Should I block it?

34%
34% of PCs block this file from running.

VersionsAdditional versions

1, 0, 0, 29 3.23%
1, 0, 0, 29 16.13%
1, 0, 0, 29 3.23%
1, 0, 0, 29 19.35%
1, 0, 0, 29 3.23%
1, 0, 0, 29 29.03%
1, 0, 0, 29 3.23%
1, 0, 0, 29 3.23%
1, 0, 0, 29 3.23%
1, 0, 0, 29 3.23%
1, 0, 0, 29 9.68%
1, 0, 0, 29 3.23%
(Note, KORAM GAMES LIMITED publishes each variation of this file with the same version, but the hashes are unique.)

Relationships


PE structurePE file structure

Show functions
Import table
advapi32.dll
RegEnumKeyExA, RegQueryInfoKeyA, RegDeleteKeyA, RegCreateKeyExA, RegOpenKeyA, RegQueryValueExA, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, OpenProcessToken, LookupPrivilegeValueA, AdjustTokenPrivileges, RegSetValueExA, RegOpenKeyExA, RegCloseKey, RegDeleteValueA, IsTextUnicode
gdi32.dll
SaveDC, RestoreDC, MoveToEx, LineTo, GetTextExtentPoint32A, GetTextMetricsA, GetRgnBox, CreateSolidBrush, CombineRgn, ExtCreateRegion, CreateDIBSection, SetBkColor, ExtTextOutA, CreatePen, CreateBrushIndirect, BitBlt, RoundRect, SetTextColor, SetBkMode, CreateCompatibleDC, CreateCompatibleBitmap, SelectObject, GetDeviceCaps, DeleteDC, DeleteObject, GetObjectA, PatBlt, GetStockObject, CreateFontIndirectA
kernel32.dll
DllMain
msimg32.dll
GradientFill
ole32.dll
CoCreateGuid, CoInitialize, CoCreateInstance, CoUninitialize, OleInitialize, OleUninitialize, CoTaskMemAlloc, CoTaskMemRealloc, CoTaskMemFree, StringFromGUID2, OleLockRunning, CoGetClassObject, CLSIDFromProgID, CLSIDFromString, ReleaseStgMedium, RegisterDragDrop, CreateStreamOnHGlobal
shell32.dll
SHGetMalloc, SHGetPathFromIDListA, SHCreateDirectoryExA, SHGetSpecialFolderPathA, ExtractIconExA, SHBrowseForFolderA, ShellExecuteA, ShellExecuteExA, SHGetSpecialFolderLocation
shlwapi.dll
StrStrA, StrStrIA, StrCmpNIA
user32.dll
GetMonitorInfoA, SetActiveWindow, SetTimer, ClientToScreen, SetWindowTextA, DispatchMessageA, PeekMessageA, GetSysColor, DrawFocusRect, GetClassNameA, GetWindowThreadProcessId, CharNextA, LoadImageA, DrawTextA, DrawFrameControl, GetDesktopWindow, DestroyIcon, GetWindowDC, EndPaint, BeginPaint, DrawIconEx, MonitorFromPoint, GetCursorPos, WindowFromPoint, ReleaseCapture, SetCapture, GetSystemMetrics, TrackPopupMenu, EnableMenuItem, OffsetRect, PostQuitMessage, wsprintfA, PtInRect, wsprintfW, LoadStringW, EnableScrollBar, InvalidateRect, UpdateWindow, ScreenToClient, GetWindowTextA, SetForegroundWindow, GetClassInfoExA, RegisterClassExA, EqualRect, SetRect, GetActiveWindow, SetFocus, CallWindowProcA, GetDlgItem, EndDialog, GetWindow, GetClientRect, SendDlgItemMessageA, SystemParametersInfoA, GetScrollInfo, SetScrollInfo, GetUpdateRect, IsWindowVisible, KillTimer, SetWindowRgn, IsRectEmpty, IntersectRect, IsWindowEnabled, UnregisterClassA, GetComboBoxInfo, GetKeyState, TranslateMessage, SetDlgItemTextA, SetDlgItemInt, GetDlgItemTextA, GetDlgItemInt, RegisterWindowMessageA, CreateAcceleratorTableA, DestroyAcceleratorTable, IsChild, RedrawWindow, InvalidateRgn, GetWindowTextLengthA, GetDlgCtrlID, GetCapture, SetRectEmpty, ReleaseDC, GetDC, DefWindowProcA, LoadCursorA, DialogBoxParamA, CreateWindowExA, DestroyWindow, GetFocus, MapWindowPoints, LoadMenuA, GetSubMenu, SetMenuItemInfoA, TrackPopupMenuEx, DestroyMenu, SetCursor, GetParent, LoadStringA, GetWindowLongA, SetWindowPos, IsWindow, MessageBoxA, ShowWindow, GetWindowRect, MoveWindow, SendMessageA, PostMessageA, SetWindowLongA, MsgWaitForMultipleObjects, FillRect
wininet.dll
InternetCloseHandle, InternetGetLastResponseInfoA, InternetCrackUrlA, InternetOpenA, InternetConnectA, HttpOpenRequestA, HttpSendRequestExA, HttpEndRequestA, HttpSendRequestA, HttpQueryInfoA, InternetReadFile
ws2_32.dll
WSASend, WSASocketA, WSAIoctl, WSAAccept, WSARecv
Export table
CreateGrabProInstance
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

GrabPro.dll

Grab Pro by KORAM GAMES LIMITED (Signed)

Remove GrabPro.dll
Version:   1, 0, 0, 29
MD5:   7f5e2ec0b57d77de8b10b9679c73cb86
SHA1:   dda73822c6c5f3b2a67a3c2087de18e4585a5dad

Overview

grabpro.dll is loaded as dynamic link library that runs in the context of Internet Explorer. It is marked as a Safe for Scripting ActiveX control for IE which allows it to execute scripts within the web browser which is allowed becuase the module is digitall signed. It is installed with a couple of know programs including Orbit Downloader published by www.orbitdownloader.com and Orbit Downloader 4.1.0.0 published by Novin Pendar Co. Ltd.. The file is digitally signed by KORAM GAMES LIMITED which was issued by the VeriSign certificate authority (CA).

DetailsDetails

File name:grabpro.dll
Product name:Grab Pro
Typical file path:C:\Program Files\orbitdownloader\grabpro.dll
File version:1, 0, 0, 29
Size:679.69 KB (696,000 bytes)
Build date:9/11/2013 2:11 AM
Certificate
Issued to:KORAM GAMES LIMITED
Authority (CA):VeriSign
Expiration date:Saturday, December 12, 2009
Digital DNA
PE subsystem:Windows GUI
File packed:No
.NET CLR:No
More details

ResourcesPrograms

The following programs will install this file
Novin Pendar Co. Ltd.
1% remove

BehaviorsBehaviors

Internet Explorer toolbars
Located in the registry at 'SOFTWARE\Microsoft\Internet Explorer\Toolbar'
  • CLSID: {C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Internet Explorer web browsers
Located in the registry at 'SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser'
  • CLSID: {C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Safe for scripting controls
Marked as a safe ActiveX control for Internet Explorer (digitally signed with script execution permission)
  • Implemented as 'CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}'
Safe for initializing controls
  • {C55BBCD6-41AD-48AD-9953-3609C48EACC7}

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Microsoft Windows XP 32.26%
Windows 7 Ultimate 25.81%
Windows 7 Professional 22.58%
Windows 8 Pro 9.68%
Windows 7 Home Premium 6.45%
Windows 8 3.23%

Distribution by countryDistribution by country

United States installs about 30.00% of Grab Pro.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Hewlett-Packard 37.50%
Toshiba 25.00%
GIGABYTE 25.00%
Dell 12.50%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE