how to remove zerohorizon.net virus

i tried possible all things but automatically open new tab zerohorizon.net site in google chrome. any expert level answer ?
how to to remove this without reinstall or reset windows 7
12 answers Last reply
More about remove zerohorizon net virus
  1. Go to www.malwarebytes.org and download the free version - not the trial version. Instal and update it and it should deal swiftly with the nasty stuff.

    After that you may as well uninstall it because it works best when you download the latest issue.
  2. Hi, Saga Lout

    Thank you for provide best solutions. i have tried it but zerohorizon.net virus is still there. any other way to resolve this issue ?
  3. Whichever you're using, you need to start off by clearing all the browsing History, all Cookies and all search History as well. Go this site https://www.majorgeeks.com/mg/getmirror/trend_micro_hijackthis,1.html to download HijackThis

    Follow the instructions to run it then when you see the results page, copy it and paste it here and I'll look over it and suggest which to tick items to remove.

    Don't use the browser until you and I have got together and done some work on it.
  4. Whichever you're using, you need to start off by clearing all the browsing History, all Cookies and all search History as well. Go this site https://www.majorgeeks.com/mg/getmirror/trend_micro_hijackthis,1.html to download HijackThis

    Follow the instructions to run it then when you see the results page, copy it and paste it here and I'll look over it and suggest which to tick items to remove.

    Don't use the browser until you and I have got together and done some work on it.


    Thanks for your service
  5. Not Resolve : Every time generate new link and i have also blocked DNS but problem is still there
    http://zerohorizon.net/2018/12/06/alexa-can-now-find-the-right-amazon-music-playlist-by-having-a-conversation-with-you/
  6. Whichever you're using, you need to start off by clearing all the browsing History, all Cookies and all search History as well. Go this site https://www.majorgeeks.com/mg/getmirror/trend_micro_hijackthis,1.html to download HijackThis

    Follow the instructions to run it then when you see the results page, copy it and paste it here and I'll look over it and suggest which to tick items to remove.

    Don't use the browser until you and I have got together and done some work on it.


    http://zerohorizon.net/2018/12/06/alexa-can-now-find-the-right-amazon-music-playlist-by-having-a-conversation-with-you/

    Not Resolve : Every time generate new link and i have also blocked DNS but problem is still there
  7. Are you going to let me see the results of the HJT scan?

    I may be able to help but I can't do anything just sitting here with no information to work on.
  8. Are you going to let me see the results of the HJT scan?

    I may be able to help but I can't do anything just sitting here with no information to work on.


    Dear Saga Lout,
    Thank you for give best solutions,

    As per our conversion HJT result is ready.

    See here HJT result :

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 10:33:09 AM, on 12/08/2018
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)


    Boot mode: Normal

    Running processes:
    C:\ProgramData\Microsoft\Windows\WER\wermgr.exe
    C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    c:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X7\Programs\CorelDrw.exe
    E:\Software\HijackThis.exe
    C:\Windows\SysWOW64\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Canon LBP2900 Status Window.lnk = C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F1718D2F-18AB-4B00-9346-88A465BA6C46}: NameServer = 192.168.0.1,8.8.8.8
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Agent Server 7.3 - Quick Heal Technologies Ltd. - C:\PROGRA~2\Seqrite\ENDPOI~1.3\Admin\ACASSRVC.EXE
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: Realtime Behavior Detection (arwsrvc) - Quick Heal Technologies Ltd. - C:\Program Files (x86)\Seqrite\Endpoint Security 7.3\Seqrite\ARWSRVC.EXE
    O23 - Service: Behavior Detection System - Quick Heal Technologies Ltd. - C:\Program Files (x86)\Seqrite\Endpoint Security 7.3\Seqrite\bdssvc.exe
    O23 - Service: Client Agent 7.3 - Quick Heal Technologies Ltd. - C:\Program Files (x86)\Seqrite\Endpoint Security 7.3\Cagent\ACCASRVC.EXE
    O23 - Service: Core Mail Protection - Quick Heal Technologies Ltd. - C:\Program Files (x86)\Seqrite\Endpoint Security 7.3\Seqrite\EMLPROXY.EXE
    O23 - Service: Core Scanning Server - Quick Heal Technologies Ltd. - C:\Program Files (x86)\Seqrite\Endpoint Security 7.3\Seqrite\SAPISSVC.EXE
    O23 - Service: Core Scanning ServerEx - Quick Heal Technologies Ltd. - C:\Program Files (x86)\Seqrite\Endpoint Security 7.3\Seqrite\SAPISSVC.EXE
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Mysql For EPS 7.3 - Unknown owner - C:\Program Files (x86)\Seqrite\Endpoint Security 7.3\Admin\mysql\bin\mysqld.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Online Protection System - Quick Heal Technologies Ltd. - C:\Program Files (x86)\Seqrite\Endpoint Security 7.3\Seqrite\opssvc.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: PwRecoveryBundleService - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: Quick Update Service - Quick Heal Technologies Ltd. - C:\Program Files (x86)\Seqrite\Endpoint Security 7.3\Seqrite\quhlpsvc.exe
    O23 - Service: RepairService - Quick Heal Technologies Ltd. - C:\Program Files (x86)\Seqrite\Endpoint Security 7.3\Seqrite\reprsvc.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Seqrite Endpoint Security Helper Service WSC (ScanWscS) - Quick Heal Technologies Ltd. - C:\Program Files (x86)\Seqrite\Endpoint Security 7.3\Seqrite\SCANWSCS.EXE
    O23 - Service: Core Browsing Protection (ScSecSvc) - Quick Heal Technologies Ltd. - C:\Program Files (x86)\Seqrite\Endpoint Security 7.3\Seqrite\ScSecSvc.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Update Manager 7.3 - Quick Heal Technologies Ltd. - C:\PROGRA~2\Seqrite\ENDPOI~1.3\Updmgr\UMNGRSVC.EXE
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-20001 (WMSVC) - Unknown owner - C:\Windows\system32\inetsrv\wmsvc.exe (file missing)

    --
    End of file - 8608 bytes
  9. I'll look at it properly in a while but first, uninstall Team Viewer and restart the system. Then in Control Panel>System>Remote tab, untick the box that allows remote control. Apply and OK your way out and restart the machine again.

    More later.
  10. Tick to remove every entry below, please, then so long as you've uninstalled Team Viewer, restart the machine and post back if you still see any problems.
    .
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F1718D2F-18AB-4B00-9346-88A465BA6C46}: NameServer = 192.168.0.1,8.8.8.8
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-20001 (WMSVC) - Unknown owner - C:\Windows\system32\inetsrv\wmsvc.exe (file missing)
  11. Tick to remove every entry below, please, then so long as you've uninstalled Team Viewer, restart the machine and post back if you still see any problems.
    .
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E}
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F1718D2F-18AB-4B00-9346-88A465BA6C46}: NameServer = 192.168.0.1,8.8.8.8
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-20001 (WMSVC) - Unknown owner - C:\Windows\system32\inetsrv\wmsvc.exe (file missing)


    Dear Saga Lout,

    Thank you so much for give me great solutions and i have a good news for you.
    zerohorizon.net virus is removed permanently by you.

    Thank you so much sir
    Have a Greate Job
    Good Luck!!
  12. I'm glad it fixed but I have to say the remote control programme, Team Viewer, didn't install in your system without some input at your end.

    Be careful not to links in any e-mail, particularly those from addresses you don't know. I have my doubts about your security utility. I believe Windows Defender would have flagged that invasion as soon as it got in.
Ask a new question

Read More

Chrome Virus