Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

TR/Vundo.Gen - Seemingly easy method

  • This topic is locked This topic is locked



    New Member

  • Member
  • Pip
  • 1 posts
For the past six hours, I have been dealing with this Vundo virus/trojan horse. I believe I got hit by a newer version, because until I came to this post, nothing worked completely. However, it seems I managed to finally rid myself of the virus just a few minutes ago. I wanted to post this to see if I just got lucky or if I'm about to get hit again:

AVG last night found a virus a generally ignored and removed with AVG.

This morning a got a pop-up advertisement to buy security software and after a few google searches found out about Vermunde. I was told to download the following programs:

Avira AntiVirus (to replace AVG)
Spybot Search & Destroy (really I just had to update this)
Note: I used Highjack This, but it never came up in the report O2, O20, O23 areas.

First I ran Spybot Search & Destory, which found 2 cases of Vermunde and 6 cases of Vermunde.dll. I removed these.

As soon as I installed the Avira, I kept getting a message that TR/Vundo.Gen was found in the file C:\WINDOWS\system32\wvuopget.dll

I then ran vundofix and VirtuMundoBeGone as instructed on any thread you read about this topic. vundofix managed to delete a ppwf***.dll file. I apologize for not knowing the full name, but if you use CCleaner and check the start up programs, you'll find it.

However Avira kept finding the above wvuopget.dll file. After clicking delete numerous times, I clicked 'Rename.' This changed the name of the .dll file to wvuopget.vir003.

Next I ran VundoFix again and right clicked on the white area (main part of the screen) and added the above .vir003 file. Again, I clicked removed.

I then booted up my computer and have no more warnings from Avira and everything is working at normal speed now.

I know this isn't a very detailed thread, but I'm hoping someone can use who knows enough of the situation can use this to quickly fix this virus.
  • 0





  • Retired Staff
  • 47,710 posts
Vundo isn't removed that easily unfortunately, so I would keep an eye on your PC over the next few days. If it returns PM me and I will reopen this thread
  • 0

Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP