Topics

FIRMWARE UPDATE ISSUE IDENTIFIED WITH ANTI-VIRUS SOFTWARE #ExploreScientific #iexos-100 #G11 #EXOS2 #TECHNICAL

Jerry Hubbell - Explore Scientific VP Engineering
 

AN ISSUE HAS BEEN IDENTIFIED THAT MAY OCCUR WHEN UPDATING THE FIRMWARE ON THE PMC-EIGHT SYSTEM

We have seen a couple of times in our testing when using a Windows 10 Machine to update the firmware via the PMC-Eight Configuration Manager that the update will bomb out in the middle of the VERIFYIING RAM portion of the update. This appears to be a rare and isolated event.
 
The process is as follows when the PMC-Eight Configuration Manager is doing the firmware update:

1)   CHECKING COMX
2)   Propeller Chip Version 1 Found on COMX
3)   LOADING RAM
4)   VERIFYING RAM
5)   LOADING EEPROM
6)   VERIFYING EEPROM
7)   SUCCESSFUL COMPLETION

We found out today that the problem is caused by the ANTI-VIRUS Software installed on the Windows 10 machine. For some reason it interrupts the communication during this portion of the process.  

THIS INTERRUPTION OF THE FIRMWARE LOADING PROCESS DOES NOT LEAVE YOUR SYSTEM UNUSABLE, OR "BRICK" THE SYSTEM.

We found that by disabling the anti-virus software the process was then able to successfully complete the firmware update.
This seems to be a pretty rare occurrence but you may see it on your system.

We request that you please let us know if you see this issue on your machine and report what anti-virus software you are using.

Thank You for your continued support of the PMC-Eight System.
--
Jerry Hubbell
Vice President of Engineering

Explore Scientific, LLC.
jrh at explorescientific.com

www.explorescientificusa.com
1010 S. 48th Street
Springdale, AR 72762
1-866-252-3811

Author: Scientific Astrophotography: How Amateurs Can Generate and Use Professional Imaging Data
             Remote Observatories for Amateur Astronomers: Using High-Powered Telescopes From Home


Mark Slade Remote Observatory (MSRO) IAU MPC W54 Equipment
Wilderness, VA
Mounts
: ES PMC-Eight G11 + Telescope Drive Master (TDM)
Scopes: ES 165 FPL-53 ED APO CF, ES 102 FCD100 ED APO CF
Cameras:  QHY174M-GPS + FW, QHY163C
Misc: 3-inch 0.7x Focal Reducer Field Flattener, Filters: Luminance,
Red, V-band Photometric, Diffuser, 200 lpmm Spectral Grating

Software: MaxIm DL 6, Cartes du Ciel, Astrometrica, AstroImageJ, AutoStakkert!

@Astoft
 

My antivirus program Kasperski from www.kaspersky.dk finds a
HEUR: Trojan win32.generic
in the configuration maneger program.
I have
paid for the antivirus program.
I used the
configuration maneger to change the communication from WiFi to serial/USB

When I then deleted the program from my Windows 10 PC afterwards (following the antivirus program recommendation), I was in a very bad situation, because there was no way to get in contact with IEXOS100.

I informed Wes McDonald about this in a private communication 2019-07-30 21:08
He was very
helpful. The only way out was to reinstall the virus-infected program, and then change the communication from serial to WiFI.

Allow me to inform you, that I find it
low standards from the company Explore Scientific to distribute programs with Trojan virus.


Yours
Søren Toft
Denmark

Stephen Vickers - Explore Scientific Software Developer
 

Just because an anti-virus program says there is a virus there, doesn’t always mean there is, it means that in that program there is a module with the same name of a virus it has found before. win32.generic is a pretty…wait for it…generic name. This is what Kaspersky say to do about a Trojan.win32.generic file. https://support.kaspersky.com/us/9742

Thanks,
Stephen Vickers

Explore Scientific
1010 S. 48th Street
Springdale, AR 72762

o. 866.252.3811
m. 870.654.6995
stephen.vickers@...

On Aug 7, 2019, at 10:25 AM, sol via Groups.Io <sol@...> wrote:

My antivirus program Kasperski from www.kaspersky.dk finds a
HEUR: Trojan win32.generic
in the configuration maneger program.
I have
paid for the antivirus program.
I used the
configuration maneger to change the communication from WiFi to serial/USB

When I then deleted the program from my Windows 10 PC afterwards (following the antivirus program recommendation), I was in a very bad situation, because there was no way to get in contact with IEXOS100.

I informed Wes McDonald about this in a private communication 2019-07-30 21:08
He was very
helpful. The only way out was to reinstall the virus-infected program, and then change the communication from serial to WiFI.

Allow me to inform you, that I find it
low standards from the company Explore Scientific to distribute programs with Trojan virus.


Yours
Søren Toft
Denmark


Jerry Hubbell - Explore Scientific VP Engineering
 
Edited

On Wed, Aug 7, 2019 at 11:25 AM, @Astoft wrote:
Allow me to inform you, that I find it low standards from the company Explore Scientific to distribute programs with Trojan virus.
Søren,

You are the only user so far who has said that their anti-virus protection has identified the PMC-Eight Configuration Manager contains a virus.
This program was written by PMC-Eight customer Chris  Moses, and has been scanned by our staff and other customers as being virus free on other machines. 

The PMC-Eight Configuration Manager program is safe as far as we are concerned and can be used by our customers for updating their PMC-Eight system.


The problem that your virus protection program is identifying is in the behavior of the program while running the firmware update process.
The HEUR: Trojan win32.generic warning is a heuristic behavioral issue that is identified because the program is doing a process that has been generically identified as a Trojan virus type behavior.
The actual firmware update process uses a Parallax distributed executable called propellent.exe and can be downloaded here:

https://www.parallax.com/downloads/propellent-software

You may be correct in that "technically" we are distributing a program (propellent.exe) that is considered a Trojan virus by some anti-virus programs based on its behavior, but it does not in fact contain a Trojan Virus. We would not put our customer's systems at risk in this way.

This executable is included in the PMC-Eight Configuration Manager zip file. You are welcome to download the program directly and put it in the directory where you saved the PMC-Eight Configuration Manager program. I expect you will see the same result.

I think it is important to state that it was not until your report today that we put the behavior we are seeing with the firmware update with your report  of a virus in the PMC-Eight Configuration Manager. 

I appreciate your experience report with your anti-virus software, it was key to resolving this issue.

--
Jerry Hubbell
Vice President of Engineering

Explore Scientific, LLC.
jrh at explorescientific.com

www.explorescientificusa.com
1010 S. 48th Street
Springdale, AR 72762
1-866-252-3811

Author: Scientific Astrophotography: How Amateurs Can Generate and Use Professional Imaging Data
             Remote Observatories for Amateur Astronomers: Using High-Powered Telescopes From Home


Mark Slade Remote Observatory (MSRO) IAU MPC W54 Equipment
Wilderness, VA
Mounts
: ES PMC-Eight G11 + Telescope Drive Master (TDM)
Scopes: ES 165 FPL-53 ED APO CF, ES 102 FCD100 ED APO CF
Cameras:  QHY174M-GPS + FW, QHY163C
Misc: 3-inch 0.7x Focal Reducer Field Flattener, Filters: Luminance,
Red, V-band Photometric, Diffuser, 200 lpmm Spectral Grating

Software: MaxIm DL 6, Cartes du Ciel, Astrometrica, AstroImageJ, AutoStakkert!

@Astoft
 

Hello Jerry.
You asked for feedback, and you got it.
All the best for your future work.
Yours
Søren

Mark Blair
 

I was one of the earliest purchasers of the G11 ESPCM-Eight.  Regarding the initial tone of this string, let's remember from an amateur astronomers' viewpoint (not business), we are all on the same team when it comes to the ESPCM-Eight.  From the beginning there were some issues with the marriage of the Losmandy G11 and the ESPCM-Eight, but I believe Jerry and ES have responded well and continue to solve issues as they arise.
 
Mark Blair 


On Wed, Aug 7, 2019 at 11:20 AM Jerry Hubbell - Explore Scientific VP Engineering <jrh@...> wrote:

[Edited Message Follows]

On Wed, Aug 7, 2019 at 11:25 AM, @Astoft wrote:
Allow me to inform you, that I find it low standards from the company Explore Scientific to distribute programs with Trojan virus.
Søren,

You are the only user so far who has said that their anti-virus protection has identified the PMC-Eight Configuration Manager contains a virus.
This program was written by PMC-Eight customer Chris  Moses, and has been scanned by our staff and other customers as being virus free on other machines. 

The PMC-Eight Configuration Manager program is safe as far as we are concerned and can be used by our customers for updating their PMC-Eight system.


The problem that your virus protection program is identifying is in the behavior of the program while running the firmware update process.
The HEUR: Trojan win32.generic warning is a heuristic behavioral issue that is identified because the program is doing a process that has been generically identified as a Trojan virus type behavior.
The actual firmware update process uses a Parallax distributed executable called propellent.exe and can be downloaded here:

https://www.parallax.com/downloads/propellent-software

You may be correct in that "technically" we are distributing a program (propellent.exe) that is considered a Trojan virus by some anti-virus programs based on its behavior, but it does not in fact contain a Trojan Virus. We would not put our customer's systems at risk in this way.

This executable is included in the PMC-Eight Configuration Manager zip file. You are welcome to download the program directly and put it in the directory where you saved the PMC-Eight Configuration Manager program. I expect you will see the same result.

I think it is important to state that it was not until your report today that we put the behavior we are seeing with the firmware update with your report  of a virus in the PMC-Eight Configuration Manager. 

I appreciate your experience report with your anti-virus software, it was key to resolving this issue.

--
Jerry Hubbell
Vice President of Engineering

Explore Scientific, LLC.
jrh at explorescientific.com

www.explorescientificusa.com
1010 S. 48th Street
Springdale, AR 72762
1-866-252-3811

Author: Scientific Astrophotography: How Amateurs Can Generate and Use Professional Imaging Data
             Remote Observatories for Amateur Astronomers: Using High-Powered Telescopes From Home


Mark Slade Remote Observatory (MSRO) IAU MPC W54 Equipment
Wilderness, VA
Mounts
: ES PMC-Eight G11 + Telescope Drive Master (TDM)
Scopes: ES 165 FPL-53 ED APO CF, ES 102 FCD100 ED APO CF
Cameras:  QHY174M-GPS + FW, QHY163C
Misc: 3-inch 0.7x Focal Reducer Field Flattener, Filters: Luminance,
Red, V-band Photometric, Diffuser, 200 lpmm Spectral Grating

Software: MaxIm DL 6, Cartes du Ciel, Astrometrica, AstroImageJ, AutoStakkert!

W. Christopher Moses
 

Responding to astof's comments:

Allow me to inform you, that I find it low standards from the company Explore Scientific to distribute programs with Trojan virus.
Søren Toft
Denmark

A few comments
1.  I am the author of the utility.  It is not an official ES product
2.  A previously mentioned, there is no virus - just overprotective anti-virus software
3.  The source code is available at: https://github.com/WCMoses/PMC-8-Communication-Manager

I fully understand your concern, but rest assured there is no virus.

I think you will really enjoy the iExos-100 once you get up and going,

I will be sure to add a message reminding users to disable any antivirus software in the next version - which is coming soon.

Best wishes,
Chris Moses


--
Mounts: ES PMC-8 G11, Losmandy AZ8
Scopes: Tak FSQ 106 EDX4, AT 115, WO Star 71, Mallincam RC6
Cameras:  2x ZWO ASI1600MM-P, Nikon D5100, ZWO ASI 120
Msc: IF ONAG, Moonlight Nightcrawler, ZWO EFW
Software: PixInsights, TheSkyX Pro