Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


virtumonde.dll; virtumonde.pfx

  • Please log in to reply
1 reply to this topic

#1 natesteiner21


  • Members
  • 2 posts
  • Local time:09:44 PM

Posted 09 October 2009 - 02:41 PM

So I've started getting a few popups and thought I'd run Malwarebytes to see if I had anything going on. Tried to run malwarebytes and I got the "missing shortcut" error box. Thought that it was kinda strange since I hadn't tried to remove it or anything so I ran spybot s&d and came up with virtumonde.dll and virtumonde.pfx. Tried removing them using spybot and I got nothing. I'm running Windows XP. Any help would be appreciated.

Nate Smith

BC AdBot (Login to Remove)


#2 Adalae


  • Members
  • 1 posts
  • Local time:10:44 PM

Posted 25 October 2009 - 07:12 PM

Hi I am helping my Cuasin out with her Computer problem. Now I herd of this sight threw my freind and she told me to have her set up an acount on this sight. The problem she is curently having is with Virtumonde.sdn. It was having Pop ups until she got on it. I have been trying to clean it out and have had no luck. Macafe tells her she must be in administratore to clean it when she is.

I have installed both Super Anti Spyware and Malwarebytes Anti-maleware and they pick it up but do not remove it so far. Well Super Anti spyware dose not remove it I am now doing a first time scan with the other and have yet to find out if it will remove it or not. The other thing I tryed was Trend micro housecall well aside from the 504 virus it did not remove this thing. I tryed rootrepel and it said it dose not work on a 64-bit OS. So Now I am at the piont where I need outside assistance inorder to remove this thing. I also seen thanks to Spybot search and destory it is link to a registry key or change it. If I am guess right and please corrected me if I am wrong this change is causing it to reinstall it's self. That is my guess on it. So How should I go about this? :thumbsup:

The registry key is as such when it pops up in Spybot serch and destory.
HKEY_LOCAL_MACHINE\software\microsoft\windows NT\current\version\windows\applnit_DLLs=...dmband32...

Edited by Adalae, 25 October 2009 - 09:19 PM.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users