Waves Complete V9.6.44 Installation and firewalling

Discussion in 'Software' started by quadcore64, Feb 22, 2016.

  1. MozartEstLa

    MozartEstLa Platinum Record

    Jul 13, 2014
    Likes Received:
    @quadcore64 I've tested AVAST! Internet Security suite from my sandbox Win7: this modern AV+FW suite can't block DLLs. I don't waste my time for these useless experimentations about BitDefender, KIS (no demo - need license - and... used last year as legit) or "etc" (list is easy to find from net), wasting my time for useless feature (unfortunately!). Also, computer networks is my job since 30 years, have two CCNP + CCAr certifications (Cisco), installed ton of servers for our (old) customers (SCO, Novell/Unixware, Windows from NT 3.51 until 2008 R2) btw I can (legitimate) assume I'm not a newbie or idiot (and stay polite). My philo is "practice is better than theory". Stopping this sterile debate (can of worms is useless for our community IMHO). Cheers. :bow: But assuming it's a good topic, though.
    Last edited: Feb 23, 2016
  2. MozartEstLa

    MozartEstLa Platinum Record

    Jul 13, 2014
    Likes Received:
    To do efficient test: use not patched Xfer Serum (few releases from bro site are pre-patched), try to block Serum.dll - if you can do (or Serum_x64.dll if you're using x64 DAW of course), open Serum from your fav' DAW, register it (keygenning or valid S/N from comments), then, from Serum GUI save any preset you want or current (by using "Save As" feature), close Serum, then reopen it... in case of homecall (+registration cancelled), your firewall software is simply useless (Serum calls another app: your browser exe).

    About firewalls (any), there two rules approaches/policies: 1/ by application or 2/ by service (HTTP, HTTPS, ICMP - ping, FTP etc).
    ZoneAlarm Pro doesn't block DLLs (unfortunately, again). :shalom:

    By blocking service mentioned just above, any application (Firefox, Chrome, IE etc) can't use it, no access to PayPal, your bank account or AudioSexPro - for example - if you've blocked HTTPS/443 service, etc...
    Last edited: Feb 23, 2016
  3. MozartEstLa

    MozartEstLa Platinum Record

    Jul 13, 2014
    Likes Received:
    This script can be downloaded from many websites such superuser.com etc... it's not classified.


    Discovering similar topic here on AS (May 2015), it's not a new debate (and maybe others are existing).

    Thanks of course, about your effort, poison9090, your explanations are very clear. But blocking DLL, VST3... is an utopy (or disinformation).

    Do you block: PDF, PNG, BMP, DOC, XLS (may contain VB code), VBS (containing code) in your firewall software? Dialogue of deaf? lol Comogo Internet Security permits to block PDF and JPEG :wow: files (I've tried yet), but why? it's not serious.

    Keep in mind DLL (or VST3) is part of executable process (aka encapsulation), not the process itself! (dll never have own PIDs from Task Manager, but only their "containers" have such rundll32 or svchost, when dll code is running into... exactly like your DAW does). Cheers. :bow:
    Last edited: Feb 23, 2016
  4. Guitarmaniac64

    Guitarmaniac64 Rock Star

    Jun 5, 2011
    Likes Received:
    Be offline when you use cracked software
    • Agree Agree x 1
    • Winner Winner x 1
    • List
  5. MozartEstLa

    MozartEstLa Platinum Record

    Jul 13, 2014
    Likes Received:
    Funny situations about some plugs and homecalls (but not all), eg: Serum, by using hex editor (UltraEdit for me), you can patch "http://ww.xferrecords.com/serum" strings (3 occurences) into dll to redirect the homecalls elsewhere you'll want, eg to https://audioz.download :rofl:(add "0x00" extra byte after), it works.
    Some plugins can't permit to do this, due to their integrity checks. Also ULRs for homecalls may be encrypted (the power of developers, until...)
    Last edited: Feb 23, 2016
  6. poison9090

    poison9090 Newbie

    Dec 30, 2014
    Likes Received:
    Thank you MozartEstLa, I see you have enough skills in microcomputing and I assume that you usually work with a DAW controling other standalone sound applications, but, as is obvious that you are right if we talk about general files because you are wrong in the "triggering stuff", and I think you miss the point, about what is the target of the case, how is the standard operational process and how to change it and what are our weak points.
    So, maybe is better if we don't talk about general firewalling as you start to talk, let's talk about our target and our weak points WITHIN OUR DAW.

    First point, let's talk about my "utopy", and our case;): plugin isolation:
    As you may know when we work into a DAW we work in a independent and isolated sub-layer where only the Host is the governor (I assume that we first must isolate the hosts), there are no dll calls to the system shell or any OS trigger, operator o any kind of "outside-DAW" identity (except bridges, as I will explain later).
    So as you well said, a dll plugin is an encapsulated and in fact standalone piece of code executed by the host...only the host, for that reason, and to assure system stability that files don't depend in nothing (no pdf, jpg, no "containers", as you said, I prefer to name them "transports"). So, if we take some time tracing the population of subprocesses at DAW startup and observe the system behaviour while you work on the most known DAW's in the market we
    will see that, at least if you block your DAW first of all, when you open any vst, dll, aaax or whatever you call it, the only call to any "OS" shell identity are (in case, and again) the 64b to 32b bridges, that also has to be blocked by the script at first, as any plugin container that you may use.

    Ok, Second point, our weakness: now that we are "in place" we only have one risk....that is called "timebombing", and our true weak points are in fact, the installers and uninstallers....maybe I'm wrong and Ollie or some Elite can correct me, but my noob observation is that nowadays, the big part of code injections are "hard coded" in different modules inside the installers or uninstallers. And here is where your answer is correct, code can be in some cases fragmented anywhere in this EXECUTABLE files ;) starting OS runtime daemons...making it hard to trace, bypass and reverse, in case you need it (I don't recommend using this kind of practices).

    And, finally: just stop and think....what is better, to fullfill my computer of "firewall" daemons and lots of this kind of stuff that you are proposing, that for sure will interfere in your audio works consuming resources without control?
    .....or maybe is better to control by yourself your system, slimming it at the same time that you rebuild the same depending on your needs?

    ..Anyway, my intention is only to help or try to give some "light" in that case.

    Let's add, never deduce ;). Again, thank you and all my respects MozartEstLa :).
    Last edited: Feb 23, 2016
  7. MozartEstLa

    MozartEstLa Platinum Record

    Jul 13, 2014
    Likes Received:
    First, you're welcome poison9090, and I must begin my reply by... :goodpost:about your previous reply, sincerely I can't tell other!

    Despite my English isn't perfect (I'm French), my explanations aren't perfect too. Some words I've used such "container" may be inappropriate, I admit this. You mean transport instead, I accept it.

    About "utopy" please consider it's not your "utopy", anyway, but in general. Same about "disinformation", it's not against you, be sure! it's a misunderstand or badly contextual word from me, probably, surely, and sorry.

    Cannot add nothing else because your reply is simply (edit: perfect replaced by good). To be honest, I've forgotten... bridges (another security holes about CM), bravo, well done! And be sure I can admit if I'm wrong somewhere, humain learns everdy day, one of essence of the life IMO. Of course some subtelties can always escape, an oversight, a different (or missing) word. Assuming I've some computer skills (experience), but they're not unlimited, however. It's one of cause why I remain enthousiat guy (geek, assuming it, it's not a shame).

    Also I never talk here on AS forum about some unknown subjects for me, like mixing or mastering techniques, recording vocals, compression, most hardwares I've never used, unknown DAWs like Cubase or PT, etc. Be sure human isn't perfect (fortunately), it's not a shame (x2 lol).

    Thank you very much too, be sure also to receive all of my respects poison9090. :shalom:
    Last edited: Feb 23, 2016
  8. MozartEstLa

    MozartEstLa Platinum Record

    Jul 13, 2014
    Likes Received:
    AS EDIT (complement to @poison9090 )

    Sorry but I don't agree! what's happen exactly as soon as you invoke File/Open, File/Save As, exporting your project to WAV? sorry but they're shell calls to your operating system, keep in mind gouvernors you've mentioned? OS is the boss, the chairman. What about meters for CPU or RAM usage, disk activities: another API calls to system. Now, about plugin GUI: are these plugins don't use graphic APIs like DirectX or OpenGL? another important piece of your operating system. Same principles about Visual C++ and .NET based plugs... or about iLok (Pro Tools) or e-Licenser (Cubase) are using... device drivers!

    Now, about bridges, as complementary explanation, they're working as (exe) standalones, I agree totally, they're acting like virtual machines. Isolation remains true as long as you're using them along with plugin may causing problem (such timebombing). In my case, the only x86 plugin I'm using (in bridged environment), is SQ8L, a old freeware VSTi (2008), using it since many years without any problem. It's simple.

    In fact, by taking required time prior this second reply, this point is understandable:

    By using script to inject dll, ocx, vst3 and msi into your firewall table, for sure you fullfill your computer. About Waves (and only about them) I've wrote blocking register.waves.com in hosts file, is enough. They're no fullfill here, but only one "rule" (or DNS resolution), as 1 equal 1, to your local machine (aka loopback). Of course, if you're using other plugins, from other brands/developers, you must increase your barrier/fence if your want the plugs continue to work as "warez", otherwise you must buy your plugins and don't block anything and anywhere, it's simple, no? (sometimes some cracked plugs work better than legit, eg Rob Papen stuff). Always a compromise and unstable equilibrium. In my French language "on ne peut pas avoir le beurre et l'argent du beurre" (we can't have butter and money for butter together/in the same time).

    Assuming also you're playing with words: I'm using "container", you're using "transport": what you're right and what I'm wrong? where the problem is exactly? together we're meaning "russian dolls" (I've used encapsulation, am I wrong?) also containers are used for... transports (truck, aircrafts, cargos - I'm using word game too sorry). it's like a hierachy, or tree (from ground, to leaf).

    Doing reverse engineering is another problem: it's science and art, honestly I'll can't do it, I need additional skill I don't have (despite I can read assembly from iDA Pro or ollydbg2), it's not for any age or any health condition, requires a lot of time (and more), no more free time to do something else, and during a long period. No wife, no children, no swiming pool, no friends... Do you imagine AudioUTOPiA is only one guy, working alone on his PC, at home, and "bingo", couple of hours later, like Einstein (and his e=mc²), eureka... iLok/PACE is broken! I've tried to understand their stuff about Slate VTM, many code removed, ton of redirections, plugin enhancements (really). Do you imagine R2R guys have enough time to create prods, or take required time to understand many aspects of plugin or software, I'm not sure, they crack and voila (some of their cracked aren't fully tested because they don't have enough time, it's not a critic because it very simple to understand, it's impossible as long as day duration is 24 hours).

    You mention I'm wrong, okay, but all remain abstract, finally. Please explain-me clearly where I'm wrong? TIA

    Simply read Guitarmaniacs64 reply just above our exchanges, just one line, nothing else, and he've totally right, 100%.

    Respectfully :bow:
    Last edited: Feb 23, 2016
  9. quadcore64

    quadcore64 Audiosexual

    Jun 13, 2011
    Likes Received:
    I've used all the produts listed plus Norton in the past. If you look at the feature set comparison for products from
    each developer, you will see that they all offer a firewall feature past the basic package. There are also as mentioned,
    stand-alone firewalls and front ends for Windows firewall. I personally prefer a third party solution over Windows.

    Also there is the firewall and other controls built into modern routers.
    Last edited: Feb 23, 2016
  10. quadcore64

    quadcore64 Audiosexual

    Jun 13, 2011
    Likes Received:
    I should also mention that my method has allowed me to use u-He plugins without worry
    for quite some time now. As I mentioned before, no reverting back to demo mode or locking
    the plugins.

    You can build a fence or a wall. Which is more difficult to get over?
  11. MozartEstLa

    MozartEstLa Platinum Record

    Jul 13, 2014
    Likes Received:
    About using 3rd party solution be sure I agree 100% with you quadcore64! By using default stock firewall it's easy for developer to detect custom rule (from Registry keys) - Mirillis Action! is working using this method against piracy, or to create own into your Registry without any advice (as long as your DAW is running as administrator or high privileges, all doors are open). Comodo Firewall is for unexperimented users, have tested KIS and AVAST, but... don't like them. Planning to install external (at home) firewall/proxy solution on separate small-sized machine (running reliable Linux distri), also for IP filtering (FTP, SNMP, NetBIOS aka the M$ hole - etc) unfortunately my old Linksys router can't do. :bow:
    Last edited: Feb 23, 2016
  12. muse2love

    muse2love Producer

    Nov 11, 2013
    Likes Received:
    Not working tried on win 7 & 10 64 bit no go
  13. quadcore64

    quadcore64 Audiosexual

    Jun 13, 2011
    Likes Received:
    All I can say is that it has served me well. No more software or plugins going into locked or demo mode.
    Especially u-He plugins. everyone has his/her own flavor of tea.
  14. ned944

    ned944 Audiosexual

    Jun 3, 2012
    Likes Received:
    The Underground
    Using "Windows Firewall Control" from http://www.binisoft.org/ you can block DLL's it is super easy to use and makes Windows firewall a breeze to use. Definitely Worth the money. Will handle whatever you need as far as phone home type programs and apps. without fail. Tried and tested by me for years.
  15. muse2love

    muse2love Producer

    Nov 11, 2013
    Likes Received:
    You guys are consistantly talking about firewalling...a file that the installer fails to write

    whatever methods...

    It seems if you have a clean machine... it will work...but...even if you did revo and all...

    here it is a no go situation this crack is not a full proof on all systems situation regarldess of firewall...
  16. quadcore64

    quadcore64 Audiosexual

    Jun 13, 2011
    Likes Received:
    As long as your DAW loads the new Waveshells, your projects will work as before.

    Remember that The Waves installer puts the dll files in what for most is the wrong place.

    From the start of this thread:
    BTW..the installer puts the DLL files in VSTplugin folders under
    Program Files and Program Files (X86). Just move them to your default
    VST folder(s)
  17. muse2love

    muse2love Producer

    Nov 11, 2013
    Likes Received:
    no dlls are written at all...just empty folder and error messaging to contact waves.com tech support
  18. Trinity

    Trinity Member

    Feb 23, 2016
    Likes Received:
    My DAW (Cubase 8) asking me for ''WavesShall-VST3 9.61_x64.vst3'' Folder! I did a search for the file but I couldn't find it in my PC!..Every thing work fine for me but the annoying think that I need to ignore that message every time I open Cubase 8..any solution?
    Windows 7 Ultimate 64..
    Last edited: Feb 24, 2016
  19. quadcore64

    quadcore64 Audiosexual

    Jun 13, 2011
    Likes Received:
    Windos 7 64bit
    Default dll folders most used by installers are:
    C:\Program Files\VstPlugins
    C:\Program Files\Steinberg\VstPlugins
    C:\Program Files (x86)\VstPlugins
    C:\Program Files (x86)\Steinberg\VstPlugins
    C:\Program Files\Cakewalk\VstPlugins (if registry modified by Cakewalk and you did not change back to default)

    Default VST3 folders:
    C:\Program Files\Common Files\VST3
    C:\Program Files (x86)\Common Files\VST3
  20. MozartEstLa

    MozartEstLa Platinum Record

    Jul 13, 2014
    Likes Received:
    Are you Potroub on AZ? (same avatar) - if yes, I've replied on related comment. If no, simply ignore. Cheers. :bow:
    Last edited: Feb 24, 2016