Jump to content

Mcbar


Recommended Posts

  • Replies 218
  • Created
  • Last Reply

Top Posters In This Topic

  • 1 month later...
  • 8 months later...
  • 11 months later...

Sorry to bump this topic, I know this project is mostly dead by now, but:

Leopard skin for McBar v0.0.1.38

In my opinion, McBar is much like Rosie but more stable, and it lists window icons in window list... but the window list is appended to app's system menu... also app name is got from either window title or product version info... maybe I can solve this with an API hook into GetWindowText... but I'm considering other options yet.

Link to post
  • 1 month later...

McAfee finds trojan in it. and mcafee is a very good anti-virus.

EDIT: hmm, that's weird. i re-downloaded it and it doesn't find any trojan, but i can't get it to work. it says: "this application has failed to start because mcbrhook.dll was not found. re-installing the application may fix this problem." help????

EDIT (again :)): it looks like every time i download it, mcafee automatically removes mcbrhook.dll and i can't use it then. can someone send me mcbrhook.dll?

Edited by cjborodin
Link to post

Man, i Know that Avast! is not the best AV, but He also have Founded a trojan @ the file stored in osx-e:

File: http://www.osx-e.com/files/applications/mb138.zip\McBar.v.0.0.1.38\mcbrhook.dll
MalWare: Win32:Trojan-gen {Other}

... Double results, double care. this is sad but is the true.

BTW, Matonga's file is OK. :D

Link to post

This one is from my hard drive, downloaded maybe April 2009.

http://matias.securityconsultant.com.ar/mcbrhook.rar

I scanned the .dll with latest AVG Free Edition, no virus can be so old and raise a trojan alarm. :P

BTW "Win32:Trojan-gen {Other}" it really looks like a false alarm! this should be informed to McAfee & Avast. Please remember McBar will use invasive, trojan-like techniques to inject itself into other processes, in order to get their windows menus (there is no other way to do it, so).

Link to post
  • 2 weeks later...
  • 1 month later...

Hi all. (-- Who's that guy? -- Shhh, its McBar's author!) Sorry, guys who 'found' a trojan in distribution. I have informed all of you once before in this thread, that it's a false positive. I don't know exactly how I managed to produce a false-trojan binary, but it was considered trojan even after a few recompilations, compressions and resource editing. Yet it's not a trojan, it's a very simple but powerful hook library in the manner of "anti-AV-malware" popular at the compilation time. The trojans at that time protected themselves from being scanned and deleted by tapping into antivirus windows and killing 'em. My DLL taps into programs and has an option to kill 'em (when you press the Close button), but it does this all on your demand only, see the difference?

The last time when I wrote about the AV' misbehaviours and false positives, I offered all of you the source code of that library to inspect it and compile by yourself (to get the same result). I still don't have any objections to provide the source code on your demand, BUT it's been YEARS since that time, so I cannot even guarantee I can find that source code (but I'll try if you ask me).

I understand, that now, after so many years, after 2 new versions of Windows, after 3 XP service packs and a couple of AV generations (and a couple hundreds of virus generations) the techniques I used in McBar are utterly obsolete and hence I officially disrecommend anyone using Windows newer than XP SP1 to install and try McBar. It's sad, but we all have to admit - oldware and deadware is no good for you, your peace of mind and your computer, of course. I don't actually know anything to recommend you guys instead of McBar. There are some developers wandering around, ask them to do something similar (I promised a hooking code + there's so much eye-candy techs nowadays like Adobe AIR or WPF). I don't have a time to continue McBar, I don't have a new PC, I don't have a fresh Windows or Visual Studio, so McBar is gone. Sorry again.

Edited by RIMMER
Link to post
  • 1 year later...

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now

×
×
  • Create New...