Threat Information for "Mirar Toolbar"

Removal Top

StopSign will automatically remove this infection with a paid membership.

Summary Top
  • Name: Mirar Toolbar
  • Aliases:ADSPY/Mirar.C.1, Adware Generic.ORZ, MemScan:Application.Getmirar.B, Adware.Mirarbar, Adware.Mirar, Adware/Mirar
  • Date Discovered: 2006-08-23
  • Protection Added: 2006-08-25
Description Top 
-- Ease of Removal

1: Runs as a BHO or shell extension
2: Consistent file contents
3: Consistently named
4: Creates new registry entries with consistent data
5: File names uniquely generated

-- Privacy Risks/Security Changes

1: Changes internet security settings

-- Damage/Intrusion/Annoyance

1: Displays a toolbar [SPYWARE ONLY]

-- Propagation/Saturation

1: Creates new files
2: Infects by Active-X Control
Technical Details Top
  • Added Directory/File:
    FilePath: %WINDIR%\876???.exe
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\WinDmy.dll
  • Added Directory/File:
    FilePath: %WINDIR%\*.exe MD5: c1e3469220af716952fd92132209b6a4
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\WinNB??.dll
  • Added Registry Key:
    Key: HKLM\%CURRENTVERSIONREG%\Internet Settings\ZoneMap\Domains\getmirar.com
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\CLSID\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E}
  • Added Registry Key:
    Key: HKLM\%BHOREG%\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\CLSID\{8A0DCBDA-6E20-489C-9041-C1E8A0352E75}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\TypeLib\{566DEDE9-9ED8-45DA-9BE6-9B2EEAB17F49}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\NN_Bar_Dummy.NN_BarDummy
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Interface\{54B287F9-FD90-4457-B65E-CB91560C021D}
  • Added Registry Key:
    Key: HKLM\%CURRENTVERSIONREG%\Internet Settings\ZoneMap\Domains\mirarsearch.com
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Interface\{1037B06C-84B7-4240-8D80-485810A0497D}
  • Added Registry Key:
    Key: HKLM\%CURRENTVERSIONREG%\Internet Settings\ZoneMap\Domains\net-nucleus.com
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\CLSID\{9A9C9B68-F908-4AAB-8D0C-10EA8997F37E}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\TypeLib\{F8310E7D-4C4D-46A4-A068-B5BB99411CC7}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\NN_Bar_Dummy.NN_BarDummy.1
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Interface\{6E4C7AFC-9915-4036-B7F9-8B3F1710788F}
  • Added Registry Key:
    Key: HKLM\%CURRENTVERSIONREG%\Uninstall\{8A0DCBDA-6E20-489C-9041-C1E8A0352E75}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Interface\{224302B0-94E9-45C2-9E5B-BA989EE556E1}
  • Added Registry Value:
    Key: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar Value: {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E}
  • Added Registry Value:
    Key: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser Value: {9A9C9B68-F908-4AAB-8D0C-10EA8997F37E}