Offer optimizer, search assistant, shopping wizard infection...Help!

Please read the announcements and sticky threads. No HJT logs are to be posted unless requested and then they must be posted as attachments. HJT must be properly installed and NO browsers should be running when using HJT. All of this is covered in the sticky threads.

You do not appear to have search assistant, shopping wizard infections from what I can see.

- Download HijackThis 1.99.1

- Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

- Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file.

- Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

- Run HijackThis and save your log file.

- Post your log as an ATTACHMENT to your next message. (Do NOT copy/paste the log into your post).

 

Your OS and IE versions are way out of date and represent a major security risk. After we fix any current problems, you must get updated.

You must remember to exit browsers ( H:\Program Files\Internet Explorer\iexplore.exe ) before using HijackThis.

Your log does not show any real major problems. The below two lines can be fixed:
R3 - Default URLSearchHook is missing
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)

I have a question about another line:
O4 - Global Startup: Startup.exe

Do you know what this is for? The file should be located at:

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Startup.exe

See if you can get Properties/Version info on the file by right clicking on it.


Why does the title of you thread mention: optimizer, search assistant, shopping wizard infection

What are you referring too? Why are you saying you have these? Do you mean you see them in Add/Remove Programs? If so, try the below for the HSA related items.

Copy the contents of the below Quote Box to Notepad. Then click File and then Save As. Change the Save as Type to All Files. Name the file fixhsa.reg and then click save. (make sure you save it somewhere you can find it. Saving it to your Desktop may make that easy.) Then double-click on the fixhsa.reg file on your desktop (or locate it with Windows Explorer and double click on it if not saved to the Desktop) and when it prompts to Add in to the registry, say yes.

 

Did the registry merge I gave you succeed? Meaning did you get a confirmation message. Do it again after booting in safe mode with not network support?

How many user accounts on this PC?

Are you saying you cannot update because you do not have a valod license? If so, you should get one, or you will always be having problems.

You do not have a choice with startup.exe. It is already loading each time your PC boots. The only way you could stop that is to remove that registry entry or to temporarily rename the file (like to startup.xxx) so it cannot run. Then you may find out whether you need it for anything.