Recently, I had to move back to Windows XP from Vista for some Dev stuff and after updating my computer with Windows Updates, I came to realize that Windows has already been infected with a malware. I was constantly facing popups and ads from ‘winantiviruspro’ and ‘valera’ file download and similar websites. I kept on googling for it and reached the wiki for removal of Vundo (Virtumundo) Malware. The wiki was helpful up to the point that it told me about the root cause and the files that were messing everything up. You can visit the pages here:
Or if your case is rather severe, go to Vundo Rootkit Detection
Unfortunately, I was struck with the case in wiki 1 and I was happy enough not to find rootkit corruption. I downloaded the two tools present on the wiki called VundoFix, and Virtumondobegone, but both of them failed for me.
So what I did was; I took out my old and trusty Hiren’s Boot Disk with NTFS support and booted into NTFS 4 DOS. I made sure that I had a list of all the files listed by VundoFix.exe and deleted them one by one. If you don’t know about the files well and have not read the wiki. The files are normally 691,561 bytes, both ‘ini’ and ‘dll’. The DLL and INI files have names that are palindromes of each other, so if you have file named ‘gebcb.ini’, the dll will be ‘bcbeg.dll’, so make sure you find all of these files and delete them.
Once you have deleted these files, boot back into your computer and you’ll be a happy man/woman 
. I would also recommend you to keep your computer disconnected from the internet while your computer is infected with this malware.
If you have any questions, do ask 
. I hope this will help many people.
M.H.A.Q.S.
