Home Malware Programs Adware NN_Bar

NN_Bar

Posted: September 6, 2006

NN_Bar, also known as Mirar Adware or Mirar webband, is a Browser Helper Object (BHO) that creates a toolbar below the menu bar of your browser. NN_Bar may gather information such as search terms and URLs while you browse the Internet. NN_Bar may also display ads and may hijack webpages to redirect you to third-party websites. NN_Bar is a variant of Mirar, NetNucleus, GetMirar.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 keyactivextest.ocx
    2 mit33.tmp
    3 mit33.tmp.cab
    4 nn_bar.txt
    5 nnbar_vcsetup_876029.exe
    6 nnbar_vcsetup_876075.exe
    7 search.cch
    8 search.db
    9 search.htm
    10 uninst.exe
    11 whenusearch desktop toolbar.lnk
    12 winnb52.dll
    13 winnb57.dll

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\software\classes\clsid\{8a0dcbda-6e20-489c-9041-c1e8a0352e75}HKEY_LOCAL_MACHINE\software\classes\clsid\{9a9c9b69-f908-4aab-8d0c-10ea8997f37e}HKEY_LOCAL_MACHINE\software\classes\interface\{1037b06c-84b7-4240-8d80-485810a0497d}HKEY_LOCAL_MACHINE\software\classes\interface\{224302b0-94e9-45c2-9e5b-ba989ee556e1}HKEY_LOCAL_MACHINE\software\classes\interface\{54b287f9-fd90-4457-b65e-cb91560c021d}HKEY_LOCAL_MACHINE\software\classes\interface\{6e4c7afc-9915-4036-b7f9-8b3f1710788f}HKEY_LOCAL_MACHINE\software\classes\nn_bar_dummy.nn_bardummyHKEY_LOCAL_MACHINE\software\classes\nn_bar_dummy.nn_bardummy.1HKEY_LOCAL_MACHINE\software\classes\nn_bar_dummy.nn_bardummy\clsidHKEY_LOCAL_MACHINE\software\classes\nn_bar_dummy.nn_bardummy\curverHKEY_LOCAL_MACHINE\software\classes\typelib\{566dede9-9ed8-45da-9be6-9b2eeab17f49}HKEY_LOCAL_MACHINE\software\classes\typelib\{f8310e7d-4c4d-46a4-a068-b5bb99411cc7}HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{8a0dcbda-6e20-489c-9041-c1e8a0352e75}HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar {9a9c9b68-f908-4aab-8d0c-10ea8997f37e}HKEY_LOCAL_MACHINE\software\relatedpageinstall badretryHKEY_LOCAL_MACHINE\software\relatedpageinstall buildnameHKEY_LOCAL_MACHINE\software\relatedpageinstall errorHKEY_LOCAL_MACHINE\software\relatedpageinstall goodretryHKEY_LOCAL_MACHINE\software\relatedpageinstall idHKEY..\..\..\..{RegistryKeys}HKEY_CLASSES_ROOT\nn_bar_dummy.nn_bardummyHKEY_CLASSES_ROOT\nn_bar_dummy.nn_bardummy.1HKEY_CLASSES_ROOT\nn_bar_dummy.nn_bardummy.1\clsidHKEY_CLASSES_ROOT\nn_bar_dummy.nn_bardummy\clsidHKEY_CLASSES_ROOT\nn_bar_dummy.nn_bardummy\curverHKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}{8a0dcbda-6e20-489c-9041-c1e8a0352e75}{8a0dcbda-6e20-489c-9041-c1e8a0352e75} displayname{8a0dcbda-6e20-489c-9041-c1e8a0352e75} uninstallstring
Loading...