Jump to content

iOptron Commander v7 blocked by Ransomware protection


Recommended Posts

I use a CEM120 astronomical telescope mount built by iOptron.  It is connected to computer via USB (using a USB/COM port) and controlled by an iOptron application called Commander.  I recently updated my mount's firmware which required me to update the Commander and ASCOM Driver to version 7.  After doing so, when I launched the Commander app and tried to connect to the mount, I got an error saying "No supported iOptron Devices detected".

I have spent weeks working with iOptron tech support to try to resolve this issue.  I finally discovered that turning off Malware Bytes would allow Commander to connect to the mount.  Trying the different protection options one by one, I found that turning off the Ransomware protection allows it to work.

I would really rather not leave Ransomware protection turned off.  Is there some way to configure MalwareBytes to allow iOptron Commander v7 to work without turning the whole feature off?

-Dan Kuchta

Link to post
Share on other sites

  • Root Admin

Hello @dkuchta5

Can you please gather logs and post them back so that we can review further.

 

To begin, please do the following so that we may take a closer look at your installation for troubleshooting:

NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  • Download the Malwarebytes Support Tool
  • In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
  • In the User Account Control pop-up window, click Yes to continue the installation
  • Run the MBST Support Tool
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine
  • A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply

Thank you

 

Link to post
Share on other sites

  • Staff

Hi Dan. Can you add these items to your Allow List and see if that helps? Try the first one first, and the others if the first does not help.

C:\USERS\DKUCHTA2\APPDATA\LOCAL\IOPTRONCOMMANDER2017
C:\Program Files\AstroPlanner\AstroPlanner.exe
C:\Savant\Root

Each of these could be excluded for Ransomware Protection only.

We can collect more detailed assessment logs if the above do not provide a workaround for the issue.

Edited by tetonbob
Link to post
Share on other sites

  • Staff

Thanks, Dan. Let's collect a set of logs from the Process Monitor utility.

Create a Process Monitor Log:

  • Please download Process Monitor from here and save it to your desktop
  • Double-click on Procmon.exe to run it
  • Replicate the issue, then save the capture via the File menu > Save
  • Keep the default settings while saving.
  • One saved, close Process Monitor
  • Right-click on the Logfile.pml on your desktop (or wherever you chose to save the .pml file) and hover your mouse over Send To and select Compressed (zipped) Folder
  • The zipped log will be too large to upload as an attachment on the forums, so please upload it to wetransfer.com (use the "I just want to send files" option) and send me the link to the download.

Ideally, it would be good to have 2 unique Process Monitor log sets, one while reproducing the issue, and one where you've disabled Ransomware protection and are not experiencing the issue.

Note, this will be my last reply for the day. I'll check on your progress in the morning.

Edited by tetonbob
Link to post
Share on other sites

Hi Bob:

Some issues with the Process Monitor procedure.

I tried to click on the "here" link in you note, but it did not work.  I did notice the URL pop up at the bottom of my browser though, and was able to access the enclosing folder, which then allowed me to download the Procmon.exe file.

I ran it twice, as you suggested, but only got one good log file.  The 2nd was extremely small and contained a lot of nulls.  When I launched Procmon.exe the second time to do the 2nd log, it gave me a dialog saying that it was already monitoring the system, but the window was blank.  This was unlike the first time where the window instantly filled up with data that it was capturing.  So I had to reboot the system to be able to get good 2nd run with good data.

So I was able to get by those hurdles, but I don't see how to email the files to you.  It asks for an email address to send to, but I don't have yours.  The return address on the automated email I got from this forum is a "noreply..." address.  Can you supply an email address for me to send the files to?

-Dan

Link to post
Share on other sites

  • Staff

Hi Dan. On the screen where it shows the option to email, there should be an option to "Get transfer link".

Edit: My colleague Ron has a post with images on using wetransfer, here

https://forums.malwarebytes.com/topic/278147-ms-word-2019-keeps-freezing-crashing-when-trying-to-open-a-document/#comment-1477676

 

Edited by tetonbob
Link to post
Share on other sites

  • 1 month later...
1 hour ago, ljphotoop said:

Hi, I am new to this forum.  I saw this post and I am having the same issue with my IOptron CEM40. Turning off Ransomware allows Commander to work.  What was the solution?  Thanks.

So far just the workaround of turning off Ransomware Protection.  I've been working with their tech support people, trying several fixes by replacing files in my Mawarebytes installation with test files.  So far, no luck.  Last I heard from them was December 4th, but I assume they are still working on it.

Link to post
Share on other sites

  • 4 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.