Warning: Focusrite Fast by VR

Discussion in 'Software' started by hackerz4life, Aug 19, 2021.

  1. DoubleTake

    DoubleTake Audiosexual

    Joined:
    Jul 16, 2017
    Messages:
    2,287
    Likes Received:
    1,231
    Hmmm.. I suppose your groupies will agree..
    LOL
    Go on Mr FIXIT, tell us all how to fix this with Latencymon or some other irrelevant advice as usual.
    How about a link to the manufacturer's website or to the VST manual?
    Maybe I should reinstall Windows? ... or reset my router?
    Ensure that my PC is plugged in?
    Whatever, dood... :rofl:
     
  2. FrankPig

    FrankPig Rock Star

    Joined:
    Jan 31, 2021
    Messages:
    577
    Likes Received:
    408
    Location:
    Hog Heaven
    Related (or maybe not): yesterday I downloaded a rar of a PDF of Electronic Sound from the torrent site that ends in "news". Uploaded by the main uploader there, so it's trusted.
    Defender flagged it as Trojan:Win32/Tnega!ml and deleted it. On a PDF???
    I downloaded again, same thing. Third time, nothing - no detection, no deleting of file. I then downloaded the same file on a different PC and did not receive the same warning and deletion from Win Defender.

    Defender also flagged and deleted the kg for the RET FabFilter release 6 days ago as Trojan:Win32/Wacatac.B!ml, and as far as I'm aware, this was the same as the older July 2020 R2R kg. I then used my archived keygen from the previous R2R release and Defender once again flagged it. I've run it in the past with no problems. It can't have magically become a trojan while it's been sitting fermenting on my separate Archive HD. So I ignored Defender and allowed it to run.

    Could it be a recent Windows Defender update has made it a little too... enthusiastic and over-zealous, causing it to spew these false positives? Pure speculation on my side BTW.
     
    • Like Like x 2
    • Interesting Interesting x 1
    • Useful Useful x 1
    • List
  3. EddieXx

    EddieXx Audiosexual

    Joined:
    Sep 13, 2015
    Messages:
    1,316
    Likes Received:
    761
    nope, you are right. AV:s are not particularly intelligent at all, they apply pretty crude checking routines and even lists that flagg certain behaviors until they update and clean those, happens all the time.

    they are designed to trust certified signed programs, not installers that do extra* stuff..
     
    • Like Like x 2
    • Useful Useful x 1
    • List
  4. SineWave

    SineWave Audiosexual

    Joined:
    Sep 4, 2011
    Messages:
    4,432
    Likes Received:
    3,570
    Location:
    Where the sun doesn't shine.
    I think that's a great idea to provide a SHA256 hash/checksum number for every release at the sister site. It should be a rule. :wink:
     
    • Like Like x 3
    • Winner Winner x 1
    • List
  5. GabsIT

    GabsIT Producer

    Joined:
    Oct 29, 2020
    Messages:
    204
    Likes Received:
    133
    Location:
    Asia
    I did't read all the posts but by the lastest info I pressume, that the crack overwrite a dll or a registry key to a dll or something of that nature so the fix could be simply reinstall the latest c++ redist library to fix problems with other plugins.

    I see this happens a lot, and in coding we called it a hack, not because you are hacking into a system but becasue it's fixing something in a very fast, dirty way that it works but without the knowledge of why it works or the real issues behind the problems.

    in relation to libraries sometimes it's a mess because at the beggining to speed up the development you use a lot of free or open source libraries but these are in constant change so you need to keep upgrading your code, normally stable libraries are backwards compatible, but with open source you will never know, sometimes inclusive with popupar projects as mozilla a new head of marketing have the power to create a real mess in specifications and change everything and well for the guy that is coding a vst plugin for a company it's easier to hardcode his code to use just the version that it works with his code, then he don't need to do updates but then a vulnerability in the library will never been applied because the code is stuck in an old version of that particular library, sometimes that is why some aplications are so easy to crack.

    Then a cracker will not fix a code problem (sometimes they do) so the hardcoded library need to be used and as is obviously more challenging or add more entropy, the crack could mess with the libraries installed in the computer as rewriting an updated version of a library with an old one that obviously will create trouble.

    now all this is just one posible scenario but one very probably, so that is why i think that just reinstalling the redist libraries should fix any problem as described in this post

    Another thing crackers will rarely check compatibility with old OS versions, and for anyone reporting problems, it's important to be clear from where you download from and what is your OS version, my guess is that people with problems are using win 7 or another old or non standard OS version.
    windows defender is relatively good but naturaly will report any crack or keygen as dangerous virus.
     
    • Like Like x 2
    • Interesting Interesting x 1
    • List
  6. BEAT16

    BEAT16 Audiosexual

    Joined:
    May 24, 2012
    Messages:
    9,081
    Likes Received:
    7,006
    Thanks to you @GabsIT for the information!
     
  7. dbmuzik

    dbmuzik Platinum Record

    Joined:
    Apr 15, 2013
    Messages:
    540
    Likes Received:
    294
    I looked inside the installer as well, and the same.. nothing virus related.

    To those who are troubleshooting: based on the common factor described.. the antivirus protection (notably Windows Defender) is conflicting with these audio apps and keygens because they don't have Microsoft trusted certificates. In most cases the apps need "vcruntime140.dll" and "msvcp140.dll" in order to run. Although these two drivers are in your system32 folder, they are not essential to Windows itself (If you boot in safe mode they won't be there.. but possibly if you choose safe mode with networking).

    What happens is each time you run an app with no trusted certificate the antivirus considers these drivers as part of that app. It will block access to these drivers, and maybe even remove them in some scenarios based on user preference/settings in the AV. So you run some app that needs these drivers, and you may see a prompt from Windows that these drivers the app needs are missing. But Windows itself is the reason they are missing. Defender is blocking the app from accessing them, or has automatically removed them based on the setting in Defender perhaps. Then you can't just go about your business because you have other things that may call upon those same drivers, and now you're discovering things elsewhere that aren't working properly because Defender removed or still has these drivers tied up in the background.

    Those who choose to network on the same OS you do your music: I suggest you need to loosen some restrictions on your PC if that's the way you want to work. You may just have to create a small security gap somewhere if you want your music and network world to co-exist. You can start the regular routine of having your AV turned on only when you use your network browser, and never running any warez software at the same time. Turn the AV off before you launch any warez apps, and keep it off the whole time you have those apps running (including your DAW). Or, go in Windows Defender's settings, and if the option is there, set it to ignore/exclude "vcruntime140.dll" and "msvcp140.dll" to start with. Otherwise, install better AV software, or start buying all your audio software.
     
    Last edited: Aug 20, 2021
    • Like Like x 3
    • Interesting Interesting x 1
    • Useful Useful x 1
    • List
  8. Arabian_jesus

    Arabian_jesus Audiosexual

    Joined:
    Jul 2, 2019
    Messages:
    974
    Likes Received:
    758
    Correct. Exactly what I said in a previous post :) V.R's latest release for the Arturia FX bundle had the same problem, and I know it has happened before as well. With the Arturia release, V.R did post a rev2 that didn't have this problem so it's not like he doesn't care, I just think that nobody has commented about this particular issue with this release until now.
     
    • Like Like x 1
    • Agree Agree x 1
    • Interesting Interesting x 1
    • List
  9. MozartEstLa

    MozartEstLa Platinum Record

    Joined:
    Jul 13, 2014
    Messages:
    647
    Likes Received:
    283
    Location:
    France
    My policy is: every download goes into a virtual machine (VMware Player) - I'm using Total Uninstall for installation analysis, then I create mine installer (aka internal repack) by using Setup Factory 9.5. No issue at the moment.
     
    • Interesting Interesting x 2
    • Like Like x 1
    • Useful Useful x 1
    • List
Loading...
Similar Threads - Warning Focusrite Fast Forum Date
Need Help with Unsafe Download Warnings PC Aug 21, 2024
Youtube warning regarding adblockers Internet for Musician Dec 3, 2023
Removing noise from live bootlegs (newbie warning) Mixing and Mastering Sep 16, 2023
Audionamix: user data leak warning confirmed Industry News Mar 2, 2023
A Warning On the Future of Music: with Author Ted Gioia | Podcast #1 Education Jun 10, 2022
Loading...