Tone2 Electra v2.7.5 READ NFO-R2R


Team R2R | Jan 11 2020 | 219 MB

The award-winning Electra is not only one of the most powerful synthesizers ever – it’s the complete synthesis solution! Explore a vast musical universe of multi-synthesis oscillators, analog filters, chaotic fractals, samples, flexible modulation and an immense sonic range.

Electra2 – the only synth you need to create a hit!

Many people say that Electra2 is the most powerful synthesizer on the market. This is a bold claim, but why is it true? Electra2 breathes new life into the term “synthesizer workstation”. With its powerful and sonically versatile approach to audio production, it provides you with truly outstanding new sounds.
The instrument is equipped with a high-end quality sound engine with multi-layer support and a wide range of music production features. It’s friendly, easy to use interface allows first-timers to easily create sounds and enables experts to delve into sound-design as deeply as they want to. With Tone2’s high-end technology at its core, you’re not only working with the best sound quality possible, but also a lower CPU usage and larger palette for creating original sounds than with any other type of workstation.
Electra2 comes with an astounding collection of over 1300 production-ready sounds by professional sound designers. A smart patch browser gives you an instant overview of all the available categories and sounds. Just pick the sound you want – it’s that easy.


  * Completely unpacked from MPRESS2. Loads faster and uses less memory.
  * Works without keyfile. Not detectable by their current protection.
  * Homecalling and hosts file scan is bypassed.
  * Does not scan or remove other blacklisted.
  * Includes custom wrapper and solves file access issue.


  What Tone2 does :

  IsDebuggerPresent(), CheckRemoteDebuggerPresent(),
  NtQueryInformationProcess(), VirtualProtect() + Access Violation Exception,
  FindProcess() for famous debuggers and TerminateProcess().
  It will crash the app or call ExitWindowsEx() to shutdown Windowss.

  NOTE : Shutdown function still exists in their Icarus2.

  Any known blacklisted Tone2 keyfile will be removed. The installer also has
  deletion function of known blacklisted keys.

  Tone2 checks MPRESS2 signature to check unpacking. There are 3 ways used for
  checking. Some apps use few and some others use all ways. For 32bit version,
  PECompact is used.

  [Home Calling]
  Tone2 sends info to and gets latest blacklist information.

  [Hosts File Check]
  Tone2 checks system hosts file to find "Tone2" "Byte4" entry. App will crash
  when it is found. Raw IP address is also scanned from hosts file but it is
  not possible define raw IP address in hosts file, so why? :P

  [Keyfile Attribute Change]
  Anti-ReadOnly. Tone2 tries to reset file attribute by SetFileAttribute(). If
  it fails, app will crash.

  Add the path of installation directory from the app.
  "HKEY_CURRENT_USER\Software\Tone2\(AppName)" "Path"
  The path is scanned by every Tone2 apps and remove blacklisted keys.

  Saved preset file contains the information of blacklisted keyfile. When app
  loads presets, they will be checked.

  [Themida Code Virtualizer]
  Only used in Icarus2 and Electra2. Software Virtual Machine function. Since
  patching Virtual Machine results unpredected error, partial or full de-
  virtualization is required.


  REViEW :

  1. Anti-Debugging

  It looks like Tone2 is misunderstanding the today's anti-piracy way. Most of
  their tricks don't stop the hacker from reversing, because app will crash
  immediately after the anti-debug code. They are very easy to find and easy
  to bypass even for the beginner crackers.

  2. Protection

  Current keyfile scheme was acquired after the nice attack from Team AiR in
  2009. The current protection is good and it should not be easily bypassed
  by beginner crackers. Many values in a keyfile are required to run the
  software correctly. However, we need to face the facts that legit keyfiles
  for most plugins are already leaked. Most bad guys don't even care the main
  protection and can concentrate on finding a way to validate the blacklisted
  keys. Unlike the main protection, their blacklisting routine isn't an
  advanced one, easy to find and remove.

  Then - you may wonder why Tone2 has been uncracked for about 10 years. The
  only difficult part is PE Compressor they used (32bit - PECompact3, 64bit -
  MPRESS2). Crackers need to unpack the binary before they start modify the
  code. Unpacking DLL is not so easy like unpacking EXE, and regarding the
  lack of 64bit PE tools, crackers may need to code the own unpacker or script
  to rebuild the PE. Solid knowledge about PE should be required. We think
  that's a secret of protecting and that's why even partial crack (bad crack)
  was not appeared for 10 years.

  3. File/Folder Structure

  Obsolete and not suitable in recent system. Since Windows XP SP2, the
  access to the system directory (include Program Files) are restricted due
  to the security reason. Tone2 put all preset, data, config, log to the same
  location to the DLL. It's hard to believe they are still doing this in 2020.

  PS : Our release put redirect wrapper DLL to your VSTPlugins dir and put
       real files to documents dir. Those issue by obsolete folder structure
       does not happen in our release.



  - Are Tone2 plugins still Malware?

  While all of their freeware or payware contains resource wasting protections,
  they stopped modifying system hosts file after it was mentioned from AiR.
  But, we found they still call ExitWindowsEx in their latest plugin Icarus2.
  According to the security expert, this can be categorized into Trojan,
  regarding these aspects :

  * Technically, it's not virus. Virus need "infection".
  * The app itself is functioning as legit application.
  * Contains malicious code, coded aimed to interfere some users.

  Actually, those apps which cause unintended shutdown is detected as Trojan
  today. Google "Trojan Shutdown" and you can find Torjan.Shutdowner or
  Win32/Shutdowner.*. These are not detect as "potentially unwanted program"
  but Trojan.

  Let's call it Trojan:Win64/Tone2 :)

  - Is it even legal?

  Depends on the law in the countries. Accoridng to the law expert, that
  shutdown code (not intended by user) clearly violates the criminal law in one
  or more countires. He says distributors also have risk and they are better
  to ask Tone2 and confirm there are no malicious code inside to avoid further
  legal issue.

Leave a Reply

Your email address will not be published. Required fields are marked *