[Update] ArjanDotOrg Toolbar Build 20050711

[ArjanDotOrg]

ArjanDotOrg Toolbar Build 20050711


Overview :

It's free, it contains NO spyware or viruses, does NOT open pop-ups or
hijack your searches, and NO personal information is required. It just
helps you to get quick access to the best freeware on the internet, it
presents you the 20 latest freeware-updates as listed at SnapFiles, it
blocks pop-ups, and provides quick searches with Google, and other
great search engines. Just download it, run the installer and you're
ready to discover the best freeware available.

What's New:

- Bundled Pricelessware Links & Other resources to 2 buttons
- Added pop-up killer.
- Added SnapFiles '20 Latest Freeware' RSS-Feed
- Added logo to search results

Homepage: http://www.arjan.org/
Download: http://www.effectivebrand.com/LandingPage.aspx/CT61652


Kind regards,

_____
Arjan

E-mail: (e-mail address removed) (remove NOSPAM)
Homepage: Arjan.org's Absolute Freeware Links (http://www.arjan.org)

 

[John Corliss]

ArjanDotOrg Toolbar Build 20050711


Overview :

It's free, it contains NO spyware or viruses, does NOT open pop-ups or
hijack your searches, and NO personal information is required. It just
helps you to get quick access to the best freeware on the internet, it
presents you the 20 latest freeware-updates as listed at SnapFiles, it
blocks pop-ups, and provides quick searches with Google, and other
great search engines. Just download it, run the installer and you're
ready to discover the best freeware available.

What's New:

- Bundled Pricelessware Links & Other resources to 2 buttons
- Added pop-up killer.
- Added SnapFiles '20 Latest Freeware' RSS-Feed
- Added logo to search results

Homepage: http://www.arjan.org/
Download: http://www.effectivebrand.com/LandingPage.aspx/CT61652

Arjan,
So... this is a browser helper object? Even if it's benign (and I'm
sure it is 80)>), I would have to enable BHOs:

Tools
Internet Options...
Advanced
Enable third-party browser extensions [requires restart])

in IE in order to use it. That would contribute to opening me up to BHO
attacks.

Or am I missing something?

 

[ArjanDotOrg]

Arjan,

So... this is a browser helper object? Even if it's benign (and I'm
sure it is 80)>), I would have to enable BHOs:

Tools
Internet Options...
Advanced
Enable third-party browser extensions [requires restart])

in IE in order to use it. That would contribute to opening me up to BHO
attacks.

Or am I missing something?

--
Regards from John Corliss
I don't reply to trolls. No adware, cdware, commercial software,
crippleware, demoware, nagware, PROmotionware, shareware, spyware,
time-limited software, trialware, viruses or warez please.

I don't know, to be honest, if it works that way.
For me it's very useful when using IE instead of FF. And maybe other
people like it too.
Just install it if you want, and if you don't want it, leave it, or
make you own toolbar.
It's that simple...


Kind regards,

_____
Arjan

E-mail: (e-mail address removed) (remove NOSPAM)
Homepage: Arjan.org's Absolute Freeware Links (http://www.arjan.org)

 

[John Corliss]

Arjan,
So... this is a browser helper object? Even if it's benign (and I'm
sure it is 80)>), I would have to enable BHOs:

Tools
Internet Options...
Advanced
Enable third-party browser extensions [requires restart])

in IE in order to use it. That would contribute to opening me up to BHO
attacks.

Or am I missing something?

I don't know, to be honest, if it works that way.
For me it's very useful when using IE instead of FF. And maybe other
people like it too.
Just install it if you want, and if you don't want it, leave it, or
make you own toolbar.
It's that simple...

Understood. Just expressing a concern and wondering if you knew if it
was valid. As for me, I'll leave the option turned off and not install
any BHOs. Too bad though, because your toolbar looks like a real good
one. Comparable to the Prefbar extension for Mozilla products.

 

[dak]

So... this is a browser helper object? Even if it's benign (and I'm
sure it is 80)>), I would have to enable BHOs:

I'm not quite so sure, regardless of EffectiveBrand's claims.
Out of curiosity I downloaded the toolbar. I unpacked the
self-extracting/installing archive and looked through the eleven files
it contained. I didn't note anything unusual, however, I have limited
knowledge in this area and had limited time for investigating, so it
is quite possible I missed something (if there was something to miss).
I did find one CLSID and ran it through my resources, but it showed
benign (it had to do with installing and setting the shortcut).
Next I installed the toolbar and checked with BHO DEMON, it showed
nothing out of the ordinary for my system. I did find this slightly
puzzling, as I was expecting to find an entry for it. I ran
HijackThis and the only extra entry was this:

O3 - Toolbar: ArjanDotOrg toolbar -
{eba5cdfb-c3a5-4121-b5a2-fe00007d7e9f} - C:\PROGRAM
FILES\ARJANDOTORG\TBARJA.DLL

Running that CLSID through my resources yielded nothing.
Next, I investigated the files installed in the program's folder,
paying particular attention to the INSTALL.LOG. There I found another
CLSID:

RegDB Key: Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
RegDB Val:
RegDB Name: {53CBEE82-D747-11D3-9ED0-005004189684}
RegDB Root: 1

A check of the registry showed it did not exist at the specified
location. A search of the registry located the CLSID at:

HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX
Compatibility\

with the killbit set. A check shows it to be in SpywareBlaster's
database as a "UCMore variant" and CastleCops shows this:

BHO/CLSID/Toolbar Deep Dive
GUID : {53CBEE82-D747-11d3-9ED0-005004189684}
Filename : Ucmie.dll
BHO Name :
Status : X TB
Description: UCmore toolbar

The "X" in status meaning "Certified spyware/foistware, or other
malware," and the "TB" meaning, of course, "Toolbar." I was able to
corroborate this information using the toolbar list at SysInfo.
A check of my system showed that the "ucmie.dll" file did not exist,
but then its CLSID is blocked.
I didn't try using the toolbar and have already uninstalled and wiped
it from my system. I don't have the time or inclination to research
this any further, but that's enough "evidence" for me that I wouldn't
use or trust it.
It seems your reluctance in installing it may be well founded.

 

[John Corliss]

I'm not quite so sure, regardless of EffectiveBrand's claims.
Out of curiosity I downloaded the toolbar. I unpacked the
self-extracting/installing archive and looked through the eleven files
it contained. I didn't note anything unusual, however, I have limited
knowledge in this area and had limited time for investigating, so it
is quite possible I missed something (if there was something to miss).
I did find one CLSID and ran it through my resources, but it showed
benign (it had to do with installing and setting the shortcut).
Next I installed the toolbar and checked with BHO DEMON, it showed
nothing out of the ordinary for my system. I did find this slightly
puzzling, as I was expecting to find an entry for it. I ran
HijackThis and the only extra entry was this:

O3 - Toolbar: ArjanDotOrg toolbar -
{eba5cdfb-c3a5-4121-b5a2-fe00007d7e9f} - C:\PROGRAM
FILES\ARJANDOTORG\TBARJA.DLL

Running that CLSID through my resources yielded nothing.
Next, I investigated the files installed in the program's folder,
paying particular attention to the INSTALL.LOG. There I found another
CLSID:

RegDB Key: Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
RegDB Val:
RegDB Name: {53CBEE82-D747-11D3-9ED0-005004189684}
RegDB Root: 1

A check of the registry showed it did not exist at the specified
location. A search of the registry located the CLSID at:

HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\ActiveX
Compatibility\

with the killbit set. A check shows it to be in SpywareBlaster's
database as a "UCMore variant" and CastleCops shows this:

BHO/CLSID/Toolbar Deep Dive
GUID : {53CBEE82-D747-11d3-9ED0-005004189684}
Filename : Ucmie.dll
BHO Name :
Status : X TB
Description: UCmore toolbar

The "X" in status meaning "Certified spyware/foistware, or other
malware," and the "TB" meaning, of course, "Toolbar." I was able to
corroborate this information using the toolbar list at SysInfo.
A check of my system showed that the "ucmie.dll" file did not exist,
but then its CLSID is blocked.
I didn't try using the toolbar and have already uninstalled and wiped
it from my system. I don't have the time or inclination to research
this any further, but that's enough "evidence" for me that I wouldn't
use or trust it.
It seems your reluctance in installing it may be well founded.

That's might interesting all right. However, I just want to clarify that
my actual reluctance is in enabling, installing or using *any* third
party browser extensions. That policy has served me well for a long time.

What kind of resources are you using to identify CLSIDs?

 

[dak]

What kind of resources are you using to identify CLSIDs?

Trusted ones.... ;o)

 

[John Corliss]

Trusted ones.... ;o)

Okay, ya got me. What I meant was, what particular websites do you use
to identify CLSIDs.

I see these websites:

http://castlecops.com/CLSID.html
http://www.spywaredata.com/spyware/bho.php
http://www.sysinfo.org/bholist.php

Or do you use a particular program to help identify them and if so,
which program?