Removing netspry.

Hello all. I have been having trouble with netspry since it started to come out. Now, I'm nearly unable to access the internet with its abuse. I've read the introduction notes about posting logs and and also searched the forum. It's all good but everyone's experience with this type of problem varies and requires individual attention.

Now, it's my turn to ask for help. The following is the output of HijackThis. There are quite a few entries I'm suspicious about and want to remove it myself but I'd rather have expert advice than trusting my own instinct on this:

Logfile of HijackThis v1.98.2
Scan saved at 2:10:57 PM, on 11/11/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\Symantec_Desktop_Firewall\NISSERV.EXE
C:\Program Files\NovaStor\NovaBACKUP\NSENGINE.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\VTech\Helio Desktop 2.0\VSync.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\documents and settings\angelb\local settings\temp\p.exe
C:\Program Files\Symantec_Desktop_Firewall\IAMAPP.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\NovaStor\NovaBACKUP\NbkCtrl.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VTech\Helio Desktop 2.0\Core.exe
C:\WINDOWS\system32\spnpinst.exe
C:\WINDOWS\system32\Sysocmgr.exe
C:\Program Files\Symantec_Desktop_Firewall\NISUM.EXE
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = www.bugarin.us
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bugarin.us/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.bugarin.us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.bugarin.us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = www.bugarin.us
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.bugarin.us
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.bugarin.us
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.bugarin.us
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = www.bugarin.us
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.1.1;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx__SpybotSDDisabled (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {BA25708B-154D-4D40-8607-67AA5190C395} - C:\PROGRA~1\INTELL~1\ISengine.dll
O2 - BHO: WinPage Affiliate - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\Documents and Settings\angelb\Local Settings\Temp\ou.dll
O3 - Toolbar: & IntelliStopper - {21C32A07-0176-4FFE-BCDA-65D4A24F4303} - C:\PROGRA~1\INTELL~1\INTELL~1.DLL
O3 - Toolbar: (no name) - {224530A0-C9CB-4AEE-9C0F-54AC1B533211} - (no file)
O4 - HKLM\..\Run: [NVCLOCK] rundll32 nvclock.dll,fnNvclock
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [VSync2] C:\Program Files\VTech\Helio Desktop 2.0\VSync.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Dsi] C:\WINDOWS\System32\dp-him.exe
O4 - HKLM\..\Run: [p] C:\documents and settings\angelb\local settings\temp\p.exe
O4 - HKLM\..\Run: [iamapp] "C:\Program Files\Symantec_Desktop_Firewall\IAMAPP.EXE"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NovaBackup 7 Tray Control] "C:\Program Files\NovaStor\NovaBACKUP\NbkCtrl.exe"
O4 - HKCU\..\Run: [WNSI] C:\WINDOWS\System32\wnscpsv.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files\Yahoo!\Messenger\yhexbmes0521.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/109c8a9490aac71a4c05/netzip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1098062078593

I'f I'm doing this all wrong, my apologies in advance.
I'm currently using IE Version 6.02.2900 and recently update to SP2. I'm also running Barton 2500 with 1GB of RAM.

Please advice. Thank for your help in advance.

jav

 

Sorry, I misunderstood the postings rules on logs. If it was possible to delete my post, I'd delete it now and resubmit.

To MG/forum mods, since you have the ability to remove my posts, please do remove my original post and I will resubmit my netspry problem without including the log.

Thanks,

jav

 

Well, like I've always expected...when you want something done, you gotta do it yourself. I'm outta here.

One last request to whom it may concern: How do I unsubscribe from this place?

jav