MusicMan Posted August 29 Share Posted August 29 On 8/15/2024 at 7:55 PM, Starship Krupa said: I really doubt that you'll have buyer's remorse about dropping $50 on MEssentialsFX. Once you get a look and listen to MTurboDelay and MTurboReverble, you'll see what the fuss is about. MTurboDelay is ridiculously comprehensive and the Bricasti-alike in MTurboReverble is my go-to 'verb. Better still, while you have time, demo them. I think they reset the demo period counters, so you won't even have to hear the dropouts you'd otherwise get in demo mode. On 8/18/2024 at 6:04 AM, Brian Walton said: The turbo reverbLE is something special in the sense that I'm not sure anything else has as much under one roof. If I could only have one algo reverb this would be it for the combo of versatility, sound quality and general CPU consumption. I don't care for the layout of mdelay but there is quite a bit in there to. Mlimiter is usable and more straightforward than most melda plugins. So I ended up trying MTurboDelay, MTurboReverbLE and MLimiterX and decided the bundle is definitely worth it, and I'll grab. Since then I bought FL Studio All Plugins Edition that has just been on sale as it was the cheapest I'd ever seen it and now Steinberg has dropped their 40th Birthday sale that is also the cheapest on some suites that I'd planned on buying as well! Why couldn't all these people have spaced out these sales.. now I'm going to have make some decisions and likely miss out on some of them this time around 🤣 Link to comment Share on other sites More sharing options...
GTsongwriter Posted August 29 Share Posted August 29 With the most recent new setup, I’ve tested at VirusTotal, I don’t trust any Melda Productions products past v16. v17 tested positive for malware and the activity similar to malware. 1 Link to comment Share on other sites More sharing options...
Starship Krupa Posted August 29 Author Share Posted August 29 (edited) 55 minutes ago, GTsongwriter said: With the most recent new setup, I’ve tested at VirusTotal, I don’t trust any Melda Productions products past v16. v17 tested positive for malware and the activity similar to malware. What do you imagine would happen if you installed v. 17? VirusTotal says that out of 75 companies who make their living screening for malware, 74 gave the MeldaProduction v. 17 installer a clean bill of health. 1 of them flagged it using a criterion that commonly yields false positives. Edited August 29 by Starship Krupa 1 Link to comment Share on other sites More sharing options...
GTsongwriter Posted August 29 Share Posted August 29 (edited) 1 hour ago, Starship Krupa said: What do you imagine would happen if you installed v. 17? VirusTotal says that out of 75 companies who make their living screening for malware, 74 gave the MeldaProduction v. 17 installer a clean bill of health. 1 of them flagged it using a criterion that commonly yields false positives. The problem is all the versions up to v16 passed the Virus Total test. Why would it now flag v17? Sounds fishy to me. Is there a way to install without using the new installer? Edited August 29 by GTsongwriter Link to comment Share on other sites More sharing options...
Brian Walton Posted August 29 Share Posted August 29 2 hours ago, GTsongwriter said: The problem is all the versions up to v16 passed the Virus Total test. Why would it now flag v17? Sounds fishy to me. Is there a way to install without using the new installer? It is a brand new installer system that isn't like the previous ones. Lots of reasons why some random scanner might flag a new installer. No installs are possible for the new versions without this new installer. I personally wouldn't be worried at all about it, but everyone has a different risk tolerance. Mine is fairly low, but I also don't consider this one all that risky all factors considered. 1 Link to comment Share on other sites More sharing options...
Starship Krupa Posted August 29 Author Share Posted August 29 5 hours ago, GTsongwriter said: Why would it now flag v17? Because no malware test is perfect and they are tuned toward the side of aggressiveness, thereby resulting in false positives. Malware scanners all seek to be in the position of catching threats that their competition miss. They work by matching patterns, and there's no guarantee that their pattern matching won't occasionally identify a pattern as malware when it is actually benign. Again, what do you imagine would happen if you were to run the v. 17 MeldaProduction installer? Do you believe that MeldaProduction have broken bad and coded malware into their installer that is so stealthy that it can fool 74 out of 75 malware scanners yet still deliver a harmful payload? To what end? Do you believe that MeldaProduction would go to these great lengths to ruin their reputation by coding something into their installer that harms their customers' computers or compromises their private data? Yes, it is "fishy" indeed, but what is fishy is the assertion by one single scanner (out of 75 reporting) that MeldaProduction's installer may contain malware. 2 Link to comment Share on other sites More sharing options...
GTsongwriter Posted August 29 Share Posted August 29 (edited) 46 minutes ago, Starship Krupa said: Because no malware test is perfect and they are tuned toward the side of aggressiveness, thereby resulting in false positives. Malware scanners all seek to be in the position of catching threats that their competition miss. They work by matching patterns, and there's no guarantee that their pattern matching won't occasionally identify a pattern as malware when it is actually benign. Again, what do you imagine would happen if you were to run the v. 17 MeldaProduction installer? Do you believe that MeldaProduction have broken bad and coded malware into their installer that is so stealthy that it can fool 74 out of 75 malware scanners yet still deliver a harmful payload? To what end? Do you believe that MeldaProduction would go to these great lengths to ruin their reputation by coding something into their installer that harms their customers' computers or compromises their private data? Yes, it is "fishy" indeed, but what is fishy is the assertion by one single scanner (out of 75 reporting) that MeldaProduction's installer may contain malware. I don't think Melda Production would have done this on purpose. I just think it's possible that they have acquired a virus or malware in their computer system and when they compiled the software, it snuck itself into the compiler and added itself into the code OR the new installer has be infected with the virus for which they didn't know about. There's also a possiblity that a lot of malware uses the same installer system that they use, because it's open source and free. That similar code is what is being detected. I bet if they create thier own installer or change the installer, it would no longer affect Virus Total. Edited August 29 by GTsongwriter Link to comment Share on other sites More sharing options...
Starship Krupa Posted August 29 Author Share Posted August 29 1 hour ago, GTsongwriter said: t's possible that they have acquired a virus or malware in their computer system and when they compiled the software, it snuck itself into the compiler and added itself into the code OR the new installer has be infected with the virus for which they didn't know about. Well, FWIW, I have it installed and you can add Windows Defender to the list of anti-malware software that doesn't think there's a problem. If you think there's a problem, I suppose you can wait for MeldaProduction's next release and see if that one anti-malware service still thinks it's suspicious. Link to comment Share on other sites More sharing options...
Promidi Posted August 29 Share Posted August 29 9 hours ago, GTsongwriter said: The problem is all the versions up to v16 passed the Virus Total test. Why would it now flag v17? Sounds fishy to me. Not fishy at all. Because It's a false positive. 4 Link to comment Share on other sites More sharing options...
MusicMan Posted August 31 Share Posted August 31 On 8/30/2024 at 3:32 AM, GTsongwriter said: I don't think Melda Production would have done this on purpose. I just think it's possible that they have acquired a virus or malware in their computer system and when they compiled the software, it snuck itself into the compiler and added itself into the code OR the new installer has be infected with the virus for which they didn't know about. There's also a possiblity that a lot of malware uses the same installer system that they use, because it's open source and free. That similar code is what is being detected. I bet if they create thier own installer or change the installer, it would no longer affect Virus Total. it is always possible that they themselves have been infected by a virus and scanning with Virus Total is really useful and something I often do. Especially as sometimes on here there are new developers I don't know much about, but might want to test their stuff out. It's not uncommon to see a detection or two on VirusTotal. These will generally be false posititves if it's so limited. What Erik mentioend is spot on. It's always the balance between being too aggresive and keeping you safe, or the scanner being too relaxed and letting something malicious slip through. They almost always err on the overcautious side. I did scan the installer the other day and noticed that detection too. It appeared to be an AI scanner from memory. That probably adds another layer of potential to get things wrong as well. Just like in the pictures AI creates with hands that have seven fingers on them, AI sometimes gets things a little wrong too! I installed the update even after seeing what I'm 99.99999% certain is a false positive. Often if you scan a little while later the companies have realised it's not malicoius and it will pass. Some you can even just upload to them to review. 2 1 Link to comment Share on other sites More sharing options...
Starship Krupa Posted August 31 Author Share Posted August 31 I also refer to my own empirical experience: in twenty years of downloading and using installers and individual plug-ins from all manner of developers large and small (I am a freeware maven), I have yet to get any malware on any of my computers via a plug-in installer. IMO, not only have malware threats been exaggerated by malware protection companies and media in order to further their own ends (fear sells!), malware is more of an issue inside larger organizations where a lot of computers are connected to each other inside the company firewall. I don't like to cop a position of authority, but I am a Microsoft Certified Systems Engineer and used to be an IT professional at a security company. That said, if installing a program that has triggered what is obviously a false positive on one malware scanner out of 75 will keep you up at night, don't do it. The latest version of a plug-in company's installer shell is not critical path software. Unless MeldaProduction have added anything to one of your bundles that you're really hot to check out, v. 16, with its legacy installer works just fine. So no compelling reason to jump at v. 17 anyway. MCenter is a useful tool if you have material that has its low end information that is too spread out. We've somehow managed without it up to this time. The advice from MusicMan to wait a while and check it again is excellent. 1 Link to comment Share on other sites More sharing options...
GTsongwriter Posted August 31 Share Posted August 31 If I really wanted to test this plugins out, I could run them in a sandbox on Windows in a container, watch what settings they create, then just copy the plugins I want from that windows and the settings, and move them over to my studio computer. But do I really want to have to work that hard? Link to comment Share on other sites More sharing options...
Pat Osterday Posted August 31 Share Posted August 31 8 hours ago, GTsongwriter said: If I really wanted to test this plugins out, I could run them in a sandbox on Windows in a container, watch what settings they create, then just copy the plugins I want from that windows and the settings, and move them over to my studio computer. But do I really want to have to work that hard? As mentioned, I'm with the others on the 99.99999999999999% false positive. Melda is a responsible developer and if anything happened like a hack that put a virus into the installer, they'd have sent out a message. (Melda is a pretty small target for a hacker too.) You could just email them and mention it - probably would save you a lot of time! Link to comment Share on other sites More sharing options...
GTsongwriter Posted August 31 Share Posted August 31 1 hour ago, Pat Osterday said: As mentioned, I'm with the others on the 99.99999999999999% false positive. Melda is a responsible developer and if anything happened like a hack that put a virus into the installer, they'd have sent out a message. (Melda is a pretty small target for a hacker too.) You could just email them and mention it - probably would save you a lot of time! Maybe it’ll be fixed in v18. I’ll just wait. There’s more information on the kvr forum. Link to comment Share on other sites More sharing options...
Pat Osterday Posted August 31 Share Posted August 31 10 minutes ago, GTsongwriter said: Maybe it’ll be fixed in v18. I’ll just wait. There’s more information on the kvr forum. Suit yourself. I just read the forum. All seems pretty clear and Melda are working on an update for the manager. Surprised people have so much time to worry about these things, but to each their own! Melda seems to be one of the least nefarious developers out there. Anyway, even if someone wants to use the v16 plugins without the manager, the deal is still on for 10 hours. 3 Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now