ableton live patch io question

Discussion in 'Lounge' started by John Poo, Mar 23, 2016.

  1. John Poo

    John Poo Newbie

    Joined:
    Mar 23, 2016
    Messages:
    4
    Likes Received:
    2
    hi

    hope i don't get slaughtered for this question as i'm a noob and am just curious.

    i wanted to try out ableton so i downloaded the latest version and the patch io crack.

    after looking around a tiny bit i found the patch io crack drops two files and without these won't function. bassmod.dll and dup2patcher.dll. a small amount of research in dup2 tells me that the file is known by some as malware, a hidden bitcoin miner.

    any thoughts on this, am i just completely wrong here? i trust a lot of cracked software but idk something doesn't feel right to me here... guess somebody smarter than me would have noticed already if something was wrong with this crack but still i felt like asking for some opinions as i've found no discussion about this.
    again please don't slaughter me for asking a question there's no point i'm just curious.

     
    • Interesting Interesting x 1
    • List
  2.  
  3. sisyphus

    sisyphus Rock Star

    Joined:
    Apr 29, 2014
    Messages:
    1,009
    Likes Received:
    420
    really?
     
  4. John Poo

    John Poo Newbie

    Joined:
    Mar 23, 2016
    Messages:
    4
    Likes Received:
    2
    Yes REALLY. Why don't you enlighten me with your knowledge instead of being an asshole if my question is that dumb?
     
  5. ehrwaldt kunzlich

    ehrwaldt kunzlich Rock Star

    Joined:
    Oct 4, 2015
    Messages:
    329
    Likes Received:
    302
    Location:
    Utop, IA
    Best Answer
    both of these are false positives regarding their use in the io-patcher.
    these modules might be used maliciously in other cases, but not with this crack.
    bass is for the music, dup for patching the exe... nothing to worry about.
     
    • Like Like x 1
    • Winner Winner x 1
    • Useful Useful x 1
    • List
  6. DrumcodeX

    DrumcodeX Platinum Record

    Joined:
    Jul 28, 2014
    Messages:
    284
    Likes Received:
    256
    Location:
    Reality (virtual)
    May I ask you where you found those files?
    Are you on Mac or on PC (probably doesn't matter, but anyway...)? I'm on PC Win7 and I can't find those files in any of the Ableton related folders :dunno:

    I guess if it really were a bitcoin miner everyone would notice that instantly because of very high CPU/GPU usage.

    just curious, too
     
  7. ehrwaldt kunzlich

    ehrwaldt kunzlich Rock Star

    Joined:
    Oct 4, 2015
    Messages:
    329
    Likes Received:
    302
    Location:
    Utop, IA
    these files are packed with the iopatch and are 'dropped' and loaded on execution.
    they won't be placed anywhere on your system after you close the patcher.
    as i said, one is a library for musicplayback and the other is a multipurpose patcher fitted to io's needs.
     
  8. John Poo

    John Poo Newbie

    Joined:
    Mar 23, 2016
    Messages:
    4
    Likes Received:
    2
    Wouldn't be surprising for a miner to wait for the pc to be idle and/or stay on low cpu usage. A virus that makes your computer unusable isn't gonna stay unnoticed for long...
    drumcodeX: ehrwaldt's answer satisfied my curiosity and I trust him that in this case these are false positives.
    Thanks a lot for the answer ehrwaldt! :) regarding the files i don't know as I held off on the installation after analyzing the patch io file. i think they went in the temp folder but i'm not sure anymore.

    iirc i read a comment from someone on some torrent website that said the files remained after execution and live would stop functioning after removing the files from the temp but it was prob wrong if ehrwaldt says they're not staying. I'll try the crack and check if it's true or not myself soon.
     
  9. DrumcodeX

    DrumcodeX Platinum Record

    Joined:
    Jul 28, 2014
    Messages:
    284
    Likes Received:
    256
    Location:
    Reality (virtual)
    Ok, now I get it.
    Guess there's nothing to worry about it. But I think it's a good thing to stay cautious, John Poo :yes:

    Thanks to Mr. Kunzlich for clarifying things. Danke, Ehrwaldt! :wink:

    cheers
     
  10. ehrwaldt kunzlich

    ehrwaldt kunzlich Rock Star

    Joined:
    Oct 4, 2015
    Messages:
    329
    Likes Received:
    302
    Location:
    Utop, IA
    well, actually they are dropped to a temp location and if you kill the patchers process before it can clean up, they'll probably remain in that tempdir. but in no way they will affect live...

    edit: strike that :)
     
    Last edited: Mar 23, 2016
  11. DrumcodeX

    DrumcodeX Platinum Record

    Joined:
    Jul 28, 2014
    Messages:
    284
    Likes Received:
    256
    Location:
    Reality (virtual)
    That's true for sure, but isn't a miner pretty much useless when it's used only very subtle?
    I mean, even if you manage to place it on thousands of machines it still would take forever to generate just one coin. Doesn't make sense to me and would be waste of effort.
    I'd rather go for fast usage of as much resources of that machine I could get. Kind of like virusg posted here --> https://audiosex.pro/threads/do-you...-you-pc-of-bitcoin-minners.23202/#post-167789
    Even if it will be noticed quickly I'd still get a much better result.

    But that's only what I'm thinking and I could be completely wrong... :unsure: :rofl::unsure:
     
  12. sisyphus

    sisyphus Rock Star

    Joined:
    Apr 29, 2014
    Messages:
    1,009
    Likes Received:
    420
    umm, I wasn't trying to be an a-hole, I responded to keep the thread alive because I was HONESTLY was curious... I'd suggest refraining from going atomic on people on your second post, I think if you spent a little bit of time around here you would realize I am NOT what you accuse me of being.
     
  13. John Poo

    John Poo Newbie

    Joined:
    Mar 23, 2016
    Messages:
    4
    Likes Received:
    2
    Sorry I misunderstood your comment and thanks for posting then! :) seems i did indeed go a little atomic. Asking a question about whether a crack contains a virus for my first post I was sure to get ridiculed but instead I got great answers.
     
  14. sisyphus

    sisyphus Rock Star

    Joined:
    Apr 29, 2014
    Messages:
    1,009
    Likes Received:
    420
    no worries John, stuff is OFTEN misread in these forums, but I think you will find that a LOT of people here really want to help! peace!
     
  15. sisyphus

    sisyphus Rock Star

    Joined:
    Apr 29, 2014
    Messages:
    1,009
    Likes Received:
    420
    AND, thanks for your responses ehrwaldt kunzlich! Keeping it real! :)
     
  16. ArticStorm

    ArticStorm Audiosexual

    Joined:
    Jun 7, 2011
    Messages:
    7,113
    Likes Received:
    3,427
    Location:
    AudioSexPro
    dup.exe is the patch engine developed by diablo2oo2 long time ago and bassmod.dll is the plugin to load that sounds or chiptune, which is playing.
    both is packed with UPX i think, so any Anti-Vir shit, will mark it as suspicious, its better to go without Antivirus software, so you avoid such bogus.
     
  17. rontg

    rontg Newbie

    Joined:
    May 6, 2017
    Messages:
    2
    Likes Received:
    0
    Hi,
    When I'm trying to extract the Ableton LivePatch [io].exe file - the AVG antivirus says its a trojan horse genetric36.CHSY - as you can see in the attached screenshot.
    Is it false call? why trojan horse?
    Thanks
    [​IMG]
     
    Last edited: May 7, 2017
  18. ArticStorm

    ArticStorm Audiosexual

    Joined:
    Jun 7, 2011
    Messages:
    7,113
    Likes Received:
    3,427
    Location:
    AudioSexPro
    @rontg
    the io patch is essential the dup.exe, so its packed and therefore avg will think its a trojan.
    if you arent sure, open it in a sandbox.
     
  19. rontg

    rontg Newbie

    Joined:
    May 6, 2017
    Messages:
    2
    Likes Received:
    0
    @ArticStorm
    Well, if this is the case then I believe it will be fine.
    Just for curiosity - when I open it in a sandbox - how can I check if it is actually a virus?
     
  20. ArticStorm

    ArticStorm Audiosexual

    Joined:
    Jun 7, 2011
    Messages:
    7,113
    Likes Received:
    3,427
    Location:
    AudioSexPro
    there is no virus or anything, but the sandbox help you to keep your computer sclean. bring in your ableton.exe and patch in there, auz file should generated in the sandbox too.

    you cant determine if its a virus or anything, because all scanners will give you a false positive because its packed by a protector/packer and therefore has a modified PE structure and virus do modify this strucuture, writing their code in there.
     
Loading...
Similar Threads - ableton live patch Forum Date
Ableton Live Instrument/FX Patches Live Apr 10, 2016
Ableton Live 9.5 patch.command problem Software Nov 10, 2015
Ableton Live 8 Universal Binary Patch Mac / Hackintosh Aug 28, 2012
How does one open the piano roll in Ableton Live? [solved] Live Sunday at 8:30 PM
Ableton Live 12 Suite Selling / Buying Mar 8, 2024
Loading...