Major Thanks!

Got me a case of the ol' Cool Web Search/HSA/about:blank hijack(s). Thanks to the stickies at the top of the forum, I was able to rid my system of that, and perhaps one or two lurkers that I didn't know about. Knowing my way around the registry, I wasn't too worried about following chaslang's method of gettting medieval, but thankfully I didn't have to go that far as the basic READ ME FIRST instructions seem to have things back in order.
Now to sort through the Windows directory and get rid of all the orphaned bogus executables and DLLs...
It does my heart good to see people who use their talents for good and not evil.

Chris

 

Thanks, I'm pretty sure I got it, at least fer now.
Luckily I wasn't too badly infected - we've got McAfee and (thankfully) it was able to thwart a bunch of attempts to DL some trojans, etc., from the bogus site. Unfortunately it didn't catch the CWS. After running through the solutions, the only questionable line left in the HJT log was the BHO pointing to the now missing .DLL, which was subsequently fixed.
I'll be sure to let you know if anything else comes up.
Thanks again!
Chris

P.S. Those of you out there having these issues, be sure to read the stickies and FOLLOW EVERY INSTRUCTION. Before I found this site, I had an idea what some of the offending dlls and exes were, and I also IDed the res:// lines in the Registry, but an incomplete removal means no removal at all - I've got a bunch of bad DLLs and EXEs from CWS regenerating itself after half-a**ed attempts at removal.
BTW, I'm not sure it's this way for all varieties, but at least in my instance it seems that the bogus files follow a pattern. Other than the dates, the files:
a) Have no company name (virtually all the legitimate executable and library files do, though not necessarily)
b) File size; The executables are 0 KB in size, and the DLLs are 65 KB.

Again, this is just my situation, but looking for patterns helps in removing the chaff.