + R


2. The "Run" Window will appear. In it, type "msconfig" and click OK.


3. Go to the "Boot" tab. There select "Safe Boot" and then click "Apply" and "OK".
Tip: Make sure to reverse those changes by unticking Safe Boot after that, because your system will always boot in Safe Boot from now on.


4. When prompted, click on "Restart" to go into Safe Mode.


5. You can recognise Safe Mode by the words written on the corners of your screen.


Step 2: Uninstall "ZEUS VIRUS DETECTED" Scam and related software from Windows

Here is a method in few easy steps that should be able to uninstall most programs. No matter if you are using Windows 10, 8, 7, Vista or XP, those steps will get the job done. Dragging the program or its folder to the recycle bin can be a very bad decision. If you do that, bits and pieces of the program are left behind, and that can lead to unstable work of your PC, errors with the file type associations and other unpleasant activities. The proper way to get a program off your computer is to Uninstall it. To do that:


1. Hold the Windows Logo Button and "R" on your keyboard. A Pop-up window will appear.


2. In the field type in "appwiz.cpl" and press ENTER.


3. This will open a window with all the programs installed on the PC. Select the program that you want to remove, and press "Uninstall"
Follow the instructions above and you will successfully uninstall most programs.


Step 3: Clean any registries, created by "ZEUS VIRUS DETECTED" Scam on your computer.

The usually targeted registries of Windows machines are the following:

  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce

You can access them by opening the Windows registry editor and deleting any values, created by "ZEUS VIRUS DETECTED" Scam there. This can happen by following the steps underneath:

1. Open the Run Window again, type "regedit" and click OK.


2. When you open it, you can freely navigate to the Run and RunOnce keys, whose locations are shown above.


3. You can remove the value of the virus by right-clicking on it and removing it.
Tip: To find a virus-created value, you can right-click on it and click "Modify" to see which file it is set to run. If this is the virus file location, remove the value.

IMPORTANT!
Before starting "Step 4", please boot back into Normal mode, in case you are currently in Safe Mode.
This will enable you to install and use SpyHunter 5 successfully.

Step 4: Scan for "ZEUS VIRUS DETECTED" Scam with SpyHunter Anti-Malware Tool

1. Click on the "Download" button to proceed to SpyHunter's download page.


It is recommended to run a scan before purchasing the full version of the software to make sure that the current version of the malware can be detected by SpyHunter. Click on the corresponding links to check SpyHunter's EULA, Privacy Policy and Threat Assessment Criteria.


2. After you have installed SpyHunter, wait for it to update automatically.

SpyHunter5-update-2018


3. After the update process has finished, click on the 'Malware/PC Scan' tab. A new window will appear. Click on 'Start Scan'.

SpyHunter5-Free-Scan-2018


4. After SpyHunter has finished scanning your PC for any files of the associated threat and found them, you can try to get them removed automatically and permanently by clicking on the 'Next' button.

SpyHunter-5-Free-Scan-Next-2018

If any threats have been removed, it is highly recommended to restart your PC.


Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer

Get rid of "ZEUS VIRUS DETECTED" Scam from Mac OS X.


Step 1: Uninstall "ZEUS VIRUS DETECTED" Scam and remove related files and objects

OFFER
Manual Removal Usually Takes Time and You Risk Damaging Your Files If Not Careful!
We Recommend To Scan Your Mac with SpyHunter for Mac
Keep in mind, that SpyHunter for Mac needs to purchased to remove the malware threats. Click on the corresponding links to check SpyHunter’s EULA and Privacy Policy


1. Hit the ⇧+⌘+U keys to open Utilities. Another way is to click on “Go” and then click “Utilities”, like the image below shows:


2. Find Activity Monitor and double-click it:


3. In the Activity Monitor look for any suspicious processes, belonging or related to "ZEUS VIRUS DETECTED" Scam:

Tip: To quit a process completely, choose the “Force Quit” option.


4. Click on the "Go" button again, but this time select Applications. Another way is with the ⇧+⌘+A buttons.


5. In the Applications menu, look for any suspicious app or an app with a name, similar or identical to "ZEUS VIRUS DETECTED" Scam. If you find it, right-click on the app and select “Move to Trash”.


6: Select Accounts, after which click on the Login Items preference. Your Mac will then show you a list of items that start automatically when you log in. Look for any suspicious apps identical or similar to "ZEUS VIRUS DETECTED" Scam. Check the app you want to stop from running automatically and then select on the Minus (“-“) icon to hide it.


7: Remove any left-over files that might be related to this threat manually by following the sub-steps below:

  • Go to Finder.
  • In the search bar type the name of the app that you want to remove.
  • Above the search bar change the two drop down menus to “System Files” and “Are Included” so that you can see all of the files associated with the application you want to remove. Bear in mind that some of the files may not be related to the app so be very careful which files you delete.
  • If all of the files are related, hold the ⌘+A buttons to select them and then drive them to “Trash”.

In case you cannot remove "ZEUS VIRUS DETECTED" Scam via Step 1 above:

In case you cannot find the virus files and objects in your Applications or other places we have shown above, you can manually look for them in the Libraries of your Mac. But before doing this, please read the disclaimer below:

Disclaimer! If you are about to tamper with Library files on Mac, be sure to know the name of the virus file, because if you delete the wrong file, it may cause irreversible damage to your MacOS. Continue on your own responsibility!

1: Click on "Go" and Then "Go to Folder" as shown underneath:

2: Type in "/Library/LauchAgents/" and click Ok:

3: Delete all of the virus files that have similar or the same name as "ZEUS VIRUS DETECTED" Scam. If you believe there is no such file, do not delete anything.

You can repeat the same procedure with the following other Library directories:

→ ~/Library/LaunchAgents
/Library/LaunchDaemons

Tip: ~ is there on purpose, because it leads to more LaunchAgents.


Step 2: Scan for and remove malware from your Mac

When you are facing problems on your Mac as a result of unwanted scripts, programs and malware, the recommended way of eliminating the threat is by using an anti-malware program. Combo Cleaner offers advanced security features along with other modules that will improve your Mac’s security and protect it in the future.



Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer


Remove "ZEUS VIRUS DETECTED" Scam from Google Chrome.


Step 1: Start Google Chrome and open the drop menu


Step 2: Move the cursor over "Tools" and then from the extended menu choose "Extensions"


Step 3: From the opened "Extensions" menu locate the unwanted extension and click on its "Remove" button.


Step 4: After the extension is removed, restart Google Chrome by closing it from the red "X" button at the top right corner and start it again.


Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer


Erase "ZEUS VIRUS DETECTED" Scam from Mozilla Firefox.

Step 1: Start Mozilla Firefox. Open the menu window


Step 2: Select the "Add-ons" icon from the menu.


Step 3: Select the unwanted extension and click "Remove"


Step 4: After the extension is removed, restart Mozilla Firefox by closing it from the red "X" button at the top right corner and start it again.



Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer


Uninstall "ZEUS VIRUS DETECTED" Scam from Microsoft Edge.


Step 1: Start Edge browser.


Step 2: Open the drop menu by clicking on the icon at the top right corner.


Step 3: From the drop menu select "Extensions".


Step 4: Choose the suspected malicious extension you want to remove and then click on the gear icon.


Step 5: Remove the malicious extension by scrolling down and then clicking on Uninstall.



Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer


Remove "ZEUS VIRUS DETECTED" Scam from Safari.


Step 1: Start the Safari app.


Step 2: After hovering your mouse cursor to the top of the screen, click on the Safari text to open its drop down menu.


Step 3: From the menu, click on "Preferences".

stf-safari preferences


Step 4: After that, select the 'Extensions' Tab.

stf-safari-extensions


Step 5: Click once on the extension you want to remove.


Step 6: Click 'Uninstall'.

stf-safari uninstall

A pop-up window will appear asking for confirmation to uninstall the extension. Select 'Uninstall' again, and the "ZEUS VIRUS DETECTED" Scam will be removed.


How to Reset Safari
IMPORTANT: Before resetting Safari make sure you back up all your saved passwords within the browser in case you forget them.

Start Safari and then click on the gear leaver icon.

Click the Reset Safari button and you will reset the browser.


Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer


Eliminate "ZEUS VIRUS DETECTED" Scam from Internet Explorer.


Step 1: Start Internet Explorer.


Step 2: Click on the gear icon labeled 'Tools' to open the drop menu and select 'Manage Add-ons'


Step 3: In the 'Manage Add-ons' window.


Step 4: Select the extension you want to remove and then click 'Disable'. A pop-up window will appear to inform you that you are about to disable the selected extension, and some more add-ons might be disabled as well. Leave all the boxes checked, and click 'Disable'.


Step 5: After the unwanted extension has been removed, restart Internet Explorer by closing it from the red 'X' button located at the top right corner and start it again.


Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Stay tuned
Subscribe for our newsletter regarding the latest cybersecurity and tech-related news.