I saw some discussion about .dll files in the form of a vst. Previously we saw that tone2 injected malware into their plugins. If that was through their installer; e.g. an .exe file or .dll, is something which I don't have knowledge about.

I always wondered if you launch a .dll (vst) in your DAW, and you have blocked outgoing traffic for the DAW (.exe), will it block .dll calling home? for example d16 plugins, R2R says to block the website in your HOSTS file.

 

I say that Tone2 was the absolute exception. Tone2 was the only manufacturer to have installed malware on the PC.
Team R2R has solved this malware problem. So the problem is no longer there.

The most important thing is to always read the enclosed NFO (operating instructions) and act accordingly.

Share your HOSTS file here: https://audiosex.pro/threads/share-your-hosts-file-here.20960/

In my entire computer life (22 years), I have had 3 dangerous viruses / Trojans.
All of them did not come from the software I installed, but from links on the internet.
Never have I ever needed or used a sandbox. I always have a full backup of the hard drive C./.

 

Last edited: Oct 16, 2021

How can you be so sure that only Tone2 implemented malware/spyware? Tone2 afaik made it very obvious by showing it to the end user in the form deleting your plugin folder, sending messages that your run cracked stuff. Other companies might be more sneaky about it, and we are unaware of it, its 2021 after all.

So back to my initial question:

 

If R2R writes "Host File" then the instruction must be followed. And write a line in the host file. It is not a matter of discretion and as a user you have no choice, you should always follow the instructions in the NFO. If R2R writes you block in the firewall, then do it.

Imagine your PC like this: You have several exits (doors) and several entrances (doors) these are the ports.
If you block an entrance and an exit, something will come out, something will still come in.

Block advertising entries with on-board resources (HOSTS file)

The HOSTS file is a local text file that is close to the task of DNS information. This file is used to permanently assign host names to IP addresses If you don't want to use an ad blocker such as "Webwasher", you can use the HOSTS file if you don't want to disturb the use of advertising banners etc. This file without extension is located under NT / W2k / XP / Vista / Win7 / Win8 under % SYSTEMROOT% \ system32 \ drivers \ etc and can be opened with an editor.

If a company wants to make money, it needs satisfied customers and a good reputation. If it turns out that the company XY distributes viruses / Trojans, an online editor etc. will notice and report on it. This is then very damaging for the company and your reputation will decline.

I regularly use the free "ADWCleaner". I never open file attachments in emails. I regularly check my "Autostart" folder to see if there are things that don't belong there. Use good passwords. I only install programs from trustworthy websites, such as our sistersite from Teams R2R or Team V.R etc.! Team R2R has a lot of experience and hopefully will discover malware and eliminate it for us.

I learned a lot from "Edward Snowden", who explained to us how secret services etc. work. You can never be absolutely sure.
And it certainly hits someone too and you have ransomware or state trojans ...! Then you make a backup or reinstall Windows.

 

Last edited: Oct 16, 2021

If you block your DAW with a firewall, the .DLL won't be able to call home. The DLL runs in the security context of the host application (in this case the DAW) and can do or not do what the host is allowed to.
BUT because DLLs (roughly described as capsuled program functions) can be called from other programs as well, they could gain elevated rights if the other host app has them.
Adobe Premiere Pro (or Davinci Resolve) for instance makes use of VST DLLs and if you haven't blocked Premiere with the firewall and use a VST inside Premiere the VST could of course call home.

(btw.: as you can see, blocking an App by firewall in this case is not as secure as blocking an IP by firewall or HOSTS file)

 

Last edited: Oct 16, 2021

Problem : most of the keygen are considered as virus as far as they modify system data and/or they are patching exe ... So if you are overconfident with VirusTotal results you will probably never user any cracked audio software ;-)


I'm standing at : never connect your DAW computer to the internet and you'll be safe ...