Sshnas.dll (Sshnas) Trojan Virus File Removal

Danger Sshnas.dll is a dangerous file which creates activities on a user’s computer which may be highly undesirable. This file is unsafe.

Type: Trojan Virus (Click Here To Learn More)
Location: C:\WINDOWS\system32\sshnas.dll (Click Here To Learn How To Locate)
Risk Level: Moderate (Learn More About Risk Levels)

Below is our recommended removal tool for Sshnas.dll. The removal tool has been rated 5 cows out of 5 by Tucows and was previously CNET’s Editor’s Choice. Feel free to download it below.

download

Files associated with Sshnas.dll -
MSA.exe

Manual Removal – Sshnas.dll may be removed through analyzing your HijackThis log. Feel free to post your hijackthis log below if you need assistance analyzing it. Hijackthis will be ideal to manually remove the virus

Click Here To Learn About HijackThis. To download HijackThis, please click HERE.

Sshnas.dll File Details -
First Identified – December 14 2023

Common Questions -
1. What is a computer virus? (Click Here To View)
2. How did I get this computer virus? (Click Here To View)
3. What common symptoms show that my computer may be infected? (Click Here To View)
4. How can I check if Sshnas.dll is a computer virus? (Click Here To View)
5. What are some antivirus and antispyware programs which I can use to remove viruses and spyware? (Click Here To View)

We recommend that you follow our safety tips so that you can keep your computer clean. Please click here to view our safety tips

Please post comments below. Your comments are both useful to visitors and to us.

This entry was posted on Monday, December 14th, 2023 at 9:44 pm and is filed under Malware Removal. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Sshnas.dll (Sshnas) Trojan Virus File Removal”

Shannon Nicaise December 23rd, 2023 at 7:37 pm

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 2:36:43 PM, on 12/23/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files (x86)\HP\QuickPlay\QPService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Users\Shannon\AppData\Local\Temp\c.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\TrendMicro\HiJackThis\HiJackThis.exe

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=81&bd=Pavilion&pf=laptop
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=81&bd=Pavilion&pf=laptop
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 – REG:system.ini: UserInit=userinit.exe
O1 – Hosts: ::1 localhost
O2 – BHO: Adobe PDF Reader Link Helper – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 – BHO: Skype add-on (mastermind) – {22BF413B-C6D2-4d91-82A9-A0F997BA588C} – C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 – BHO: WormRadar.com IESiteBlocker.NavFilter – {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} – C:\Program Files (x86)\AVG\AVG9\avgssie.dll
O2 – BHO: Windows Live Sign-in Helper – {9030D464-4C02-4ABF-8ECC-5164760863C6} – C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 – HKLM\..\Run: [WAWifiMessage] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 – HKLM\..\Run: [UCam_Menu] “C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe” “C:\Program Files (x86)\CyberLink\YouCam” UpdateWithCreateOnce “Software\CyberLink\YouCam\1.0″
O4 – HKLM\..\Run: [QPService] “C:\Program Files (x86)\HP\QuickPlay\QPService.exe”
O4 – HKLM\..\Run: [QlbCtrl] %ProgramFiles(x86)%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 – HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 – HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 – HKLM\..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe
O4 – HKLM\..\Run: [Adobe Reader Speed Launcher] “C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 – HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 – HKLM\..\Run: [QuickTime Task] “C:\Program Files (x86)\QuickTime\QTTask.exe” -atboottime
O4 – HKLM\..\Run: [iTunesHelper] “C:\Program Files (x86)\iTunes\iTunesHelper.exe”
O4 – HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] “C:\Program Files (x86)\Java\jre6\bin\jusched.exe”
O4 – HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 – HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 – HKCU\..\Run: [LosAlamos] rundll32.exe C:\Windows\system32\sshnas.dll,AddAtomAW
O4 – HKCU\..\Run: [J8RPLTROBQ] C:\Users\Shannon\AppData\Local\Temp\c.exe
O4 – HKCU\..\RunOnce: [UniblueRegistryBooster] “C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe” delay 20000
O4 – Global Startup: Bluetooth.lnk = ?
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 – Extra context menu item: Send image to &Bluetooth Device… – C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 – Extra context menu item: Send page to &Bluetooth Device… – C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 – Extra button: Send to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 – Extra ‘Tools’ menuitem: S&end to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 – Extra button: (no name) – {5067A26B-1337-4436-8AFE-EE169C2DA79F} – C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 – Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer – {5067A26B-1337-4436-8AFE-EE169C2DA79F} – C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 – Extra button: Skype – {77BF5300-1474-4EC7-9980-D32B190E9B07} – C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 – Extra button: Send To Bluetooth – {CCA281CA-C863-46ef-9331-5C8D4460577F} – C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 – Extra ‘Tools’ menuitem: Send to &Bluetooth Device… – {CCA281CA-C863-46ef-9331-5C8D4460577F} – C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 – Gopher Prefix:
O16 – DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) – https://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 – DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) – https://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 – DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) – https://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUplden-us.cab
O16 – DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) – https://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
O16 – DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) – https://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 – DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games – Installer) – https://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 – DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) – https://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 – DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) – https://zone.msn.com/bingame/dim2/default/popcaploader_v6.cab
O18 – Protocol: linkscanner – {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} – C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O18 – Protocol: skype4com – {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} – C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 – SharedTaskScheduler: Component Categories cache daemon – {8C7461EF-2B13-11d2-BE35-3078302C2030} – C:\Windows\system32\browseui.dll
O23 – Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) – Unknown owner – C:\Windows\System32\alg.exe (file missing)
O23 – Service: Apple Mobile Device – Apple Inc. – C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 – Service: AVG Free E-mail Scanner (avg9emc) – AVG Technologies CZ, s.r.o. – C:\Program Files (x86)\AVG\AVG9\avgemc.exe
O23 – Service: AVG Free WatchDog (avg9wd) – AVG Technologies CZ, s.r.o. – C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 – Service: Bonjour Service – Apple Inc. – C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 – Service: Com4Qlb – Hewlett-Packard Development Company, L.P. – C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 – Service: @dfsrres.dll,-101 (DFSR) – Unknown owner – C:\Windows\system32\DFSR.exe (file missing)
O23 – Service: Biometric Authentication Service (DpHost) – DigitalPersona, Inc. – C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 – Service: HP Health Check Service – Hewlett-Packard – c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 – Service: hpqwmiex – Hewlett-Packard Development Company, L.P. – C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 – Service: iPod Service – Apple Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: @keyiso.dll,-100 (KeyIso) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
O23 – Service: LightScribeService Direct Disc Labeling Service (LightScribeService) – Hewlett-Packard Company – C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 – Service: @comres.dll,-2797 (MSDTC) – Unknown owner – C:\Windows\System32\msdtc.exe (file missing)
O23 – Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
O23 – Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
O23 – Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) – Unknown owner – C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 – Service: QuickPlay Task Scheduler (QTS) (QPSched) – Unknown owner – C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 – Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) – Unknown owner – C:\Windows\system32\locator.exe (file missing)
O23 – Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
O23 – Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) – Unknown owner – C:\Windows\system32\SLsvc.exe (file missing)
O23 – Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) – Unknown owner – C:\Windows\System32\snmptrap.exe (file missing)
O23 – Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) – Unknown owner – C:\Windows\System32\spoolsv.exe (file missing)
O23 – Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) – Unknown owner – C:\Windows\system32\UI0Detect.exe (file missing)
O23 – Service: @%SystemRoot%\system32\vds.exe,-100 (vds) – Unknown owner – C:\Windows\System32\vds.exe (file missing)
O23 – Service: Viewpoint Manager Service – Viewpoint Corporation – C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
O23 – Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) – Unknown owner – C:\Windows\system32\vssvc.exe (file missing)
O23 – Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) – Unknown owner – C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 – Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) – Unknown owner – C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 – Service: XAudioService – Unknown owner – C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)


End of file – 11878 bytes

Leave a Reply