“Windows Detected ZEUS Virus” Scam - How To Remove?

Type: Trojan

“Windows Detected ZEUS Virus” scam is most likely displayed by a Trojan or another malware parasite (like adware), currently affecting your operating system. This pop-up is categorized among other technical support scams like “Microsoft Error: Unknown System Failure” and “Microsoft Office Activation”. If this message locks access to your browser, you should simply open Windows Task Manager and shut down that browser’s process.

ZEUS Trojan horse really does exist, and it has been crowned as one of the most frightening malware samples. It is exploited for a number of cyber crimes and was mostly interested in stealing banking information by man-in-the-browser keystroke logging and form grabbing (SecureWorks). Trojan is similar to other infections like SpyEye malware. Furthermore, ZEUS shares similarities with Koobface worm: they both were exploited to trick people in thinking that their operating systems are compromised.

“Windows Detected ZEUS Virus” technical support is not real: it is a scam

“Windows Detected ZEUS Virus” scam

Although ZEUS has been widespread and has jeopardized millions of computers, “Windows Detected ZEUS Virus” virus is a stunt that hackers are attempting to pull. We have discovered that even Command Prompt and Event viewer were included into these scams to make them more believable (Wikipedia).

“Windows Detected ZEUS Virus” scam is going to report that computers have allegedly caught ZEUS. Creators of this hoax will include phone numbers of helplines that are supposed to connect victims with professional consultants. According to the message, +1-800-919-6053, (855) 247-2419 or 1-888-411-9933 phone numbers must be called.

If a person closes its browser via Task Manager, access to that operating system will be disabled. This is not true as such an action will not take place. According to our research, surfers can receive “Windows Detected ZEUS Virus” pop-ups from Defaultprogramsystem.com, Crash-h3a23z.info and many other similar domains.

Zeus infection showing up on Google results

As discovered by TalosIntelligence, Zeus Panda banking trojan now is distributed using SEO (search engine optimisation) to rank on Google results pages, displaying links to malicious websites and distributing virus this way. Almost all malicious websites are targeted to keywords related to finances. Some of them are: “nordea sweden bank account number”, “al rajhi bank working hours during ramadan”, “how many digits in karur vysya bank account number”, “free online books for bank clerk exam”, “how to cancel a cheque commonwealth bank”, “salary slip format in excel with formula free download”, “bank of baroda account balance check”, “bank guarantee format mt760”, “free online books for bank clerk exam”, “sbi bank recurring deposit form” and “axis bank mobile banking download link”. This way cyber criminals try to ensure that their potentially victims are using online financial operations, thus infected computers could convert into stolen private data.

Your computer does not have a ZEUS Trojan

We have to make one thing clear: even if you see this “Windows Detected ZEUS Virus” technical support scam, this does not mean that ZEUS has infected your operating system. In fact, detecting this Trojan horse malware is a complex task since virus exploits stealth techniques. If not every up-to-date anti-virus application can find it, a random pop-up has even less chances.

The only reason by “Windows Detected ZEUS Virus” pop-up is demonstrated is to sell rogue anti-virus software or to gain remote access over computers. If a person contacts any of the earlier enumerated helplines (there might be more), he or she will be urged to purchase a tool that will eliminate malware (MakeUseOf).

On the other hand, alleged specialists might require users to give them remote access to operating systems. However, both of these decisions are wrong. As we have mentioned, you should open your Windows Task Manager and enable the necessary browser process. Additionally, these scammers could be requiring some personal information, or even tricking users into revealing their credit card details.

How to act after receiving “Windows Detected ZEUS Virus” virus?

This message is a signal that your device might be struggling with a malware infection. It could be an adware parasite and it is a certainly easier to treat than a Trojan. Adware program should be removed from Control Panel. Before that, concerned people should check whether there are suspicious and unknown programs found among the list of active applications. Also, user might remember installing a random application himself/herself.

However, if your operating system is infected with a Trojan, the removal becomes more complicated. You should run a scan with Reimage and see whether you should be concerned about your cybersecurity. Lastly, we have to emphasize that visiting websites could infect you with viruses. Online advertisements are no better and could be the reason you have been alarmed by “Windows Detected ZEUS Virus” scam.

How to remove “Windows Detected ZEUS Virus” scam using Windows Control Panel

Many hijackers and adware like Zeus Panda install some of their components as regular windows programs as well as additional software. This part of malware can be uninstalled from Control Panel. To access it, do the following.
  • Start→Control Panel (older Windows) or press Windows Key→Search and enter Control Panel (Windows 8);
    Control panel
  • Choose Uninstall Program;
    Programs and features
  • Go through a list of programs and select entries related to “Windows Detected ZEUS Virus” scam .
    Remove toolbars
  • Click uninstall button.
  • In many cases anti-malware programs are better at detecting related parasites, thus I recommend installing Spyhunter or Reimage to identify other programs that might be a part of this infection.
    Scan with spyhunter
This method will not remove some of browser plugins therefore proceed to the next part of the removal guide.
Removing Zeus Panda from your browsers

Automatic “Windows Detected ZEUS Virus” scam removal tools

Note: Reimage trial provides detection of parasites and assists in their removal for free. You can remove detected files, processes and registry entries yourself or purchase a full version.  We might be affiliated with some of these programs. Full information is available in disclosure     

About the author

 - Virus researcher

I’m a virus researcher and my field of specialization involves but is not limited to the newly-developed ransomware variants. In my opinion, crypto-viruses are highly-underestimated and some Internet users have very few opportunities to learn about their symptoms before it is too late. Our goal here in 2-viruses.com is to make sure that crucial information about the most relevant malware samples would be available for everyone.

August 31, 2017 08:14, November 16, 2017 09:25

Leave a Reply

Your email address will not be published. Required fields are marked *