Earlier this evening, I was browsing one of my favorite sites when I found their ad agency had included a nice surprise: a new Vundu variant. NOD32 picked it up and flashed a few popups stating as such, but after about 30 seconds I received notification from XP that both the Firewall and Automatic updates had been disabled. I was hammered by a slew of popups urging me to install Windows Antivirus 2009 that reappeared as fast as I could shut them down. In the meantime, NOD32 popped up to let me know that it hadn't seen this variant and asking me to submit the files for analysis. Of course, I said yes. Even though the malware had made it past the initial defense, NOD32 held it off enough for me to get SuperAntiSpyware installed and rip it out that way. After the cleaning and reboot, I ran a full NOD32 scan, SAS scan, and followed up with CureIt and found nothing. I've added Online Armor to run alongside NOD32 just in case anything like this happens again. I'm also urging the computer's owner to upgrade to Vista64 to add another level of protection (currently using XP32 sp3). Exactly how bad is this new variant, that it could make it past the first line of defense? I am a safe surfer who doesn't click on much of anything, and I definitely didn't give permission for anything to be downloaded or run. I hope the submitted samples are of some help with this new menace.