Sshnas.dll

Merci !!!!
Juste un logiciel à télécharger, rien de compliqué, c'est parfait !

Le message n'est plus apparu au démarrage.
Et j'ai vérifié, plus de clé ni quoi que ce soit dans la base de registre.

Victoire !
Merci beaucoup !

voilà le rapport :
Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Version de la base de données: 5354

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999

19/12/2010 08:53:58
mbam-log-2010-12-19 (08-53-58).txt

Type d'examen: Examen rapide
Elément(s) analysé(s): 176352
Temps écoulé: 5 minute(s), 55 seconde(s)

Processus mémoire infecté(s): 3
Module(s) mémoire infecté(s): 2
Clé(s) du Registre infectée(s): 23
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 5
Fichier(s) infecté(s): 38

Processus mémoire infecté(s):
c:\Windows\Shofee.exe (Rootkit.Agent) -> 2836 -> Unloaded process successfully.
c:\program files\relevantknowledge\rlservice.exe (Adware.RelevantKnowledge) -> 3600 -> Unloaded process successfully.
c:\program files\relevantknowledge\rlvknlg.exe (Adware.RelevantKnowledge) -> 3092 -> Unloaded process successfully.

Module(s) mémoire infecté(s):
c:\program files\relevantknowledge\components\rlxg.dll (Adware.RelevantKnowledge) -> Delete on reboot.
c:\program files\relevantknowledge\rlls.dll (Adware.RelevantKnowledge) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RelevantKnowledge (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\JP595IR86O (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Z30KYPG3WS (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Malware.Trace) -> Value: Shell -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Metropolis (Trojan.FakeAlert) -> Value: Metropolis -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
c:\program files\bulletproofsoft.com (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully.
c:\program files\bulletproofsoft.com\youtube google video grabber (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge (Spyware.MarketScore) -> Delete on reboot.
c:\program files\relevantknowledge\components (Spyware.MarketScore) -> Delete on reboot.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\Windows\Shofee.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rlservice.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rlvknlg.exe (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\components\rlxg.dll (Adware.RelevantKnowledge) -> Delete on reboot.
c:\program files\relevantknowledge\rlls.dll (Adware.RelevantKnowledge) -> Delete on reboot.
c:\Users\sony vaio\AppData\Local\Temp\Sqc.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\Users\sony vaio\AppData\Local\Temp\Sqd.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\Users\sony vaio\AppData\Local\Temp\Sqe.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\Users\sony vaio\AppData\Local\Temp\Sqf.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\Users\sony vaio\AppData\Local\Temp\Sqg.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\Users\sony vaio\AppData\Local\Temp\Sqh.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\Users\sony vaio\AppData\Local\Temp\Sqi.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\Users\sony vaio\AppData\Local\Temp\Sp4.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\Users\sony vaio\AppData\Local\Temp\Sp5.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\Users\sony vaio\AppData\Local\Temp\Sp6.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\Users\sony vaio\AppData\Local\Temp\Sp9.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\Users\sony vaio\AppData\Local\Temp\Sqa.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\Users\sony vaio\AppData\Local\Temp\sshnas21.dll (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\Windows\Shofea.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\Windows\Shofeb.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\Windows\Shofec.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\Windows\Shofed.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\Users\sony vaio\AppData\Roaming\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
c:\program files\bulletproofsoft.com\youtube google video grabber\Clip.exe (Rogue.BulletProofSpyware) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\chrome.manifest (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\install.rdf (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\MSVCP71.DLL (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\MSVCR71.DLL (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\nscf.dat (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rlls64.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rloci.bin (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rlph.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rlvknlg64.exe (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rlxf.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\about relevantknowledge.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\privacy policy and user license agreement.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\Support.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\uninstall instructions.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.

Salut,

J'ai le même problème de virus et j'ai utilisé la méthode de jlpjlp. Que dois-je faire maintenant ? Voici mon rapport :

############################## | UsbFix V6.098 |

User : Benjamin (Administrateurs) # BENJAMIN-PC
Update on 03/03/2010 by El Desaparecido , C_XX & Chimay8
Start at: 18:55:03 | 08/03/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Genuine Intel(R) CPU T2130 @ 1.86GHz
Microsoft Windows 7 Professionnel (6.1.7600 32-bit) #
Internet Explorer 8.0.7600.16385
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 74,52 Go (33,64 Go free) [Windows 7] # NTFS
D:\ -> Disque fixe local # 67,69 Go (66,05 Go free) [DATA] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible
G:\ -> Disque fixe local # 149,01 Go (115,4 Go free) [My Passport] # FAT32

################## | Elements infectieux |

C:\Windows\Temp\TS_86E0.tmp
C:\Windows\Temp\TS_8D89.tmp
C:\Windows\Temp\TS_921D.tmp
C:\Windows\Temp\TS_9C7F.tmp
C:\Windows\Temp\TS_A24C.tmp
C:\Windows\Temp\TS_BBE0.tmp
C:\Windows\Temp\TS_BE81.tmp
C:\Windows\Temp\TS_C921.tmp
C:\Windows\Temp\TS_DBEE.tmp
C:\Users\Benjamin\AppData\Local\Temp\a.dat
C:\Users\Benjamin\AppData\Local\Temp\Rjp.exe
C:\Users\Benjamin\AppData\Local\Temp\Rjq.exe
G:\2w.cmd
G:\cb.exe
G:\DATA

################## | Registre |

[HKCU\SOFTWARE\Microsoft\Handle]
[HKCU\SOFTWARE\ROUA3O12PW]
[HKCU\SOFTWARE\TOY5KNQ8OC]
[HKCU\SOFTWARE\XML]
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LosAlamos"
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TOY5KNQ8OC"

################## | Mountpoints2 |


################## | Vaccin |

(!) Cet ordinateur n'est pas vacciné !

################## | ! Fin du rapport # UsbFix V6.098 ! |

c koi l'option 2 svp ??

Idem !
Même pb suite à infection
J'ai aussi suivi la méthode de sherred et en moins de 5 mn le pb a été réglé.
Merci à tous pour votre aide

Merci, j ai réussi a l enlever moi aussi grace a votre aide