Search Results for 'virus'

[LyfoxParticipant]

Miqo also creates a new folder in your Windows Temp (%temp%\miqobot) and drops a few auxiliary dlls there. If your antivirus deletes them then Miqo cant function. Try whitelisting that folder as well.

(WARNING) I was corrupted! Please:
1. DO NOT RUN two different versions of Miqobot at the same time.
2. WHITELIST Miqobot application in your antivirus and firewall.
3. RESTART Miqobot after this.

The above was the message I got upon starting Miqobot.
1. I have not run two versions of Miqobot at the same time
2. I have whitelisted Miqobot in my antivirus and firewall.
3. I have deleted the original Miqobot files and redownloaded the file from this website multiple times.

And I still get this warning. Can anyone help please?

[AiKeymaster]

A reminder about antiviruses.

Since this is a new version of Miqobot, it may be flagged by your antivirus as False Positive because its signatute is not yet known. As it is stated in our FAQ section, Miqobot is not a virus but antiviruses are usually trained to sic at anything that tries to interact with other programs. Miqobot will make no attempt to fight your antivirus.

Please remember to whitelist your Miqobot application after download. Thank you!

[MiqobotKeymaster]

Miqobot saves your settings and presets in these files:

• settings.miqo
• presets.miqo
• catnip.license

They are generated when you first start Miqobot and are automatically updated when you close Miqobot.

Do you see these files being created and updated next to your Miqobot application?
If not, then something is blocking her from saving your settings.
Please try the following solutions:

1. Try running Miqobot as Administrator.
2. Try moving Miqobot to a different folder.
3. Make sure that Miqobot has full write access to the folder she resides in.
4. Make sure that your antivirus and firewall do not interfere with Miqobot.

[NepNepParticipant]

akiyuki wrote:

I’m sorry but no, things aren’t identified as a Trojan unless they meet specific criteria. Windows Defender and other Virus scanners don’t flag things unless the things embedded within the code match known threats.

The specific trojan being reported with this release of Miqobot indicates key logging, backdoor access to the PC and remote installation of software capabilities. There are a ton of apps on the internet that do key logging without being classified as a trojan. Whatever approach they’re using that is indicating potential remote access to the systems is a huge red flag. Or at a minimum provide a technical reason on what they are doing, how they are doing (without giving away proprietary information) to help.

Developers staying quiet on the issue and the community pushing for people to just “whitelist and move on” is how bot nets are formed across the internet. It happens all of the time with trusted software. I won’t renew my license without the code being changed to be less intrusive or the developer openly share what’s going on to cause it.

It is far more complicated the that.

The reason windows flags Miqo is because of the way it does key presses to emulate human input, to avoid Bot detection in the game.

Any program that reads your keys and can simulate key presses, with out a digital signature from Microsoft is going to get flagged. And Miqo would not be able to get a Digisig from Microsoft given the nature of their software.

This has been a thing since forever with miqobot, the reason why it is showing up more is microsoft is pushing new updates in the past few months that are increasing the level of reading it can detect for those programs access this specfic set of .dll.

Any bot program that simulates key presses is going to trigger this. Peroid. And thats far more preferable then a bot that injects cause those ARE detactable by most games that have basic anticheat.

So sit there and try to slander the bot when you have no basis other then to, what apepars be a troll.

As to why I am responding this way, I am a 6+ years cybersecurity manager, I deal with Windows defender and its systems intergration on a daily basis as a part of enterprise security. It’s also why we typically rely on 3rd party AV because windows applies this new blanket inclusion only via digisig.

Did you know RPG maker also gets flagged on my system because of how it access my GPU drivers? One of the most used single party in home rpg maker tools is now a virus by your logic.

Just because “Microsoft” flags it, doesnt mean they are all knowing. It simply means its doing somehting they would prefer things not to do normally.

Edit: I felt I needed to post this because honestly theres this huge misunderstanding that defender is an AV, and its not, its meant to protect windows first, you second, anything that manipulates windows core .dll makes Microsoft nervous because it can come back to them as an exploit.

• This reply was modified 11 months, 1 week ago by  NepNep.
• This reply was modified 11 months, 1 week ago by  NepNep.
• This reply was modified 11 months, 1 week ago by  NepNep.

[akiyukiParticipant]

Devs answered this openly probably a hundred times by now and you can do a quick search on forum to find the answers you need: https://miqobot.com/forum/forums/search/virus/

I did do a search, every result I looked at (and double checked again this morning) didn’t actually say why. The community says “just whitelist” and the developer said “we can’t get the virus vendors to update their code”. Nothing actually said what specifically the app is doing that would cause a scanner to pick up backdoor risks, how their key logging is working etc. For example – is keylogging happening OS-wide, or is it limited to just the ffxiv_dx11.exe process? If it’s limited to just the ffxiv_dx11.exe process, then I would keep using it no problem. The search results, nor the FAQ, answer things like this.

And im pretty sure they wont bother going out of a bomb shelter just to force one more player to renew a license.

I love the tool, I’ve followed their struggles with the invasion and the challenges they face trying to keep it on life support. Thus why I searched before posting, hoping that in the past they had at least disclosed a technical reason. I wish the devs well and hope they stay safe and the war ends quickly so they can stop fearing for their lives. I don’t think anywhere in my post I said “risk your lives and make this change right now”. I just said I’ll not use it until clarity is provided or code is changed. If they choose to not change it at any point in the future, or choose not to disclose technical reasons like mentioned above, that’s no big deal. To each their own and we move on

Cheers!

[MiqobotKeymaster]

A reminder about antiviruses.

Since this is a new version of Miqobot, it may be flagged by your antivirus as False Positive because its signatute is not yet known. As it is stated in our FAQ section, Miqobot is not a virus but antiviruses are usually trained to sic at anything that tries to interact with other programs. Miqobot will make no attempt to fight your antivirus.

Please remember to whitelist your Miqobot application after download. Thank you!

[MiqobotKeymaster]

Thank you for your opinion very much.
Miqobot Team is already doing everything possible to alleviate the issue with antiviruses.

We always inform antivirus vendors about False Positives, and Miqobot project is also subscribed to premium VirusTotal services that send automatic notifications to them.
If you upload Miqobot to VirusTotal, you may notice that our executables are published in the VirusTotal Monitor collection:
https://www.virustotal.com/gui/file/d80f91b000bce773233c41b4808a384f0bbbf0d993117755c0d8728e907a32cf

However, we have no affiliation with antivirus vendors and have no access to their source code, therefore we can not help them fix this problem. It’s entirely up to them when and how to address it.

[LyfoxParticipant]

Oh no nobodys forcing you to buy anything. Its just that this issue is so old and has been talked over so much that its getting boring. Devs answered this openly probably a hundred times by now and you can do a quick search on forum to find the answers you need: https://miqobot.com/forum/forums/search/virus/

And in case you havent been following the news. Miqo devs are from Ukraine, they are living in a war zone. They stopped changing the code on the day Russia invaded. The bot is currently on life support. Miqo devs are keeping it alive only because there are people who still need it and dont want it to die. And im pretty sure they wont bother going out of a bomb shelter just to force one more player to renew a license.

[akiyukiParticipant]

I’m sorry but no, things aren’t identified as a Trojan unless they meet specific criteria. Windows Defender and other Virus scanners don’t flag things unless the things embedded within the code match known threats.

The specific trojan being reported with this release of Miqobot indicates key logging, backdoor access to the PC and remote installation of software capabilities. There are a ton of apps on the internet that do key logging without being classified as a trojan. Whatever approach they’re using that is indicating potential remote access to the systems is a huge red flag. Or at a minimum provide a technical reason on what they are doing, how they are doing (without giving away proprietary information) to help.

Developers staying quiet on the issue and the community pushing for people to just “whitelist and move on” is how bot nets are formed across the internet. It happens all of the time with trusted software. I won’t renew my license without the code being changed to be less intrusive or the developer openly share what’s going on to cause it.

[LyfoxParticipant]

Just whitelist it and move on. Always happens after every patch: https://miqobot.com/forum/forums/topic/virustrojan-win32wacatac-bml/

[MiqobotKeymaster]

Yes, this always happens with every new version release.
False Positive is a bug in antivirus, but since we have no affiliation with antivirus vendors and have no access to their source code we can not help them fix it.

This is why there is a special entry in our FAQ section.

Even if you did not experience this problem before, it doesn’t mean that you never will. Antiviruses are updated often and each update has a chance to introduce a new false positive bug.
We highly recommend to report this behavior to your antivirus vendor.

After downloading the 6.4 update for Miqobot, I’m getting multiple virus warnings for the executable, past the “unknown developer” error.

[zebbyParticipant]

For some unknown reason, shortly after you responses (thank you) it no longer was detecting a virus and I got the usual warning which you can then bypass, and the bot installed itself.

Many thansk for the replies

[MiqobotKeymaster]

Most likely, your antivirus has downloaded a new update which introduced a new False Positive.
Even if you did not experience this problem before, it doesn’t mean that you never will. Antiviruses are updated often and each update has a chance to introduce a new False Positive bug.

Please whitelist your Miqobot application and report this behavior to your antivirus vendor.

If you require additional assistance, please contact our Tech Support directly:
https://miqobot.com/#support