Help with MidAdle

I have tried unsuccessfully to block MidAddle and it keeps infecting my registry keys as well as some other hijackers. Can anyone help block these:
Spyware Scan Details
Start Date: 1/6/2005 6:23:21 PM
End Date: 1/6/2005 6:29:52 PM
Total Time: 6 mins 31 secs

Detected Threats

SearchExe Hijacker Adware more information...
Details: SearchExe changes the Internet Explorer SearchUrl to search-exe.com and displays ads on your desktop using popups.
Status: Removed
Severe threat - Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine.

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\SearchHelp.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\SearchHelp.DLL AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchHelp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchHelp\CLSID { - - - - 841}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchHelp\CurVer SearchHelp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SearchHelp CSearchHelpIEExtension Object


MidAddle Adware more information...
Details: Midaddle is a downloader Trojan which downloads and installs/runs adware software.
Status: Removed
High threat - High risk threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction. May open up communication ports, use polymorphic tactics, stealth installations, and/or anti-spy counter measures. May us a security flaw in the operating system to gain access to your computer.

Infected registry keys/values detected
HKEY_CLASSES_ROOT\clsid\{ - - - - 841}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ - - - - 841} Search Help
HKEY_CLASSES_ROOT\clsid\{ - - - - 841}\InprocServer32 C:\Documents and Settings\Administrator\Local Settings\Temp\Q4Ybj.dll
HKEY_CLASSES_ROOT\clsid\{ - - - - 841}\InprocServer32 ThreadingModel apartment
HKEY_CLASSES_ROOT\clsid\{ - - - - 841}\ProgID SearchHelp
HKEY_CLASSES_ROOT\clsid\{ - - - - 841}\TypeLib {ECB25A48-E6E0-49AF-99AF-07C763E31389}
HKEY_CLASSES_ROOT\clsid\{ - - - - 841}\VersionIndependentProgID SearchHelp
HKEY_CLASSES_ROOT\clsid\{ - - - - 841} CSearchHelpIEExtension Object
HKEY_CLASSES_ROOT\clsid\{ - - - - 841} AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ - - - - 841}


IEPlugin Spyware more information...
Details: IEPlugin is an IE Browser Helper Object that monitors site addresses, content entered into forms, and even local filenames browsed, and pops up advertisements when it sees a targeted keyword.
Status: Removed
High threat - High risk threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction. May open up communication ports, use polymorphic tactics, stealth installations, and/or anti-spy counter measures. May us a security flaw in the operating system to gain access to your computer.

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ - - - - 841}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ - - - - 841}\InprocServer32 C:\Documents and Settings\Administrator\Local Settings\Temp\Q4Ybj.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ - - - - 841}\InprocServer32 ThreadingModel apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ - - - - 841}\ProgID SearchHelp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ - - - - 841}\TypeLib {ECB25A48-E6E0-49AF-99AF-07C763E31389}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ - - - - 841}\VersionIndependentProgID SearchHelp
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ - - - - 841} CSearchHelpIEExtension Object
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ - - - - 841} AppID

 

Hi Busibee19, and welcome to Wilders.

Just blocking malware that has already infected your computer won't clean it of the infection, and that is what you should be trying to do, clean the infection completely.

You didn't mention what security apps you have or have used to try and clean the infected files from your computer, but if you do not have a trusted anti-spyware program already then I would suggest you download, install and bring up to-date one of the following two free anti-spyware programs (using both is also recommended and they work well together)
Ad-Aware SE Personal
Spybot Search&Destroy

Once they are uptodate, do a full scan with them, reboot and scan again until nothing else is identified as infected. You can also scan in Safe Mode if you find that the infected files are not being removed in regular scans.

I would then followup with downloading HijackThis - you can find it here, and post your log at one of the forums that do spyware/hijack removal/cleaning: A-SAP.

Two of the bigger forums for HijackThis log processing, (meaning they process more log threads each day than many others) are: SpywareInfo.com and CastleCops.com. Whichever site you decide to go to, make sure you read their forum FAQ's and posting policies before posting a log.

Once your system is clean, you can read this link to learn how to tighten your security and prevent future infection: Why did I get infected in the first place?

Let us know how you do.

Regards,

snap