Oh my god - what a long process! The removal of bargain buddy, cashback and navisearch was enough to make me want to kill whoever wrote that software.
The key step for removing these items was to get rid of a windows service that reinstalled everything the next time you boot (it waits until you connect to the internet if you aren't connected at boot time). The service is called ISEXEng (as in is executable no good or something like that). It downloads and reinstalls bargainbuddy, cashback, and navisearch. The actual executable that makes up this service was in c:\windows\system32\angelex.exe.
Removal should be done in 3 steps:
Step 1 manual method: exit all programs. do control-alt-del and stop the 3 processes: bargainbuddy, cashback, navisearch. Wait 20 seconds and make sure they are still gone.
Step 2a: from task manager (control-alt-del) do "file run" or you can do this with start button but that might start explorer - not sure - and reinfect you. Run "cmd" or "command" if you have windows 95/98. type "cd \" to get to root of c drive. Type "cd windows" and then "cd system32". If you hit "cd" you should be in the system32 directory. You need to delete these 3 dlls: msbe.dll, mscb.dll, nvms.dll. You do this by typing "del msbe.dll", and so on. If you get an error that the file is locked it is because they are running. You must exit all instances of explorer!
Note that some people have windows installed in a directory other than "windows" such as "win", "winxp", "winnt" and you may have to hunt a little, but most people have it installed in "c:\windows".
Note that attempting to do this step with explorer won't work as explorer will re-run bargainbuddy and you have to go back to step 1.
Step 2b: Remove BHO entries. BHO stands for browser helper object. I recommend using "hijack this". It will list all your BHOs. unfortunately you might want to keep some of them. Myself - I got rid of all of them and I'm quite happy. Step 2b might be unneccessary if you deleted the above 3 dlls - I'm just not sure - I ran ad-aware and other so many times that they might have taken care of this step or it may be unneccessary.
To check that step 2 is complete, run explorer *and* internet explorer. Wait 20 seconds. Make sure bargainbuddy doesn't start up again (check with ctrl-alt-del).
Congratulations. You've stopped bargain buddy. However if you reboot it will come back so now do step 3.
Step 3: Remove the service. You can probably just delete angelex.exe from the system32 directory using "my computer". However, I recommend first stopping the service. Go to a dos window ("start" "run" and enter "cmd" and hit "ok"). type services.msc. This starts a nice windows program (there are other ways to run this through control panel). Find the service called "ISEXEng". Double click it and change from "automatic" (which means run at boot time) to "disabled". Then make darn sure it is gone by deleting angelex.exe from your windows\system32 directory. Windows 95/98/ME users: services.msc probably doesn't exist on these versions of Windows. You can instead go to the control panel and choose "services". This brings you to the same point as running services.msc.
GOOD LUCK!
No need to show any gratitude. I'm just glad I can help someone else. If you really want to,
you can show your gratitude by linking to this website and the 2 websites below that I want to get higher on the
google search order. Obviously you can only do this if you have your own website.
You can also send me a nice email by clicking
http://spragueschool.org
http://wellesleyEducationFoundation.org
Actually it would be best if you put the following html into your page as it helps if the link mentions
likely search words:
<a href="http://spragueschool.org">Sprague Elementary School PTO Wellesley Massachusetts</a><br>
<a href="http://wellesleyEducationFoundation.org">Wellesley Education Foundation</a><br>
<a href="http://home.comcast.net/~george.roberts4/bargainbuddy.htm">Bargain Buddy Bargainbuddy Cash Back Cashback Navisearch removal</a>
-