• You've discovered RedGuides 📕 an EverQuest multi-boxing community 🛡️🧙🗡️. We want you to play several EQ characters at once, come join us and say hello! 👋
  • IS THIS SITE UGLY? Change the look. To dismiss this notice, click the X --->

Question - MQ .Exe random name and/or virus detection (obfuscation) (1 Viewer)

Myysterio

Myysterio
Joined
Jun 13, 2020
RedCents
1,516¢
I have been using RG for like 2 years now and today I got this warning for the first time. Just checking to see if its expected. It popped up when I launched MQ.

1652529089580.png
 
Solution
It's masking the exe in memory with a new name every load. Approve it and move on.

Mod edit: it is worth considering whitelisting your mq and EverQuest folders from things like scans and syncing. Help mq help you.
@Fearbringer I am back home and let's see if we can't get you through this.

As I mentioned above I had to add exceptions for

eqgame.exe
macroquest.exe
settings.dat
k0yzxr3g.exe


The last one on the list might be a different name on your system/installation. Look in your G:\RedGuides\MacroQuest directory. You should see an .exe funny letters and numbers that has the MQ icon in front of it. That is the one to exempt. If yours is the same name great but if not look for the exe with the MQ icon.

As far as settings, toggle the exemptions for Antivirus and check on all three selections (On-access scan, On-demand scan, Embedded scripts)

Also make sure the slider is on to exempt Advanced Threat Defense.

You will need to do that for each of the three exe files and dat I mentioned earlier.

For good measure, I also exempted the RedGuides folder and each of the three mentioned RedGuides file from Online Threat Prevention.

I hope this helps. I hope it is clear and not confusing. As I mentioned in the PM, trust me, I was frustrated until I was able to sort it out but now everything is smooth sailing.

Be well. Happy gaming.
 
Addendum:

I just looked at one of your previous screen shots. The file 1egHG5WX.exe looks like your equivalent of my k0yzxr3g.exe.

Be well. Keep the faith. Feel the power of automation. :)
 
The exe name is going to change.

The mq and eq folders should cover the stuff inside them, like the various files that will have name chqnges
 
The exe name is going to change.

The mq and eq folders should cover the stuff inside them, like the various files that will have name chqnges

You would think that to be true. Originally I tried to just exempt the folder off of the root directory but still had issues. When I started exempting specific files my troubles went away. Go figure. Maybe it is coincidence. Who knows.
 
Ok guys I think I got it to work. The entire folder had to be included, the specific folder didn't work for some reason. I tried it for each of the three exe files and dat but the entire folder had to be added. What a mess, but looks like it works now. How odd, it had been working just fine.

So logging in with RG works, but logging in just with EQ doesn't now.

Error 4-404

And now there is 2 LaunchPads. One for regular and one for Beta, and the one for Beta works just fine. When all this happened, I tried to download the file from the website, and now I have duplicates of everything it looks like.

So I ran the exe from the website and click on fix, and let me see if this works
 

Attachments

  • EQ ALone.png
    EQ ALone.png
    270.5 KB · Views: 5
  • LP.png
    LP.png
    18.5 KB · Views: 4
Last edited:
Ok, I can verify both issues are fixed. The 4-404 error was solved by re-downloading the launcher form the eq website and selecting fix when it prompted new install or fix.

I tried the suggested internet option fix and other mentioned fixes for the 4-404 error but the only fix is the aforementioned one.

As for BitDefender, see previous threads.

Summary was created for anyone with the same issues and the thread title changed to include error 4-404 for search results.

Thanks all!
 
Personally, I don't really have anything advanced for AV enabled on my PC. I don't use anything beyond simple options with all my program folders and storage excluded from real time protection. Never had a problem with getting a virus on my PC. And even if I ever do, I always have a weekly image of my PC ready to re-image if I needed too. Which means worst case scenario, 30 minutes of downtime, and I am back in business. I do all my browsing and experimentation when researching anything through a linux box either as a stand alone option, or through sandbox software. If you use your PC smartly, you shouldn't need all the AV bloat. My 2 cents.
 
Keep getting *Warning: Unable to write C:Users/------/eqgames.exe

I know it has something to do with anti virus and I looked in quarantine folder and it wasn't there? Thank you all for your help!

Update: Will leave this here in case anyone needs it - The solution AFTER you take the file OUT of quarantine is to reboot your computer to restore files.
 

Attachments

  • Screenshot 2022-10-30 090150.png
    Screenshot 2022-10-30 090150.png
    43.5 KB · Views: 3
I bought Bitdefender thinking it will keep my PC safe - what a mistake that was.
I am by no means a tech savvy guy - BitDefender has now taken my PC hostage lol, I cannot for the life of me to get Redguides launcher to work.
I have uninstalled and reinstalled the launcher - I have nothing in the quarantine folder and have uninstalled BitDefender from my PC but to yet no avail the launcher wont even load
Any ideas?!?!
My next step is to buy a new SSD and windows :argh:
 
This is just a shot in the dark, but try installing Red Guides as an Administrator or if that doesn't work, then try it normal.
If both of those fail, we'll have to start with some basic Stuff.

What version of windows are you on?
 
I bought Bitdefender thinking it will keep my PC safe - what a mistake that was.
I am by no means a tech savvy guy - BitDefender has now taken my PC hostage lol, I cannot for the life of me to get Redguides launcher to work.
I have uninstalled and reinstalled the launcher - I have nothing in the quarantine folder and have uninstalled BitDefender from my PC but to yet no avail the launcher wont even load
Any ideas?!?!
My next step is to buy a new SSD and windows :argh:
uhhhh that seems to be going hard..

not work, doesnt launch, doesnt update, wont login to validate? more details please :)
 
This is just a shot in the dark, but try installing Red Guides as an Administrator or if that doesn't work, then try it normal.
If both of those fail, we'll have to start with some basic Stuff.

What version of windows are you on?
I tried running as Admin and normal but to no success
I am running windows 10

See if you have any restore points before installing bit defender, if so you can try to do a rollback.
I checked for rollbacks and restore points ~ I only use this PC for EQ so i'm game for anything
 
Next up, do a full reboot (I know you've probally done this a few times already but just so we are working on the same page)

Then

Just to be on the safe side, turn off windows defender for a moment.

  1. Select Start and type "Windows Security" to search for that app.
  2. Select the Windows Security app from the search results, go to Virus & threat protection, and under Virus & threat protection settings select Manage settings.
  3. Switch Real-time protection to Off.
It turn back on after I wanna say 24 hours if you care...

Try starting it now
If it doesn't work, describe what does happen, do you get an error message just opens then close's... etc.
 
Next up, do a full reboot (I know you've probally done this a few times already but just so we are working on the same page)

Then

Just to be on the safe side, turn off windows defender for a moment.

  1. Select Start and type "Windows Security" to search for that app.
  2. Select the Windows Security app from the search results, go to Virus & threat protection, and under Virus & threat protection settings select Manage settings.
  3. Switch Real-time protection to Off.
It turn back on after I wanna say 24 hours if you care...

Try starting it now
If it doesn't work, describe what does happen, do you get an error message just opens then close's... etc.
I double click on the Redguides launcher and I get a User Account Control message asking if i want testrunner.exe to make changes to my device and i click YES but nothing happens
 
Ok so Bitdefender likes to block that and a bunch of other stuff so that might be sitting in an exclusion file... its looking like you have the same issue as this guy did: https://www.redguides.com/community/threads/a-veritable-bite-in-the-a.83364/
For the short term, lets try and turn off UAC and see what happens next. Depending on your level of comfort you might wanna turn that back up after we nail this down...

 
I merged this post into the other threads about bitfender. Please make sure to take time to check before posting as you'll end up robbing yourself of previously provided solutions.

don't rob yourself.

Bitdefender is super aggressive, which isn't a bad thing when it comes to antivirus. The first thing to do after you do your exemptions is to reboot. Then recover the files from your quarantine (or just redownload them).

do what knightly says here
 
While trying to install and run setup in EQ, I received this error message from Bitdefender, claiming that the following file was Malware 5Fjp68Hv.exe. Exact error is as follows:
Is this indeed an issue with the files I installed? Or a mistake and needed file?
 

Attachments

  • Error Message Screenshot 2023-11-24 025332.png
    Error Message Screenshot 2023-11-24 025332.png
    22 KB · Views: 1
its likely as intended to obfuscate the process name incase eq is reading process names

make sure you got your download directly from rg and not somewhere else. if you still feel unsure upload it to virustotal to get a better idea if whatever file it is is actually potentially problematic
 
re: firewall,
FWIW, off the top of my head I don't think there's any reason(?) for MQ exe itself to be able to access the internet. I'm not intimately familiar with the MQ codebase though so I may be wrong here.
Not to be confused with the RedGuides Launcher.

But this seems to be an antivirus issue, not firewall.
 
re: firewall,
FWIW, off the top of my head I don't think there's any reason(?) for MQ exe itself to be able to access the internet. I'm not intimately familiar with the MQ codebase though so I may be wrong here.
Not to be confused with the RedGuides Launcher.

But this seems to be an antivirus issue, not firewall.
It checks for updates
 
I have been using RG for like 2 years now and today I got this warning for the first time. Just checking to see if its expected. It popped up when I launched MQ.

View attachment 39887
@Myysterio

Season 9 Nbc GIF by The Office
 
Ok 2 small questions; Is the exe renaming done for each separate machine running it? Or one renaming for everyone? If just 1 for everyone, isn't that making it too easy for them (Daybreak) to multi-ban?
Yes. Each machine. Would defeat the purpose to have a unique exe if everyone had the same
 
I bought Bitdefender thinking it will keep my PC safe - what a mistake that was.
I am by no means a tech savvy guy - BitDefender has now taken my PC hostage lol, I cannot for the life of me to get Redguides launcher to work.
I have uninstalled and reinstalled the launcher - I have nothing in the quarantine folder and have uninstalled BitDefender from my PC but to yet no avail the launcher wont even load
Any ideas?!?!
My next step is to buy a new SSD and windows :argh:
Turn off computer, make a drink/get a beer an have a sit in a darkened room. If not calm/relaxed start over, repeat till good to go again. Do not damage undefended people or hardware. ;)
 
Question - MQ .Exe random name and/or virus detection (obfuscation)

Users who are viewing this thread

Back
Top