Vexed by Vundo

First you will need to disable Spybot's Teatimer before we can fix your Virtumundo (Winfixer) problem.

To disable TeaTimer, run Spybot and click Mode and select Advanced Mode. Then click Tools and select Resident. Now in the right window pane, uncheck TeaTimer.
Also while this is open, in the left column now select IE Tweaks and then in the right pane make sure all the Miscellaneous locks are unchecked.
Now quit Spybot!


Now click on Start, then Run ... type services.msc into the box that opens up, and press 'OK'.
On the page that opens, scroll down to CWShredder Service ... right click the entry, select 'Properties' and press 'Stop Service'. When it shows that it is stopped, next please set the 'Start-up Type' to 'Disabled'. Press 'OK' until you get back to Windows.

Next, run HJT, but instead of scanning, click on the "None of the above, just start the program" button at the bottom of the choices. At the lower right, click on the 'Config" button, and then the Misc tools' button ... select 'Delete an NT Service" ... copy/paste the following into the box that opens, and press "OK":

CWShredder Service

Now exit HJT and then reboot if it asks you to do so. Then continue with below.

Your two problem lines for Virtumundo are:
O2 - BHO: MSEvents Object - {6DD0BC06-4719-4BA3-BEBC-FBAE6A448152} - C:\WINDOWS\system32\geebx.dll
O20 - Winlogon Notify: geebx - C:\WINDOWS\system32\geebx.dll

Use them in the following generic procedure to fix your problem. If you have any difficulties in following this procedure, please tell us why!

Virtumonde aka Trojan Vundo Fix w/ Tool

 

You're welcome! You are clean! Now to help keep you clean, see the below:

How to Protect yourself from malware!