Fake Zeus Virus Detected Popup Warning

I've seen a few times where an Internet page popup displays a bogus warning about the Zeus Virus being detected.  The last one had a support number to sucker you into calling (888)289-9990.

In researching this I am very unclear as to if any sort of infection actually exists or if this is just all tricky web popups.
When I've seen these popups before I just End Task them.  Every time I've run Malwarebytes or another scanner afterwards, it has come up clean.

But googling the net shows people running adware remover, malwarebytes as well disabling and removing certain unspecified browser plugins/extensions/add-ons.

When I see one of these fake zeus popups, does it ever indicate my system is infected, not with Zeus but with the Fake Zeus Detector popup?

What's the real deal here?  Should I just close the popup, or should I take more serious measures?
AnthonyMCSEAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ITSysTechSenior Systems AdministratorCommented:
In this type of situation the scammer is doing like you mentioned they want you to call the number so they can remote control your computer and charge you for the service. You might want to take a snap shot of your startup programs and post it. You can do this by right clicking on your task bar and going to Task Manger then go to the Startup tab and use the snipping tool (built into windows and post the results). Because it shouldn't keep popping up after you ran malwarebytes etc.,. It is also quite possible that this fake detector is only coming up when you visit a certain web page (usually Java based or Flash).
AnthonyMCSEAuthor Commented:
ITSysTech - it doesn't popup all the time on a given machine, in fact fairly rare.  At the moment I don't have access to the machine I've most recently seen this on.  These Fake Zeus Popup variations have been around a log time.  Again, are they indicative of a real adware infection that generates the Fake Zeus Popup, or is the Popup fairly toothless if you don't call the fake support phone number?
ITSysTechSenior Systems AdministratorCommented:
It would be important to find out why and when it is popping up. Mainly because some users do call this number and find themselves giving their credit card to the tech scammers. Next time it happens I would note the programs running (word, fire fox etc,.) and the webpage being visited if there is one and get back to us.
The 7 Worst Nightmares of a Sysadmin

Fear not! To defend your business’ IT systems we’re going to shine a light on the seven most sinister terrors that haunt sysadmins. That way you can be sure there’s nothing in your stack waiting to go bump in the night.

dbruntonQuid, Me Anxius Sum?  Illegitimi non carborundum.Commented:
>>  or is the Popup fairly toothless if you don't call the fake support phone number?

Fairly toothless if you're getting it in a browser.  Scammer at work.  End task the page and move on.

Try changing the user's browser to something better.  I'd recommend Chrome.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ITSysTechSenior Systems AdministratorCommented:
For your reference:

"Why am I Seeing these Zeus Virus Detected PopUps?
The Windows Detected ZEUS Virus Tech Support Scam is shown through advertisements that redirect you to sites that display this scam. These advertisements can be displayed by installed adware programs or through less than reputable sites that are displaying them to generate advertising revenue. For the most part, if you see a browser based tech support scam, then you can simply close the browser and start it again. On the other hand, if you are continuously seeing popups with alerts like "Windows Detected ZEUS Virus" or "ZEUS VIRUS DETECTED", then you should scan your computer for adware and remove anything that is found. Last, but not least, if you have contacted the listed phone number and purchased any services from them, you should contact your credit card company and immediately dispute the charges as a scam."
AnthonyMCSEAuthor Commented:
ITSysTech

Not really wanting to go that route as this is on a few different machines that I've seen it on, and not just my own, and harder to track

Was more looking for someone who may have dealt with these fake Zeus infection popups:

In general when I see one of these fake zeus popups, does it ever indicate my system is infected, not with Zeus but with adware that presents the Fake Zeus Detector popup?  

Or is the popup purely generated from a malicious web advertisement that is simply popping up the Fake Zeus Detector without actually infecting my computer?
bgcbgcCommented:
I got the scam page while using Firefox to look at zabasearch.com.  Apparently the scammers hacked monetize.com which zaba uses to collect from the ads displayed when their search system is used.  Simply close the browser page and it will all go away.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.