Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


The Tenacious Vundo Virus

  • Please log in to reply
1 reply to this topic

#1 nicnicman


  • Members
  • 2 posts
  • Location:Maine
  • Local time:10:28 AM

Posted 17 January 2009 - 11:13 PM

Hello everyone,

For the past week and a half I have been plagued with viruses, the worst of which I believe to be the Vundo virus. Three times I have presumably cleaned my machine only to have it become infected again. Each time I am greeted with an Internet Explorer dialog box (I use Firefox) which reads, "Attention! If your computer is struck by the spyware, you could suffer data loss, unusual PC behaviour, PC freezes and crashes.Detect and remove viruses before they damage your computer!Antivirus 2009 will perform a 100% FREE and quick scan of your PC for Viruses, Spyware, and Adware.Do you want to install Antivirus 2009 to scan your computer for malware now? (Recommended)".

Each time I have quickly terminated IE using the Task manager, but the trouble starts anyway. The virus or viruses have caused popups, computer crashes, and blinking desktop items. I have seen similar cases documented on the internet and have used various tools to clean my machine. It seems that every time I feel that I have thoroughly cleaned the computer the infection recurs.

When using MalwareBytes, Combo Breaker, Hijack This, and other programs I have found many viruses, but the most prevalent would be Vundo and Seneka. The last attack put three strange dll's in my startup folder; higihape, vuwizodi, and vepuhuje. I unchecked the items and I believe they were deleted while cleaning the machine but they are still in the startup folder.

I read at Wikipedia that Vundo exploits a vulnerability in Sun Java and have since reinstalled it. My computer seems to be clean for the moment but I would like to prevent this from happening again.

Thanks for any help.

BC AdBot (Login to Remove)


#2 buddy215


  • Moderator
  • 13,315 posts
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:28 AM

Posted 18 January 2009 - 12:28 PM

You should update MalwareBytes Antimalware and run a scan with it.

Another good program to remove Vundo and its pals is Super AntiSpyware. After downloading, installing and UPDATING, reboot into safe mode to run the scan. Instructions for using SAS are in the link below.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users