Adware.Win32.OpenCandy.GISFM

Publish Date: 12 April 2019

Analyse von: John Anthony Banes

Adware/OpenCandy (Fortinet); AdWare.Win32.OpenCandy (Ikarus); Win32/OpenCandy (NOD32)

Plattform:

Windows

Risikobewertung (gesamt):

Schadenspotenzial::

Verteilungspotenzial::

reportedInfection:

Trend Micro Lösungen:

Niedrig

Mittel

Hoch

Kritisch

Malware-Typ:
Adware
Zerstrerisch?:
Nein
Verschlsselt?:
In the wild::
Ja

Überblick

Wird möglicherweise manuell von einem Benutzer installiert.

Technische Details

Dateigröße: 4,997,432 bytes

Dateityp: EXE

Speicherresiden: Nein

Erste Muster erhalten am: 10 April 2019

Übertragungsdetails

Wird möglicherweise manuell von einem Benutzer installiert.

Installation

Fügt die folgenden Ordner hinzu:

%AppDataLocalLow%\IEPro
%Program Files%\IEPro
%Program Files%\IEPro\language
%Program Files%\IEPro\language\MiniDM
%Program Files%\IEPro\modules
%Program Files%\IEPro\plugins
%Program Files%\IEPro\plugins\accuweather
%Program Files%\IEPro\plugins\accuweather\css
%Program Files%\IEPro\plugins\accuweather\images
%Program Files%\IEPro\plugins\accuweather\js
%Program Files%\IEPro\plugins\searchstatus
%Program Files%\IEPro\plugins\serverinfo
%Program Files%\IEPro\spelldic
%Program Files%\IEPro\spelldic\en_US
%Program Files%\IEPro\userscripts
%User Temp%\ns{random}.tmp

(Hinweis: %Program Files%ist der Standardordner 'Programme', normalerweise C:\Programme.. %User Temp% ist der Ordner 'Temp' des aktuellen Benutzers, normalerweise C:\Dokumente und Einstellungen\{Benutzername}\Lokale Einstellungen\Temp unter Windows 2000, XP und Server 2003.)

Schleust die folgenden Dateien ein:

%User Temp%\ns{random}.tmp
%User Temp%\ns{random}.tmp\LangDLL.dll
%User Temp%\ns{random}.tmp\System.dll
%User Temp%\ns{random}.tmp\ioSpecial.ini
%User Temp%\ns{random}.tmp\modern-wizard.bmp
%User Temp%\ns{random}.tmp\InstallOptions.dll
%User Temp%\ns{random}.tmp\nsDialogs.dll
%User Temp%\ns{random}.tmp\saction.dll
%AppDataLocalLow%\IEPro\conf.ini
%AppDataLocalLow%\IEPro\module.ini
%User Temp%\ns{random}.tmp\PGSetupHlp.dll
%Program Files%\IEPro\IEProRecorder.dll
%Program Files%\IEPro\winfile.dll
%Program Files%\IEPro\GrabKernel.dll
%Program Files%\IEPro\filter.ini
%Program Files%\IEPro\IEPro.dll
%Program Files%\IEPro\IEProCx.exe
%Program Files%\IEPro\IEProRs.dll
%Program Files%\IEPro\IEProRes.dll
%Program Files%\IEPro\IEProFrm.dll
%Program Files%\IEPro\ProgSenseSetup.exe
%Program Files%\IEPro\language\proara.ini
%Program Files%\IEPro\language\probel.ini
%Program Files%\IEPro\language\probgr.ini
%Program Files%\IEPro\language\prochs.ini
%Program Files%\IEPro\language\procht.ini
%Program Files%\IEPro\language\procsy.ini
%Program Files%\IEPro\language\prodan.ini
%Program Files%\IEPro\language\prodeu.ini
%Program Files%\IEPro\language\proell.ini
%Program Files%\IEPro\language\proeng.ini
%Program Files%\IEPro\language\proesm.ini
%Program Files%\IEPro\language\proesp.ini
%Program Files%\IEPro\language\profar.ini
%Program Files%\IEPro\language\profin.ini
%Program Files%\IEPro\language\profra.ini
%Program Files%\IEPro\language\proheb.ini
%Program Files%\IEPro\language\prohun.ini
%Program Files%\IEPro\language\proita.ini
%Program Files%\IEPro\language\projpn.ini
%Program Files%\IEPro\language\prokor.ini
%Program Files%\IEPro\language\prolth.ini
%Program Files%\IEPro\language\pronld.ini
%Program Files%\IEPro\language\pronor.ini
%Program Files%\IEPro\language\proplk.ini
%Program Files%\IEPro\language\proptb.ini
%Program Files%\IEPro\language\proptg.ini
%Program Files%\IEPro\language\prorom.ini
%Program Files%\IEPro\language\prorus.ini
%Program Files%\IEPro\language\prosky.ini
%Program Files%\IEPro\language\proslv.ini
%Program Files%\IEPro\language\prosqi.ini
%Program Files%\IEPro\language\prosrl.ini
%Program Files%\IEPro\language\prosve.ini
%Program Files%\IEPro\language\protha.ini
%Program Files%\IEPro\language\protrk.ini
%Program Files%\IEPro\language\proukr.ini
%Program Files%\IEPro\language\provit.ini
%Program Files%\IEPro\language\MiniDM\mdmara.ini
%Program Files%\IEPro\language\MiniDM\mdmbgr.ini
%Program Files%\IEPro\language\MiniDM\mdmchs.ini
%Program Files%\IEPro\language\MiniDM\mdmcht.ini
%Program Files%\IEPro\language\MiniDM\mdmcsy.ini
%Program Files%\IEPro\language\MiniDM\mdmdan.ini
%Program Files%\IEPro\language\MiniDM\mdmdeu.ini
%Program Files%\IEPro\language\MiniDM\mdmell.ini
%Program Files%\IEPro\language\MiniDM\mdmeng.ini
%Program Files%\IEPro\language\MiniDM\mdmesp.ini
%Program Files%\IEPro\language\MiniDM\mdmfar.ini
%Program Files%\IEPro\language\MiniDM\mdmfin.ini
%Program Files%\IEPro\language\MiniDM\mdmfra.ini
%Program Files%\IEPro\language\MiniDM\mdmheb.ini
%Program Files%\IEPro\language\MiniDM\mdmhun.ini
%Program Files%\IEPro\language\MiniDM\mdmita.ini
%Program Files%\IEPro\language\MiniDM\mdmjpn.ini
%Program Files%\IEPro\language\MiniDM\mdmkor.ini
%Program Files%\IEPro\language\MiniDM\mdmnld.ini
%Program Files%\IEPro\language\MiniDM\mdmnor.ini
%Program Files%\IEPro\language\MiniDM\mdmplk.ini
%Program Files%\IEPro\language\MiniDM\mdmptb.ini
%Program Files%\IEPro\language\MiniDM\mdmrom.ini
%Program Files%\IEPro\language\MiniDM\mdmrus.ini
%Program Files%\IEPro\language\MiniDM\mdmsky.ini
%Program Files%\IEPro\language\MiniDM\mdmslv.ini
%Program Files%\IEPro\language\MiniDM\mdmsqi.ini
%Program Files%\IEPro\language\MiniDM\mdmsve.ini
%Program Files%\IEPro\language\MiniDM\mdmtha.ini
%Program Files%\IEPro\language\MiniDM\mdmtrk.ini
%Program Files%\IEPro\lgpl.txt
%Program Files%\IEPro\ProEula.txt
%Program Files%\IEPro\readme.txt
%Program Files%\IEPro\MiniDM.exe
%Program Files%\IEPro\modules\adblock.dll
%Program Files%\IEPro\modules\autoform.dll
%Program Files%\IEPro\modules\basemod.dll
%Program Files%\IEPro\modules\downmod.dll
%Program Files%\IEPro\modules\fasterie.dll
%Program Files%\IEPro\modules\findbar.dll
%Program Files%\IEPro\modules\ie6mod.dll
%Program Files%\IEPro\modules\iecleaner.dll
%Program Files%\IEPro\modules\iescript.dll
%Program Files%\IEPro\modules\liveserv.dll
%Program Files%\IEPro\modules\singleie.dll
%Program Files%\IEPro\modules\spellchk.dll
%Program Files%\IEPro\modules\adblock.ini
%Program Files%\IEPro\modules\autoform.ini
%Program Files%\IEPro\modules\basemod.ini
%Program Files%\IEPro\modules\downmod.ini
%Program Files%\IEPro\modules\fasterie.ini
%Program Files%\IEPro\modules\findbar.ini
%Program Files%\IEPro\modules\ie6mod.ini
%Program Files%\IEPro\modules\iecleaner.ini
%Program Files%\IEPro\modules\iescript.ini
%Program Files%\IEPro\modules\liveserv.ini
%Program Files%\IEPro\modules\singleie.ini
%Program Files%\IEPro\modules\spellchk.ini
%Program Files%\IEPro\plugins\accuweather\css\findLocation.chs.css
%Program Files%\IEPro\plugins\accuweather\css\findLocation.css
%Program Files%\IEPro\plugins\accuweather\findLocation.chs.html
%Program Files%\IEPro\plugins\accuweather\findLocation.eng.html
%Program Files%\IEPro\plugins\accuweather\plugin.js
%Program Files%\IEPro\plugins\accuweather\images\01.png
%Program Files%\IEPro\plugins\accuweather\images\02.png
%Program Files%\IEPro\plugins\accuweather\images\03.png
%Program Files%\IEPro\plugins\accuweather\images\04.png
%Program Files%\IEPro\plugins\accuweather\images\05.png
%Program Files%\IEPro\plugins\accuweather\images\06.png
%Program Files%\IEPro\plugins\accuweather\images\07.png
%Program Files%\IEPro\plugins\accuweather\images\08.png
%Program Files%\IEPro\plugins\accuweather\images\11.png
%Program Files%\IEPro\plugins\accuweather\images\12.png
%Program Files%\IEPro\plugins\accuweather\images\13.png
%Program Files%\IEPro\plugins\accuweather\images\14.png
%Program Files%\IEPro\plugins\accuweather\images\15.png
%Program Files%\IEPro\plugins\accuweather\images\16.png
%Program Files%\IEPro\plugins\accuweather\images\17.png
%Program Files%\IEPro\plugins\accuweather\images\18.png
%Program Files%\IEPro\plugins\accuweather\images\19.png
%Program Files%\IEPro\plugins\accuweather\images\20.png
%Program Files%\IEPro\plugins\accuweather\images\21.png
%Program Files%\IEPro\plugins\accuweather\images\22.png
%Program Files%\IEPro\plugins\accuweather\images\23.png
%Program Files%\IEPro\plugins\accuweather\images\24.png
%Program Files%\IEPro\plugins\accuweather\images\25.png
%Program Files%\IEPro\plugins\accuweather\images\26.png
%Program Files%\IEPro\plugins\accuweather\images\29.png
%Program Files%\IEPro\plugins\accuweather\images\30.png
%Program Files%\IEPro\plugins\accuweather\images\31.png
%Program Files%\IEPro\plugins\accuweather\images\32.png
%Program Files%\IEPro\plugins\accuweather\images\33.png
%Program Files%\IEPro\plugins\accuweather\images\34.png
%Program Files%\IEPro\plugins\accuweather\images\35.png
%Program Files%\IEPro\plugins\accuweather\images\36.png
%Program Files%\IEPro\plugins\accuweather\images\37.png
%Program Files%\IEPro\plugins\accuweather\images\38.png
%Program Files%\IEPro\plugins\accuweather\images\39.png
%Program Files%\IEPro\plugins\accuweather\images\40.png
%Program Files%\IEPro\plugins\accuweather\images\41.png
%Program Files%\IEPro\plugins\accuweather\images\42.png
%Program Files%\IEPro\plugins\accuweather\images\43.png
%Program Files%\IEPro\plugins\accuweather\images\44.png
%Program Files%\IEPro\plugins\accuweather\images\flag.png
%Program Files%\IEPro\plugins\accuweather\images\magnify.gif
%Program Files%\IEPro\plugins\accuweather\js\findLocation.js
%Program Files%\IEPro\plugins\accuweather\findLocation.chs.html
%Program Files%\IEPro\plugins\accuweather\findLocation.eng.html
%Program Files%\IEPro\plugins\accuweather\plugin.js
%Program Files%\IEPro\plugins\searchstatus\plugin.js
%Program Files%\IEPro\plugins\serverinfo\plugin.js
%Program Files%\IEPro\spelldic\en_US\README_en_US.txt
%Program Files%\IEPro\spelldic\en_US\en_US.aff
%Program Files%\IEPro\spelldic\en_US\en_US.dic
%Program Files%\IEPro\spelldic\WordNet_license.txt
%Program Files%\IEPro\userscripts\BookBurro.ieuser.js
%Program Files%\IEPro\userscripts\DownloadVideo.ieuser.js
%Program Files%\IEPro\userscripts\FlickrRichEdit.ieuser.js
%Program Files%\IEPro\userscripts\GMailCssSkin.ieuser.js
%Program Files%\IEPro\userscripts\GoogleBlogSearch.ieuser.js
%Program Files%\IEPro\userscripts\GoogleImagesNF.ieuser.js
%Program Files%\IEPro\userscripts\GoogleLinkPreview.ieuser.js
%Program Files%\IEPro\userscripts\GoogleX.ieuser.js
%Program Files%\IEPro\userscripts\MyspaceCustomStyleRemover.ieuser.js
%Program Files%\IEPro\userscripts\MyspaceNotifier.ieuser.js
%Program Files%\IEPro\userscripts\RSS+AtomFeedSubscribeButtonGenerator.ieuser.js
%Program Files%\IEPro\userscripts\ShowPasswordOnMouseOver.ieuser.js
%Program Files%\IEPro\userscripts\YoutubeDarkGrayRedesign.ieuser.js
%Program Files%\IEPro\userscripts\YoutubeResizer.ieuser.js
%Program Files%\IEPro\userscripts\YoutubeVideoDownload.ieuser.js
%Program Files%\IEPro\uninst.exe
%Program Files%\IEPro\Lang.ini
%Program Files%\IEPro\mdmlang.ini

(Hinweis: %User Temp% ist der Ordner 'Temp' des aktuellen Benutzers, normalerweise C:\Dokumente und Einstellungen\{Benutzername}\Lokale Einstellungen\Temp unter Windows 2000, XP und Server 2003.. %Program Files%ist der Standardordner 'Programme', normalerweise C:\Programme.)

Andere Systemänderungen

Fügt die folgenden Registrierungsschlüssel hinzu:

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\{01815C98-84B5-4D03-A402-9558B43950EA}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\IE7Pro.DLL

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.IEbho.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.IEbho.1\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.IEbho

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.IEbho\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.IEbho\CurVer

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{00011268-E188-40DF-A514-835FCD78B1BF}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{00011268-E188-40DF-A514-835FCD78B1BF}\ProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{00011268-E188-40DF-A514-835FCD78B1BF}\VersionIndependentProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{00011268-E188-40DF-A514-835FCD78B1BF}\Programmable

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{00011268-E188-40DF-A514-835FCD78B1BF}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{00011268-E188-40DF-A514-835FCD78B1BF}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\
Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.CustomDlMgr.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.CustomDlMgr.1\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.CustomDlMgr

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.CustomDlMgr\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.CustomDlMgr\CurVer

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E173AFB2-5B1E-481C-9A76-82F60D0A21D4}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E173AFB2-5B1E-481C-9A76-82F60D0A21D4}\ProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E173AFB2-5B1E-481C-9A76-82F60D0A21D4}\VersionIndependentProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E173AFB2-5B1E-481C-9A76-82F60D0A21D4}\Programmable

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E173AFB2-5B1E-481C-9A76-82F60D0A21D4}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E173AFB2-5B1E-481C-9A76-82F60D0A21D4}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.GrabDragBtn.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.GrabDragBtn.1\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.GrabDragBtn

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.GrabDragBtn\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.GrabDragBtn\CurVer

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{CD275D4E-791A-4993-9D4D-6A071EDD2709}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{CD275D4E-791A-4993-9D4D-6A071EDD2709}\ProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{CD275D4E-791A-4993-9D4D-6A071EDD2709}\VersionIndependentProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{CD275D4E-791A-4993-9D4D-6A071EDD2709}\Programmable

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{CD275D4E-791A-4993-9D4D-6A071EDD2709}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{CD275D4E-791A-4993-9D4D-6A071EDD2709}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{000002a3-84fe-43f1-b958-f2c3ca804f1a}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.ToolsExt.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.ToolsExt.1\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.ToolsExt

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.ToolsExt\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.ToolsExt\CurVer

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B119EB0C-C021-46CF-85B0-34A760E0D5FE}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B119EB0C-C021-46CF-85B0-34A760E0D5FE}\ProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B119EB0C-C021-46CF-85B0-34A760E0D5FE}\VersionIndependentProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B119EB0C-C021-46CF-85B0-34A760E0D5FE}\Programmable

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B119EB0C-C021-46CF-85B0-34A760E0D5FE}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B119EB0C-C021-46CF-85B0-34A760E0D5FE}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{0026439F-A980-4f18-8C95-4F1CBBF9C1D8}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Ext\
PreApproved\{B119EB0C-C021-46CF-85B0-34A760E0D5FE}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{547E3434-7CF2-4805-9CEE-53624610D9C7}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{547E3434-7CF2-4805-9CEE-53624610D9C7}\1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{547E3434-7CF2-4805-9CEE-53624610D9C7}\1.0\
FLAGS

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{547E3434-7CF2-4805-9CEE-53624610D9C7}\1.0\
0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{547E3434-7CF2-4805-9CEE-53624610D9C7}\1.0\
0\win32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{547E3434-7CF2-4805-9CEE-53624610D9C7}\1.0\
HELPDIR

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D56C2004-5A52-457A-BDDA-593AACA5A89E}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D56C2004-5A52-457A-BDDA-593AACA5A89E}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D56C2004-5A52-457A-BDDA-593AACA5A89E}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D56C2004-5A52-457A-BDDA-593AACA5A89E}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{16C19134-8270-4334-B138-D8F68348D495}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{16C19134-8270-4334-B138-D8F68348D495}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{16C19134-8270-4334-B138-D8F68348D495}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{16C19134-8270-4334-B138-D8F68348D495}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{41893377-3483-43D4-9D56-C7A3C0D50A15}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{41893377-3483-43D4-9D56-C7A3C0D50A15}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{41893377-3483-43D4-9D56-C7A3C0D50A15}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{41893377-3483-43D4-9D56-C7A3C0D50A15}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4D42430E-D458-410B-B863-14EE88FC7983}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4D42430E-D458-410B-B863-14EE88FC7983}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4D42430E-D458-410B-B863-14EE88FC7983}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4D42430E-D458-410B-B863-14EE88FC7983}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
GrabPro.FindBar.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
GrabPro.FindBar.1\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
GrabPro.FindBar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
GrabPro.FindBar\CLSID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
GrabPro.FindBar\CurVer

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\ProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\VersionIndependentProgID

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\Programmable

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\InprocServer32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SOFTWARE\Microsoft\Windows

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SOFTWARE\Microsoft\Windows\
CurrentVersion

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SOFTWARE\Microsoft\Windows\
CurrentVersion\Ext

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SOFTWARE\Microsoft\Windows\
CurrentVersion\Ext\Settings

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SOFTWARE\Microsoft\Windows\
CurrentVersion\Ext\Settings\
{C55BBCD6-41AD-48AD-9953-3609C48EACC7}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SOFTWARE\Microsoft\Windows\
CurrentVersion\Ext\Settings\
{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\Flags

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\Implemented Categories

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\Implemented Categories\
{7DD95801-9882-11CF-9FA9-00AA006C42C4}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\Implemented Categories\
{7DD95802-9882-11CF-9FA9-00AA006C42C4}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8091D09E-B01D-4D32-AC66-BBF8916BB1CF}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8091D09E-B01D-4D32-AC66-BBF8916BB1CF}\1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8091D09E-B01D-4D32-AC66-BBF8916BB1CF}\1.0\
FLAGS

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8091D09E-B01D-4D32-AC66-BBF8916BB1CF}\1.0\
0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8091D09E-B01D-4D32-AC66-BBF8916BB1CF}\1.0\
0\win32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8091D09E-B01D-4D32-AC66-BBF8916BB1CF}\1.0\
HELPDIR

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B04D1BFE-5C70-4AB2-97A1-342A470F0862}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B04D1BFE-5C70-4AB2-97A1-342A470F0862}\ProxyStubClsid

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B04D1BFE-5C70-4AB2-97A1-342A470F0862}\ProxyStubClsid32

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B04D1BFE-5C70-4AB2-97A1-342A470F0862}\TypeLib

HKEY_LOCAL_MACHINE\SOFTWARE\IEPro

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
IE7Pro

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\
services\SharedAccess\Parameters\
FirewallPolicy\StandardProfile\AuthorizedApplications\
List

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{64374705-AFDE-4dec-AA16-3614F1A53F54}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{646D40CB-9519-4690-8CF8-111F78D5AC5A}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\App Paths\
IEProCx.exe

Fügt die folgenden Registrierungseinträge hinzu:

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\{01815C98-84B5-4D03-A402-9558B43950EA}
(Default) = IE7Pro

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\IE7Pro.DLL
AppID = {01815C98-84B5-4D03-A402-9558B43950EA}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.IEbho.1
(Default) = IE7Pro BHO

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.IEbho.1\CLSID
(Default) = {00011268-E188-40DF-A514-835FCD78B1BF}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.IEbho
(Default) = IE7Pro BHO

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.IEbho\CLSID
(Default) = {00011268-E188-40DF-A514-835FCD78B1BF}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.IEbho\CurVer
(Default) = IE7Pro.IEbho.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{00011268-E188-40DF-A514-835FCD78B1BF}
(Default) = IE7Pro BHO

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{00011268-E188-40DF-A514-835FCD78B1BF}\ProgID
(Default) = IE7Pro.IEbho.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{00011268-E188-40DF-A514-835FCD78B1BF}\VersionIndependentProgID
(Default) = IE7Pro.IEbho

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{00011268-E188-40DF-A514-835FCD78B1BF}\InprocServer32
(Default) = %Program Files%\IEPro\iepro.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{00011268-E188-40DF-A514-835FCD78B1BF}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{00011268-E188-40DF-A514-835FCD78B1BF}
AppID = {01815C98-84B5-4D03-A402-9558B43950EA}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{00011268-E188-40DF-A514-835FCD78B1BF}\TypeLib
(Default) = {547E3434-7CF2-4805-9CEE-53624610D9C7}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\
Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}
(Default) = IE7Pro

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.CustomDlMgr.1
(Default) = CustomDlMgr Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.CustomDlMgr.1\CLSID
(Default) = {E173AFB2-5B1E-481C-9A76-82F60D0A21D4}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.CustomDlMgr
(Default) = CustomDlMgr Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.CustomDlMgr\CLSID
(Default) = {E173AFB2-5B1E-481C-9A76-82F60D0A21D4}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.CustomDlMgr\CurVer
(Default) = IE7Pro.CustomDlMgr.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E173AFB2-5B1E-481C-9A76-82F60D0A21D4}
(Default) = CustomDlMgr Class

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E173AFB2-5B1E-481C-9A76-82F60D0A21D4}\ProgID
(Default) = IE7Pro.CustomDlMgr.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E173AFB2-5B1E-481C-9A76-82F60D0A21D4}\VersionIndependentProgID
(Default) = IE7Pro.CustomDlMgr

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E173AFB2-5B1E-481C-9A76-82F60D0A21D4}\InprocServer32
(Default) = %Program Files%\IEPro\iepro.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E173AFB2-5B1E-481C-9A76-82F60D0A21D4}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E173AFB2-5B1E-481C-9A76-82F60D0A21D4}
AppID = {01815C98-84B5-4D03-A402-9558B43950EA}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E173AFB2-5B1E-481C-9A76-82F60D0A21D4}\TypeLib
(Default) = {547E3434-7CF2-4805-9CEE-53624610D9C7}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer
DownloadUI = {E173AFB2-5B1E-481C-9A76-82F60D0A21D4}

HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer
DownloadUI = {E173AFB2-5B1E-481C-9A76-82F60D0A21D4}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.GrabDragBtn.1
(Default) = IE7Pro GrabDragBtn

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.GrabDragBtn.1\CLSID
(Default) = {CD275D4E-791A-4993-9D4D-6A071EDD2709}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.GrabDragBtn
(Default) = IE7Pro GrabDragBtn

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.GrabDragBtn\CLSID
(Default) = {CD275D4E-791A-4993-9D4D-6A071EDD2709}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.GrabDragBtn\CurVer
(Default) = IE7Pro.GrabDragBtn.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{CD275D4E-791A-4993-9D4D-6A071EDD2709}
(Default) = IE7Pro GrabDragBtn

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{CD275D4E-791A-4993-9D4D-6A071EDD2709}\ProgID
(Default) = IE7Pro.GrabDragBtn.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{CD275D4E-791A-4993-9D4D-6A071EDD2709}\VersionIndependentProgID
(Default) = IE7Pro.GrabDragBtn

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{CD275D4E-791A-4993-9D4D-6A071EDD2709}\InprocServer32
(Default) = %Program Files%\IEPro\iepro.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{CD275D4E-791A-4993-9D4D-6A071EDD2709}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{CD275D4E-791A-4993-9D4D-6A071EDD2709}
AppID = {01815C98-84B5-4D03-A402-9558B43950EA}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{CD275D4E-791A-4993-9D4D-6A071EDD2709}\TypeLib
(Default) = {547E3434-7CF2-4805-9CEE-53624610D9C7}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{000002a3-84fe-43f1-b958-f2c3ca804f1a}
(Default) = IE7Pro

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{000002a3-84fe-43f1-b958-f2c3ca804f1a}
CLSID = {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{000002a3-84fe-43f1-b958-f2c3ca804f1a}
ClsidExtension = {CD275D4E-791A-4993-9D4D-6A071EDD2709}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{000002a3-84fe-43f1-b958-f2c3ca804f1a}
ButtonText = IE7Pro Grab and Drag

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{000002a3-84fe-43f1-b958-f2c3ca804f1a}
MenuText = IE7Pro Grab and Drag

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{000002a3-84fe-43f1-b958-f2c3ca804f1a}
MenuStatusBar = IE7Pro Grab and Drag

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{000002a3-84fe-43f1-b958-f2c3ca804f1a}
Icon = %Program Files%\IEPro\iepro.dll,309

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{000002a3-84fe-43f1-b958-f2c3ca804f1a}
HotIcon = %Program Files%\IEPro\iepro.dll,309

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{000002a3-84fe-43f1-b958-f2c3ca804f1a}
MenuCustomize = Tools

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{000002a3-84fe-43f1-b958-f2c3ca804f1a}
Default Visible = yes

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.ToolsExt.1
(Default) = IE7Pro ToolsExt

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.ToolsExt.1\CLSID
(Default) = {B119EB0C-C021-46CF-85B0-34A760E0D5FE}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.ToolsExt
(Default) = IE7Pro ToolsExt

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.ToolsExt\CLSID
(Default) = {B119EB0C-C021-46CF-85B0-34A760E0D5FE}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
IE7Pro.ToolsExt\CurVer
(Default) = IE7Pro.ToolsExt.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B119EB0C-C021-46CF-85B0-34A760E0D5FE}
(Default) = IE7Pro ToolsExt

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B119EB0C-C021-46CF-85B0-34A760E0D5FE}\ProgID
(Default) = IE7Pro.ToolsExt.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B119EB0C-C021-46CF-85B0-34A760E0D5FE}\VersionIndependentProgID
(Default) = IE7Pro.ToolsExt

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B119EB0C-C021-46CF-85B0-34A760E0D5FE}\InprocServer32
(Default) = %Program Files%\IEPro\iepro.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B119EB0C-C021-46CF-85B0-34A760E0D5FE}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B119EB0C-C021-46CF-85B0-34A760E0D5FE}
AppID = {01815C98-84B5-4D03-A402-9558B43950EA}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{B119EB0C-C021-46CF-85B0-34A760E0D5FE}\TypeLib
(Default) = {547E3434-7CF2-4805-9CEE-53624610D9C7}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{0026439F-A980-4f18-8C95-4F1CBBF9C1D8}
(Default) = IE7Pro

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{0026439F-A980-4f18-8C95-4F1CBBF9C1D8}
CLSID = {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{0026439F-A980-4f18-8C95-4F1CBBF9C1D8}
ClsidExtension = {B119EB0C-C021-46CF-85B0-34A760E0D5FE}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{0026439F-A980-4f18-8C95-4F1CBBF9C1D8}
ButtonText = IE7Pro Preferences

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{0026439F-A980-4f18-8C95-4F1CBBF9C1D8}
MenuText = IE7Pro Preferences

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{0026439F-A980-4f18-8C95-4F1CBBF9C1D8}
MenuStatusBar = IE7Pro Preferences

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{0026439F-A980-4f18-8C95-4F1CBBF9C1D8}
Icon = %Program Files%\IEPro\iepro.dll,201

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{0026439F-A980-4f18-8C95-4F1CBBF9C1D8}
HotIcon = %Program Files%\IEPro\iepro.dll,201

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{0026439F-A980-4f18-8C95-4F1CBBF9C1D8}
MenuCustomize = Tools

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Extensions\{0026439F-A980-4f18-8C95-4F1CBBF9C1D8}
Default Visible = yes

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Ext\
PreApproved\{B119EB0C-C021-46CF-85B0-34A760E0D5FE}
(Default) = IE7Pro

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{547E3434-7CF2-4805-9CEE-53624610D9C7}\1.0
(Default) = IE7Pro 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{547E3434-7CF2-4805-9CEE-53624610D9C7}\1.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{547E3434-7CF2-4805-9CEE-53624610D9C7}\1.0\
0\win32
(Default) = %Program Files%\IEPro\iepro.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{547E3434-7CF2-4805-9CEE-53624610D9C7}\1.0\
HELPDIR
(Default) = ""

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D56C2004-5A52-457A-BDDA-593AACA5A89E}
(Default) = IIEbho

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D56C2004-5A52-457A-BDDA-593AACA5A89E}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D56C2004-5A52-457A-BDDA-593AACA5A89E}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D56C2004-5A52-457A-BDDA-593AACA5A89E}\TypeLib
(Default) = {547E3434-7CF2-4805-9CEE-53624610D9C7}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{D56C2004-5A52-457A-BDDA-593AACA5A89E}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{16C19134-8270-4334-B138-D8F68348D495}
(Default) = IToolsExt

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{16C19134-8270-4334-B138-D8F68348D495}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{16C19134-8270-4334-B138-D8F68348D495}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{16C19134-8270-4334-B138-D8F68348D495}\TypeLib
(Default) = {547E3434-7CF2-4805-9CEE-53624610D9C7}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{16C19134-8270-4334-B138-D8F68348D495}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{41893377-3483-43D4-9D56-C7A3C0D50A15}
(Default) = ICustomDlMgr

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{41893377-3483-43D4-9D56-C7A3C0D50A15}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{41893377-3483-43D4-9D56-C7A3C0D50A15}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{41893377-3483-43D4-9D56-C7A3C0D50A15}\TypeLib
(Default) = {547E3434-7CF2-4805-9CEE-53624610D9C7}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{41893377-3483-43D4-9D56-C7A3C0D50A15}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4D42430E-D458-410B-B863-14EE88FC7983}
(Default) = IGrabDragBtn

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4D42430E-D458-410B-B863-14EE88FC7983}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4D42430E-D458-410B-B863-14EE88FC7983}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4D42430E-D458-410B-B863-14EE88FC7983}\TypeLib
(Default) = {547E3434-7CF2-4805-9CEE-53624610D9C7}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4D42430E-D458-410B-B863-14EE88FC7983}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
GrabPro.FindBar.1
(Default) = Grab Pro

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
GrabPro.FindBar.1\CLSID
(Default) = {C55BBCD6-41AD-48AD-9953-3609C48EACC7}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
GrabPro.FindBar
(Default) = Grab Pro

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
GrabPro.FindBar\CLSID
(Default) = {C55BBCD6-41AD-48AD-9953-3609C48EACC7}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
GrabPro.FindBar\CurVer
(Default) = GrabPro.FindBar.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
(Default) = Grab Pro

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\ProgID
(Default) = GrabPro.FindBar.1

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\VersionIndependentProgID
(Default) = GrabPro.FindBar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\InprocServer32
(Default) = %Program Files%\IEPro\IEProRecorder.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\InprocServer32
ThreadingModel = Apartment

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\TypeLib
(Default) = {8091D09E-B01D-4D32-AC66-BBF8916BB1CF}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SOFTWARE\Microsoft\Windows\
CurrentVersion\Ext\Settings\
{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\Flags
(Default) = 4

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8091D09E-B01D-4D32-AC66-BBF8916BB1CF}\1.0
(Default) = Grab Pro 1.0 Type Library

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8091D09E-B01D-4D32-AC66-BBF8916BB1CF}\1.0\
FLAGS
(Default) = 0

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8091D09E-B01D-4D32-AC66-BBF8916BB1CF}\1.0\
0\win32
(Default) = %Program Files%\IEPro\IEProRecorder.dll

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{8091D09E-B01D-4D32-AC66-BBF8916BB1CF}\1.0\
HELPDIR
(Default) = ""

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B04D1BFE-5C70-4AB2-97A1-342A470F0862}
(Default) = IFindBar

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B04D1BFE-5C70-4AB2-97A1-342A470F0862}\ProxyStubClsid
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B04D1BFE-5C70-4AB2-97A1-342A470F0862}\ProxyStubClsid32
(Default) = {00020424-0000-0000-C000-000000000046}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B04D1BFE-5C70-4AB2-97A1-342A470F0862}\TypeLib
(Default) = {8091D09E-B01D-4D32-AC66-BBF8916BB1CF}

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{B04D1BFE-5C70-4AB2-97A1-342A470F0862}\TypeLib
Version = 1.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\App Paths\
IEProCx.exe
(Default) = %Program Files%\IEPro\IEProCx.exe

HKEY_LOCAL_MACHINE\SOFTWARE\IEPro
path = %Program Files%\IEPro\

HKEY_LOCAL_MACHINE\SOFTWARE\IEPro
ShowGrabPro = 1

HKEY_LOCAL_MACHINE\SOFTWARE\IEPro
ver = 2.5.1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
IE7Pro
DisplayName = IE7Pro

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
IE7Pro
UninstallString = %Program Files%\IEPro\uninst.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
IE7Pro
DisplayIcon = %Program Files%\IEPro\IEProCx.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
IE7Pro
DisplayVersion = 2.5.1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
IE7Pro
URLInfoAbout = http://www.i{BLOCKED}.com

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
IE7Pro
Publisher = IE7Pro Team

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\
services\SharedAccess\Parameters\
FirewallPolicy\StandardProfile\AuthorizedApplications\
List
%Program Files%\IEPro\MiniDM.exe = %Program Files%\IEPro\MiniDM.exe:*:Enabled:MiniDM

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{64374705-AFDE-4dec-AA16-3614F1A53F54}
AppName = IEProCx.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{64374705-AFDE-4dec-AA16-3614F1A53F54}
AppPath = %Program Files%\IEPro

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{64374705-AFDE-4dec-AA16-3614F1A53F54}
Policy = 3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{646D40CB-9519-4690-8CF8-111F78D5AC5A}
AppName = MiniDM.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{646D40CB-9519-4690-8CF8-111F78D5AC5A}
AppPath = %Program Files%\IEPro

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{646D40CB-9519-4690-8CF8-111F78D5AC5A}
Policy = 3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
IE7Pro
NSIS:Language = 1041

Lösungen

Mindestversion der Scan Engine: 9.850

SSAPI Pattern-Datei: 2.163.00

SSAPI Pattern veröffentlicht am: 04 April 2019

Step 1

Für Windows ME und XP Benutzer: Stellen Sie vor einer Suche sicher, dass die Systemwiederherstellung deaktiviert ist, damit der gesamte Computer durchsucht werden kann.

Step 3

Dateien erkennen und deaktivieren, die als Adware.Win32.OpenCandy.GISFM entdeckt wurden

[ learnMore ]

Für Windows 98 und ME Benutzer: Der Windows Task-Manager zeigt möglicherweise nicht alle aktiven Prozesse an. Verwenden Sie in diesem Fall einen Prozess-Viewer eines Drittanbieters, vorzugsweise Process Explorer, um die Malware-/Grayware-/Spyware-Datei zu beenden. Dieses Tool können Sie hier.
Wenn die entdeckte Datei im Windows Task-Manager oder Process Explorer angezeigt wird, aber nicht gelöscht werden kann, starten Sie Ihren Computer im abgesicherten Modus neu. Klicken Sie auf diesen Link, um alle erforderlichen Schritte anzuzeigen.
Wenn die entdeckte Datei nicht im Windows Task-Manager oder im Process Explorer angezeigt wird, fahren Sie mit den nächsten Schritten fort.

Step 4

Adware.Win32.OpenCandy.GISFM über die eigene Option zum Deinstallieren entfernen

[ learnMore ]

Den Grayware-Prozess deinstallieren

Step 5

Durchsuchen Sie Ihren Computer mit Ihrem Trend Micro Produkt, und löschen Sie Dateien, die als Adware.Win32.OpenCandy.GISFM entdeckt werden. Falls die entdeckten Dateien bereits von Ihrem Trend Micro Produkt gesäubert, gelöscht oder in Quarantäne verschoben wurden, sind keine weiteren Schritte erforderlich. Dateien in Quarantäne können einfach gelöscht werden. Auf dieser Knowledge-Base-Seite finden Sie weitere Informationen.

Nehmen Sie an unserer Umfrage teil

Adware.Win32.OpenCandy.GISFM

Überblick

Technische Details

Lösungen

Ressourcen

Support

Über Trend

Hauptniederlassung DACH

Adware.Win32.OpenCandy.GISFM

Überblick

Technische Details

Lösungen

Ressourcen

Support

Über Trend

Hauptniederlassung DACH

Nord-, Mittel- und Südamerika

Naher Osten und Afrika

Europa

Asien-Pazifik