Jump to content

Canada's top-tier Telescopes & Accessories
Be as specific as possible when reporting issues and *ALWAYS* include the full version number of the application you are using and your exact *CAMERA MODEL*
NEVER POST YOUR KEY IN ANY PUBLIC FORUM, INCLUDING THE O'TELESCOPE SUPPORT FORUM ::: IF YOU DO YOUR KEY WILL BE DEACTIVATED WITHOUT NOTICE!
  • 0

BYEOS: trojan malware detected by antivirus while in use?


jayta98

Question

Hello eveyone. I started using the trial version of BYEOS a few weeks ago. I practiced during the daytime using my T5i for a few hours to get familiar with the controls. I finally used it yesterday night and as soon as I started capturing data i got the a malware detection notification from Kaspersky. It was a constant and annoying notification that continued to come up every 10 seconds. I prompt me to quarantine it and restart the PC. I didn't since i didn't want to lose the captured data.

 

I never seen this since I started using the trail version. I looked this morning at the quarantine log and this is what i found:

 

File- otelescope.backgroundworker.start.exe

Path- C:\program files(x86)\backyardeos3.1\

Detected- PDM: Trojan.Win32.Generic

Date- 3/1/2016 9:55 PM

 

Anyone else experienced this? Is this really a trojan virus? Thanks.

Link to comment
Share on other sites

  • Answers 11
  • Created
  • Last Reply

11 answers to this question

Recommended Posts

If you downloaded BYE from the otelescope web site then it is highly unlikely that the backyardworker process contains any malware.

 

It is more likely that Kaspersky does not recognize the executable and is being overly cautious.  You should be able to eliminate the warnings by telling Kaspersky that the executable is OK.

 

Or you could change your antivirus software.  Microsoft Security Essentials is free and works well.

Link to comment
Share on other sites

Yikes.

 

I can assure you 110% that software downloaded directly from our site is 100% virus free.

 

You have a virus for sure and it seems it did propagate to infect other files, and the BYE background worker process seems one of them.

 

Good luck getting rid of this virus and please keep us posted on your progress.  

 

Regards.

Link to comment
Share on other sites

If you downloaded BYE from the otelescope web site then it is highly unlikely that the backyardworker process contains any malware.

 

It is more likely that Kaspersky does not recognize the executable and is being overly cautious.  You should be able to eliminate the warnings by telling Kaspersky that the executable is OK.

 

Or you could change your antivirus software.  Microsoft Security Essentials is free and works well.

 

I have been using the MS Free Anti-Virus for about 6 years now and I have never had any issues with it.  It' pretty good actually.

 

Regards,

Link to comment
Share on other sites

If you read the text of the web page at the link in Guylain's previous note, it is full of gramatical errors.  It is also from a company that I have never heard of.  These things make me suspicious that the site is trying to get you to download their software, which is true malware, or is encouraging you to purchase their software which you don't need,

 

I would be careful!

 

The safest course is to check with Kaspersky on how to proceed.

Link to comment
Share on other sites

If you read the text of the web page at the link in Guylain's previous note, it is full of gramatical errors.  It is also from a company that I have never heard of.  These things make me suspicious that the site is trying to get you to download their software, which is true malware, or is encouraging you to purchase their software which you don't need,

 

I would be careful!

 

The safest course is to check with Kaspersky on how to proceed.

 

Ah, right back at me.  I was too quick to provide  the first google link.  I will remove the link now to prevent further issue.  Good catch.

 

Regards,

Link to comment
Share on other sites

Thanks for the replies. I have been using kaspersky for years and it has been my prefered one after years of using others. I will scan the pc today and make sure it is virus free. I can see how if there was another virus it could infect the byeos worker. I will keep you guys updated.

Link to comment
Share on other sites

I ran my full virus scan from kaspersky and it didn't found anything. I did ran superantispyware and it did found the trojan and removed it. The path was not from backyard EOS so it looks like the trojan attacked workerstarter. It appears that trojan is from malware. 

Link to comment
Share on other sites

update: So I I was able to remove the trojan with my antivirus. I ran a full scan with anti spyware and kaspersky. No threads found. I went back to use BYEOS and it will crash to desktop after the loading screen. I had to uninstall BYEOS and reinstall. After that I connected my camera with a lens and launch BYEOS. It worked this time. I was able to use the imaging section and take some practice shots. I was able to use the focus section, again no issues.

 

The trojan malware reappeared on planetary at the moment when BYEOS is making the video from all the shots it took. I can see the queue flashing a "1" and after a 10 seconds the malware notification starts. This causes BYEOS to not finish creating the video as it was not found int he planetary folder. Once this starts to happen the only way to stop it is to let my antivirus remove it and restart the PC. Once again I have to uninstall and restart BYEOS.

 

The issue occurred again if I disable my wifi. The only time it stops is when i turn off my anti virus. Everything works fine at that point. Even after i run BYEOS with the anti virus off I ran a full scan again and there was no malware found. Not sure what is causing it but I can deal with disabling my antivirus and wifi when im imaging. 

 

I don't think I will be using the planetary imaging too much as the highest FPS I can get using my T5i was 8.2. I think my laptop is too old and it is affecting the FPS.

Link to comment
Share on other sites

Kaspersky still has issues with it.

 

Either add it to you white list or try reinstall BYE in a separate folder and see if this makes a difference.

 

The background workerprocess used to to process images and videos; without it you will not get AVI and your images will stay in the BackyardTEMP folder, they will not be copied to your download folder.

Link to comment
Share on other sites

Except that the background worker process is also used for still imaging.  It is possible that there is some other software that the BYE BackgroundWorker is using to assemble the LiveView frames into the .AVI file that is the true culprit of the false positive reaction by Kaspersky..

 

I did a bit of reading about the Kaspersky AV software and it does not appear that you can tell them that BYE and the BackgroundWorker are OK.  If I understand what I have read, Guylain would have to "partner" with Kasperksy to have BYE's executables added to their Whitelist.  This would undoubtedly cost him some $$$.

 

I used to be a Kaspersky customer and switched to the cost-free Microsoft Security Essentials.  I have never become infected and the software is every bit as effective as the pay software without the false positives.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.


×
×
  • Create New...

Important Information

This site uses cookies to offer your a better browsing experience. You can adjust your cookie settings. By closing this banner, scrolling this page, clicking a link or continuing to browse otherwise, you agree to the use of cookies, our Privacy Policy, and our Terms of Use