Solved

Nation Zoom virus

Posted on 2013-12-10
7
641 Views
Last Modified: 2013-12-10
I have a badly infected system with Nation Zoom.   It doesn't appear that doing a system restore gets rid of it which suggests that all of the restore points may be infected.   Has anyone of the EE's advisors found a successful way to completely rid a Windows 7 system of the virus?  I've used all of the normal things...virus engine, malwarebytes, ccleaner etc. etc.  I have not tried combo fix and tend to stay away from that until I have no other mechanism.  Any ideas will be appreciated.
0
Comment
Question by:tonyadam
  • 3
  • 2
  • 2
7 Comments
 
LVL 24

Expert Comment

by:aadih
ID: 39708853
It's an add on (plugin). Please follow the instructions at the following page to remove it:

http://malwaretips.com/blogs/nation-zoom-removal/ >
0
 

Author Comment

by:tonyadam
ID: 39708869
I already did that and it did not remove it from the IE browser.  It did help with removing it from Chrome and Firefox.  Will try again.  I'm doing another system restore right now to the oldest one I can ID to see if the virus is embedded in that restore point as well. Hopefully, it isn't.  Will post again when I get the restore point up and running.
0
 
LVL 24

Accepted Solution

by:
aadih earned 250 total points
ID: 39708900
Try scanning your PC with AdwCleaner:

http://www.bleepingcomputer.com/download/adwcleaner/ >
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 14

Assisted Solution

by:comfortjeanius
comfortjeanius earned 250 total points
ID: 39708973
windows key + r

Type: inetcpl.cpl
Advanced tab -----> Reset.... ------> check "Delete personal settings" ------> Reset ------> click "OK" -----> click "Close

Remove Nation Zoom extensions from Firefox

Tools ---> Add-ons ----> Extensions tab -----> "Remove Nation Zoom, Extended Protection and any other unknown extensions from Mozilla Firefox.

Reset your default search engine and homepage from NationZoom.com to default on Firefox, by installing the SearchReset extension add-on


If you have Chrome  Go to Tools ----> Extensions tab -------> remove " Extended Protection"


Right-click the Internet Explorer Icon -------> Properties --------> Shortcut -------> Target  "Check to see if a nationzoom.com URL is after the iexplore.exe"

Do the same for Firefox if it is install, and probably for Chrome.



    For Internet Explorer: “C:\Program Files\Internet Explorer\iexplore.exe” for Windows 32-bit or “C:\Program Files\Internet Explorer (x86)\iexplore.exe” for Windows 64-bit.

    For Mozilla Firefox: “C:\Program Files\Mozilla Firefox\firefox.exe” for Windows 32-bit or “C:\Program Files (x86)\Mozilla Firefox\firefox.exe” for Windows 64-bit.

    For Google Chrome: “C:\Program Files\Google\Chrome\Application\chrome.exe”

Now Scan with Bleeping Computer Adwcleaner

Since you already scan with Malwarbytes

Try HitmanPro


Plus if you get lost in the instruction here some help
0
 

Author Closing Comment

by:tonyadam
ID: 39709077
I elected to award points to both of you for your prompt response.  Basically, I restored the oldest restore point I could find and that fixed the problem.  I did run Adw and the other recommendations to ensure Nation Zoom was not present.  ADW did remove lots of junk which should help. All seems OK now.  Thanks again.
0
 
LVL 24

Expert Comment

by:aadih
ID: 39709089
Great. You did it. :-)
0
 
LVL 14

Expert Comment

by:comfortjeanius
ID: 39709106
Good Job!!!

@(^_^)@
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most PC repair technicians (if not all) always start their cleanup process by emptying the temp folders before running any removal tools. It makes sense because temp folders are common places for malware installers to lurk and removing all the junk …
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question