ZoneAlarm Global Virus Alert About ZeuS.Zbot.aoaq: Scareware At Its Best - gHacks Tech News

ZoneAlarm Global Virus Alert About ZeuS.Zbot.aoaq: Scareware At Its Best

Scareware can be described as software that attempts to "scare" the user into making a purchase. A common example are fake antivirus solutions which may display information about alleged threats found on the computer when there are none in fact.

The information that a computer virus was found will scare users into buying additional protection to secure their system and remove the alleged threats from it.

Nico just notified me that the popular security company ZoneAlarm has started to use scareware tactics to sell more of their products.

ZoneAlarm Free Firewall users has a new notification window that informs users about a global virus alert. The notification reads "Global virus alert Your PC may be in danger! Virus Details: Risk:high Threat name: ZeuS.Zbot.aoaq", "ZeuS.Zbot.aoaq is a new Trojan virus that steals banking passwords and financial account data.

Your ZoneAlarm Free Firewall provides basic protection, but this new threat requires additional security". Options are to see the threat details or get protection.

global virus alert

The problem lies in the wording. This is not actually a threat that was found on the user's computer. It is merely a notification of the threat. But ZoneAlarm makes it look like the user's PC is infected and that there is need for action. And the action is to purchase ZoneAlarm products.

Users who read the notification carefully may notice that it is a notification, and not an infection that has been found on the system.

Is that something that the firewall usually detects? I have never used their firewall but it is unlikely that a firewall would display those messages.

The real problem here is that the alert looks like an infection was detected on the PC. What makes matters worse is that the notification does not inform users that their PC is safe right now and that users don't need to worry about that or purchase better antivirus software to detect and remove the threat.

No, it only displays an option to see the threat details or to buy a product from ZoneAlarm. That's scareware tactics at its best.

ZoneAlarm Firewall Free users who get the global virus alert should close the notification immediately. If they have an up to date antivirus software on their system it is all they need to do. If they do not have one, they should consider installing AVG 9 or Microsoft Security Essentials, both completely free and very good at detecting those kind of things.





  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:

    Comments

    1. Liom said on September 18, 2010 at 7:25 pm
      Reply

      Not only that, when you click for more information ZA claims that popular free antiviruses like AVG and Avira do not catch zeus. These claims were rubbished by the companies in question and I’m hoping to see some form of backlash against the company for this.

      1. Martin said on September 18, 2010 at 7:26 pm
        Reply

        Liom, can you provide a screenshot of this? Thanks a lot.

        1. Mart.C said on September 18, 2010 at 8:56 pm
          Reply

          Hi, Im not sure if you have a screenshot for the AVG scare, I have one if you want it for yout article.

          Mart C

    2. d00msay3r3 said on September 18, 2010 at 8:37 pm
      Reply

      This is the very reason I stopped using Zonealarm years ago. When their download went from 4megs to 40 megs I looked for something else. I use Comodo, and Avast. Work like a dream w/o any hassles and have been virus free for years…

    3. Ron H. said on September 18, 2010 at 9:32 pm
      Reply

      Shame on ZA for cheep scareware tatics. I thought they were above this but I am going to reavaluate their product.You do get what you pay for and mabie its time to try another of the other choices that dont try to scare up new business!

    4. Dave said on September 18, 2010 at 10:17 pm
      Reply

      Yup, experienced this myself for the first time on my evening boot-up about three hours ago. I have to say, the initial reaction was…….er……..what?!! (to use a polite term!). The structure and colours of the message initially makes it look for all the world like a pukka internal virus warning until looked at a little closer. Didn’t fool me as it’s quite obvious a firewall program should not do this but might well frighten less techie folk (which I would suggest it was obviously designed to do!). This seems to me to a despicable move on the part of ZA and I would have thought that they would be above scaring folk this way. It’s certainly put me off the company and the previous positive impression I had has just melted away. Whoever thought of this devious scheme within the company should be severely spoken to!

    5. Jay said on September 19, 2010 at 1:06 am
      Reply

      My first thought wenn I saw this strange warning was that the machine could be infected with some sort scareware wich tries to pretend to be Zone Alarm. Is that really what ZoneLabs wants its users to think about their product? I was a loyal user of ZoneAlarm free & pro for years, but now I`m considering a change.

    6. d00msay3r3 said on September 19, 2010 at 3:17 am
      Reply

      Switch to Comodo. It’s free as well and rated better for firewall protection.

    7. Rainne said on September 19, 2010 at 4:06 am
      Reply

      Thanks for posting this. I just got this alert myself and decided to examine it more closely since I’m on a brand new system that shouldn’t have any viruses (yet). Will be switching to Comodo tonight.

    8. Thomas said on September 19, 2010 at 6:49 am
      Reply

      I am removing zone alarm from my pc and go to kaspersky.
      I am scared of zone alarm now

    9. Dave James said on September 19, 2010 at 7:26 am
      Reply

      “What a tangled web we weave when we first practice to decieve…”

    10. Markus said on September 19, 2010 at 9:28 am
      Reply

      Looks like some folks didn’t get the lesson that we reap what we sow. Now, let’s go to the river and wait for our enemies body float by …

    11. JC R said on September 19, 2010 at 3:15 pm
      Reply

      ” If they do not have one, they should consider installing AVG 9 or Microsoft Security Essentials, both completely free and very good at detecting those kind of things. ”
      You must be kidding!!!!Those are very mediocre products. Install Antivir or Avast if you are looking for good free AV!

      1. MB T said on September 19, 2010 at 8:35 pm
        Reply

        Where do you get off making a claim like this? AVG isn’t great, but it’s free. Microsoft Security Essentials is actually a good product, and is free as well. MSE has gotten 4 out of 5 stars by the users at Cnet and got a 4.5 star rating by the editor. Apparently you are in the minority. I use MSE and have found it to be a great anti-virus and malware solution.

        http://download.cnet.com/Microsoft-Security-Essentials/3000-2239_4-10969260.html

    12. JC R said on September 19, 2010 at 3:20 pm
      Reply

      People wanting to switch from Zone Alarm firewall should consider Online Armor free (or pro), it’s considered as the best firewall nowadays and easy to use.

    13. Dave James said on September 19, 2010 at 4:08 pm
      Reply

      Please dont overlook running virtualy. The 400k free, non-invasive “Sandboxie” utility practically eliminates the need for anti-virus, anti-malware, anti-everything. I use Avira anti-virus only on demand as a selection from the right click menu to scan an individual file or directory etc. Avira isnt even running… I dont have a malwarescanner. I have installed Spybot and SUPERAntiSpyware but they never find anything year after year. Ya run ur browser in a sandboxed session – ya download stuff – ya take the stuff ya want out of the sandbox into the real system by accessing “Delete Contents” and picking out what ya want to send where ya want it on the real system. Ya probably know what ya downloaded is safe. Leave the viruses, mal-ware, scare-ware and the ‘let us help you’-ware in the sandbox and then delete the shnuts out of it (throw away the sandbox) ;) . Ya can even run a setup sandboxed if your not sure what a programinstalls or what it looks like. Good CPU to you!

    14. Redneck Wrangler said on September 19, 2010 at 5:54 pm
      Reply

      Dave James me thinks ya need to learn how to spell “you” like they taught ya in 2nd grade, or did ya skip that year? Hint: there’s 3 letters in there, not 2, just in case ya gets confuzzed.

    15. Mark said on September 19, 2010 at 7:25 pm
      Reply

      I’ve removed the scareware application ZoneAlarm, and have tried Comodo, so far so good, and on my initial experience I would say it’s better. (Windows 7 64 bit).

      I work in IT and will give ALL Checkpoint software a wide berth from now on.

      “It takes many good deeds to build a good reputation, and only one bad one to lose it” – Benjamin Franklin.

    16. Will said on September 19, 2010 at 11:49 pm
      Reply

      Goodbye Zone Alarm

    17. Markus said on September 20, 2010 at 3:19 pm
      Reply

      Check Point aka Zone Alarm know what they are doing; dumping the free firewall market.

    18. name withheld but some know me as the bunny said on September 20, 2010 at 9:41 pm
      Reply

      avast is the best and a prog called spybot search and destroy (safer-networking.com), used with with adaware (lavasoft.com) and trojan remover and a good preg from bleepingcomputer.com called combofix <which by itself will remove 99.9% of spyware/viruses and most rootkits, trojan remover removes the rest and best of all they are all free!!! you dont have to pay those greedy scare tactic companys like zone alarm!
      hope this helps some ppl never pay for protection and virus removal when you can get it for free!

    19. name withheld but some know me as the bunny said on September 20, 2010 at 9:51 pm
      Reply

      or simply run a Linux distro OS (puppy, ubuntu, kubuntu, redhat, JULinux, etc… Problem solved no viruses there and run your windows stuff through W.I.N.E or other emulator in Linux

    20. Angel said on November 21, 2010 at 1:41 pm
      Reply

      This kind of method is used many more time ago in Norton Antivirus, and not only from ZoneAlarm

    Leave a Reply