|
Log in to post
|
Print Thread |
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: Jul 2000
Posts: 5,275
Veteran
|
OP
Veteran
Joined: Jul 2000
Posts: 5,275 |
At times BiaB wants to connect to the internet. ZoneAlarm creates every once in a while this message:  Does anybody have a clue why such messages may pop up?
Martin
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: Oct 2007
Posts: 2,610
Veteran
|
|
Veteran
Joined: Oct 2007
Posts: 2,610 |
That's a first for me. Never had any such messages. That's odd!
Cheers, Mike My Music * Asus ROG Strix G15CF 32 GB DDR4 4TB HDD + 1 TB SSD NVIDIA GeForce RTX 3060 8GB Win 11 AKAI EIE PRO Sound Interface. BIAB/RB 2024 UltraPak Build - Latest
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: Oct 2007
Posts: 2,610
Veteran
|
|
Veteran
Joined: Oct 2007
Posts: 2,610 |
As an after thought: I never have my AV program running when I do anything musically ... BIAB, Sonar, or anything else.
Cheers, Mike My Music * Asus ROG Strix G15CF 32 GB DDR4 4TB HDD + 1 TB SSD NVIDIA GeForce RTX 3060 8GB Win 11 AKAI EIE PRO Sound Interface. BIAB/RB 2024 UltraPak Build - Latest
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: Jul 2000
Posts: 5,275
Veteran
|
|
OP
Veteran
Joined: Jul 2000
Posts: 5,275 |
ZoneAlarm is more of a firewall rather than some AV program. Sure enough, for studio purposes a dedicated DAW may better be free of any AV, internet connection or other background processes. Yet, 'ya know, for everyday purposes, it is quite ok to have BiaB running on the run-of-the-mill home puter.
Which leaves the odd question open -> Why does ZoneAlarm create such messages?
Martin
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: May 2000
Posts: 15,944
PG Music Staff
|
|
PG Music Staff
Joined: May 2000
Posts: 15,944 |
I use ZoneAlarm, and have never seen that message. When does it happen? BB doesn't try to connect to the Internet. The closest thing would be when you click on a a button to visit a web page (like www.pgmusic.com). In that case, BB asks Explorer to open up www.pgmusic.com, which it will do using your default browser (IE, FireFox etc.). That isn't BB communicating with the Internet though. When does it happen... on bootup of BB?
Have Fun!
Peter Gannon
PG Music Inc.
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: May 2003
Posts: 8,021
Veteran
|
|
Veteran
Joined: May 2003
Posts: 8,021 |
Because it's trying to connect to the internet. The problem is that BIAB never does that. Possibly your BIAB .exe has been altered by the ? virus ( I'll try and find the name for you). This was an extremely bad one. Even if you formatted the drive when you went to reinstall programs they (the program .exe) were still infected. Here it is: http://forum.avast.com/index.php?topic=42709.0
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: Jul 2000
Posts: 5,275
Veteran
|
|
OP
Veteran
Joined: Jul 2000
Posts: 5,275 |
Peter, I see no clear pattern when ZoneAlarm creates this message with BiaB. It usually occurs out of the blue, not on bootup of BB, and without me making anything specific with BB, at least that I can currently think of. Odd enough, when I click on a button like 'PG Music Website' of the 'About Band-in-a-Box' info box, the Internet Explorer pops up and connects to the PG Music website without having Zonealarm create any warning.
Which makes this occurrence even stranger. A virus might be a viable explanation. I have Avast running here and checking on the system yields no warnings - which, of course, does not guarantee that no malware might be at work.
A binary file compare of the BBW.exe on my system with some pristine BBW.exe could provide further hints, whether BBW.exe on my system was tinkered with by some malware. Such a pristine BBW.exe might be downloadable from the PG Music web site, with a link potentially communicated via PM?
Hopefully there may be a different explanation.
John, thanks for the link - I am currently perusing its content.
Martin
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: May 2000
Posts: 38,502
Veteran
|
|
Veteran
Joined: May 2000
Posts: 38,502 |
Some of these kind of malwares only appear to be a legit program .exe when they try to connect.
The real source could be in the Registry or in a legit .dll file that Windows uses, where all it needs is a pointer or two to wreak its havoc.
Therefore, binary compare would not work, as both files would be identical.
--Mac
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: Jul 2000
Posts: 5,275
Veteran
|
|
OP
Veteran
Joined: Jul 2000
Posts: 5,275 |
Does this mean, some malware program tries to connect to the internet and mimics some otherwise legitimate program name, such as bbw.exe, just to seduce the user into allowing some connection? Thus the original bbw.exe is potentially not the origin of this message? Getting interesting ... In the meantime I sent my resident BBW.exe file to -> http://www.virustotal.comHere is the online scan result of this service Antivirus Result a-squared - AhnLab-V3 - AntiVir - Antiy-AVL - Authentium - Avast - AVG - BitDefender - CAT-QuickHeal - ClamAV - Comodo - DrWeb - eSafe - eTrust-Vet - F-Prot - Fortinet - GData - Ikarus - Jiangmin - K7AntiVirus - Kaspersky - McAfee - McAfee+Artemis - McAfee-GW-Edition - Microsoft - NOD32 - Norman - nProtect - Panda - PCTools - Prevx - Rising - Sophos - Sunbelt - Symantec - TheHacker - TrendMicro - VBA32 - ViRobot - VirusBuster - Thus no clue yet ... PS: Formatting is not exactly a strong feature of this forum -> those little dashes above should line up underneath the heading 'Result', indicating 'no infection'. Albeit it's still no guarantee, bbw.exe seems to be free from infections. Do I have some virus lurking exploiting programs such as bbw.exe on 'conncet time', or are there other options?
Martin
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: May 2003
Posts: 8,021
Veteran
|
|
Veteran
Joined: May 2003
Posts: 8,021 |
This is were it's trying to go so I think it's a fluke: 08/09/09 16:08:23 IP block 224.0.0.22 Trying 224.0.0.22 at ARIN Trying 224.0.0 at ARIN OrgName: Internet Assigned Numbers Authority OrgID: IANA Address: 4676 Admiralty Way, Suite 330 City: Marina del Rey StateProv: CA PostalCode: 90292-6695 Country: US NetRange: 224.0.0.0 - 239.255.255.255 CIDR: 224.0.0.0/4 NetName: MCAST-NET NetHandle: NET-224-0-0-0-1 Parent: NetType: IANA Special Use NameServer: FLAG.EP.NET NameServer: STRUL.STUPI.SE NameServer: NS.ISI.EDU NameServer: NIC.NEAR.NET Comment: This block is reserved for special purposes. Comment: Please see RFC 3171 for additional information. Comment: RegDate: 1991-05-22 Updated: 2002-09-16 OrgAbuseHandle: IANA-IP-ARIN OrgAbuseName: Internet Corporation for Assigned Names and Number OrgAbusePhone: +1-310-301-5820 OrgAbuseEmail: abuse@iana.orgOrgTechHandle: IANA-IP-ARIN OrgTechName: Internet Corporation for Assigned Names and Number OrgTechPhone: +1-310-301-5820 OrgTechEmail: abuse@iana.org# ARIN WHOIS database, last updated 2009-08-08 20:00 # Enter ? for additional hints on searching ARIN's WHOIS database.
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: May 2003
Posts: 8,021
Veteran
|
|
Veteran
Joined: May 2003
Posts: 8,021 |
224.0.0.22
Look in the logs for Zone Alarm and tell me if that's the senders IP if not give it to me and I'll do a trace for you.
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: Jul 2000
Posts: 5,275
Veteran
|
|
OP
Veteran
Joined: Jul 2000
Posts: 5,275 |
The logs for ZoneAlarm indeed state 224.0.0.22 as the target-IP. Just keep wondering why BB should want to contact this IP. Is it a virus or is it a Vista issue, that Microsoft makes some random programs contact some fancy 224.0.0.22? Is it some mimicry just to get allowance to the internet, and when that's given, some infected program connects to the real evil?
For experimental purposes, I did allow bbw.exe access to the internet, yet CurrPorts did not register any traffic - which is odd all by itself.
ZoneAlarm Version:7.1.254.000 here - is it a bug with ZoneAlarm?
Martin
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: May 2003
Posts: 8,021
Veteran
|
|
Veteran
Joined: May 2003
Posts: 8,021 |
I did not like Zone Alarm. Go to PCtools.com and get there free Firewall Plus.
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: Jul 2000
Posts: 5,275
Veteran
|
|
OP
Veteran
Joined: Jul 2000
Posts: 5,275 |
Looks like a viable alternative, John. To date I was extremely satisfied with a very user friendly ZoneAlarm - yet this behavior sure is puzzling. Don't want to get nagged by a bunch of false alarms. And then ... what if they aren't?
Martin
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: Dec 2007
Posts: 1,439
Expert
|
|
Expert
Joined: Dec 2007
Posts: 1,439 |
G'day Martin, consensus here in my office is: a) Zone Alarm "weirdness" - ZA can be very invasive and this could simply be an error on it's part. b) Malware - possibly masquerading as a running process - in this case BBW, or being mixed up with a running process by ZA. Either way, a comprehensive malware scan is indicated. At the moment "Malwarebytes" ( http://www.malwarebytes.org ) is a reasonably good scanner that doesn't seem to miss much, if anything. Spybot Search and Destroy ( http://www.safer-networking.org/en/home/index.html ) is another goodie. I'd probably run both. The destination address in question is a "multicast" address - kind of like a broadcast but for the local network and with specific destinations defined by the last octet (byte) of the address - in this case .22 which is IGMP (Internet Group Management Protocol) Quote:
RFC 988, page 13: ( http://www.networksorcery.com/enp/rfc/rfc988.txt )
The Internet Group Management Protocol (IGMP) is used between IP hosts and their immediate neighbor multicast agents to support the creation of transient groups, the addition and deletion of members of a group, and the periodic confirmation of group membership. IGMP is an asymmetric protocol and is specified here from the point of view of a host, rather than a multicast agent.
See :
http://www.networksorcery.com/enp/protocol/ip/multicast.htm
http://www.networksorcery.com/enp/protocol/igmp.htm
for a little additional info.
It is unlikely in the extreme that BBW.EXE is actually the culprit here. Without knowing more about your network it would be hard to identify what is going on other than your machine appears to be trying to query or join a "transient group" on the local network - I reckon this could be a network worm although there is legitimate traffic of this nature on most networks. The reason I think it's a worm is that it appears to be BBW and we know (thanks to Peter) that BBW definitely does not use IP communications directly.
--=-- My credo: If it's worth doing, it's worth overdoing - just ask my missus, she'll tell ya  --=--You're only paranoid if you're wrong!
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: Jul 2000
Posts: 5,275
Veteran
|
|
OP
Veteran
Joined: Jul 2000
Posts: 5,275 |
Just entering "224.0.0.22" into Google you'll get swamped with listings from irritated users. This address appears to be within the range of local IP multicast addresses (http://en.wikipedia.org/wiki/Multicast_address) designated for multicasting on the local LAN only.
Kind of difficult to plow a way through the jungle of google listings. Maybe some kind of worm is active trying to infect the local LAN, maybe some weird OS stuff is nagging users, yet otherwise harmless. The default answer in many Internet forums appears to be -> run a system scan for malware ... yet in those same threads usually *no* definitive clues come up of the type: 'yes, just detected worm xyz'. On the other hand, I haven't found any definitive clue yet, what this multicast stuff is all about and why it should be harmless or harmful. Lawrie, you provided a whole bunch of useful info, which sure takes some time to digest.
The connection message 224.0.0.22 appears to pop up with a variety of Firewalls. On the other hand, Peter uses ZoneAlarm and has never seen such a message. Maybe its a configuration issue between router, PC, and Firewall.
Lawrie, thanks for your info and links. Will run a scan, likely sometime overnight. No definitive clue yet.
Martin
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: May 2000
Posts: 38,502
Veteran
|
|
Veteran
Joined: May 2000
Posts: 38,502 |
That *may* be the cause of one called, "Trojan.FakeAlert" which we have seen here recently on several machines but can't figure out exactly what it was intended to do.
It appears that it originally would fake a virus alert warning from your chosen scanning software but in reality would always take you to a certain website that was trying to sell some fake virus protection software that had "found" a virus that nothing else did. The website is terrible, not letting people close it unless they go ahead and pay $29.95 to purchase a software that does not exist. In the process, whoever put this scam together would not only receive online funds and presumably some account info, but the people don't get any software to download.
One of the clues as to whether you've got this one is that on a few XP machines we've seen, bootup time is increased by about a minute or two and there is a Blue Screen that appears for about a full minute between the XP starting "blue bar" screen and the desktop finally appearing. -- But not in every case and we haven't seen this action with infected Vista machines so far.
If it is that one, Malwarebytes, which you've already been pointed to, has been able to locate and quarantine the offending Registry Keys that cause it in every case we've seen so far.
G'Luck,
--Mac
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: May 2000
Posts: 15,944
PG Music Staff
|
|
PG Music Staff
Joined: May 2000
Posts: 15,944 |
Martin, perhaps you are using a VST/DxI or MIDI interface that is triggering that message.
The program (BBW) hosts the various plugins, so messages would appear to be coming from the program (BBW).
To test that, try using a simple MIDI driver like VSC DXi, and see if the message goes away.
Have Fun!
Peter Gannon
PG Music Inc.
|
|
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box for Windows
|
Joined: Jul 2000
Posts: 5,275
Veteran
|
|
OP
Veteran
Joined: Jul 2000
Posts: 5,275 |
Thanks, Peter, I had Forte active in the VST/DirectX Instruments/Plugins selection dialog; which I now set to VSC DXi to see what happens (the checkmark 'Use VST/DXi Synth' in the MIDI/Audio Drivers Setup was not active, though, just selected 'Microsoft GS Wavetable Synth' ... yet who knows). I am gaining confidence that the communication to 224.0.0.22 seems to be thoroughly harmless. People give advice on how to -> deactivate IP multicasting. It doesn't appear that malicious communication is possible at all here - just telling the router 'hello, I am here', for whatever murky purpose. The puzzling issue remains, though, why should BiaB do that in the first place; and your hunch may shed some light onto this issue. BTW, in the meantime I ran a thorough www.malwarebytes.org scan over my system with zero result - which is promising for the time being, and sure keeps up the suspense.
Martin
|
|
|
|
|
|
|
|
|
|
|
|
Ask sales and support questions about Band-in-a-Box using natural language.
ChatPG's knowledge base includes the full Band-in-a-Box User Manual and sales information from the website.
|
|
|
|
|
|
|
|
|
|
|
Band-in-a-Box 2026 for Windows Special Offers End Tomorrow (January 15th, 2026) at 11:59 PM PST!
Time really is running out! Save up to 50% on Band-in-a-Box® 2026 for Windows® upgrades and receive a FREE Bonus PAK—only when you order by 11:59 PM PST on Thursday, January 15, 2026!
We've added many major new features and new content in a redesigned Band-in-a-Box® 2026 for Windows®!
Version 2026 introduces a modernized GUI redesign across the program, with updated toolbars, refreshed windows, smoother workflows, and a new Dark Mode option. There’s also a new side toolbar for quicker access to commonly used windows, and the new Multi-View feature lets you arrange multiple windows as layered panels without overlap, making it easier to customize your workspace.
Another exciting new addition is the new AI-Notes feature, which can transcribe polyphonic audio into MIDI. You can view the results in notation or play them back as MIDI, and choose whether to process an entire track or focus on specific parts like drums, bass, guitars/piano, or vocals. There's over 100 new features in Band-in-a-Box® 2026 for Windows®.
There's an amazing collection of new content too, including 202 RealTracks, new RealStyles, MIDI SuperTracks, Instrumental Studies, “Songs with Vocals” Artist Performance Sets, Playable RealTracks Set 5, two RealDrums Stems sets, XPro Styles PAK 10, Xtra Styles PAK 21, and much more!
Upgrade your Band-in-a-Box for Windows to save up to 50% on most Band-in-a-Box® 2026 upgrade packages!
Plus, when you order your Band-in-a-Box® 2026 upgrade during our special, you'll receive a Free Bonus PAK of exciting new add-ons.
If you need any help deciding which package is the best option for you, just let us know. We are here to help!
Band-in-a-Box® 2026 for Windows® Special Offers Extended Until January 15, 2026!
Good news! You still have time to upgrade to the latest version of Band-in-a-Box® for Windows® and save. Our Band-in-a-Box® 2026 for Windows® special now runs through January 15, 2025!
We've packed Band-in-a-Box® 2026 with major new features, enhancements, and an incredible lineup of new content! The program now sports a sleek, modern GUI redesign across the entire interface, including updated toolbars, refreshed windows, smoother workflows, a new dark mode option, and more. The brand-new side toolbar provides quicker access to key windows, while the new Multi-View feature lets you arrange multiple windows as layered panels without overlap, creating a flexible, clutter-free workspace. We have an amazing new “AI-Notes” feature. This transcribes polyphonic audio into MIDI so you can view it in notation or play it back as MIDI. You can process an entire track (all pitched instruments and drums) or focus on individual parts like drums, bass, guitars/piano, or vocals. There's an amazing collection of new content too, including 202 RealTracks, new RealStyles, MIDI SuperTracks, Instrumental Studies, “Songs with Vocals” Artist Performance Sets, Playable RealTracks Set 5, two RealDrums Stems sets, XPro Styles PAK 10, Xtra Styles PAK 21, and much more!
There are over 100 new features in Band-in-a-Box® 2026 for Windows®.
When you order purchase Band-in-a-Box® 2026 before 11:59 PM PST on January 15th, you'll also receive a Free Bonus PAK packed with exciting new add-ons.
Upgrade to Band-in-a-Box® 2026 for Windows® today! Check out the Band-in-a-Box® packages page for all the purchase options available.
Happy New Year!
Thank you for being part of the Band-in-a-Box® community.
Wishing you and yours a very happy 2026—Happy New Year from all of us at PG Music!
Season's Greetings!
Wishing everyone a happy, healthy holiday season—thanks for being part of our community!
The office will be closed for Christmas Day, but we will be back on Boxing Day (Dec 26th) at 6:00am PST.
Team PG
Band-in-a-Box 2026 Video: The Newly Designed Piano Roll Window
In this video, we explore the updated Piano Roll, complete with a modernized look and exciting new features. You’ll see new filtering options that make it easy to focus on specific note groups, smoother and more intuitive note entry and editing, and enhanced options for zooming, looping, and more.
Watch the video.
You can see all the 2026 videos on our forum!
Band-in-a-Box 2026 Video: AI Stems & Notes - split polyphonic audio into instruments and transcribe
This video demonstrates how to use the new AI-Notes feature together with the AI-Stems splitter, allowing you to select an audio file and have it separated into individual stems while transcribing each one to its own MIDI track. AI-Notes converts polyphonic audio—either full mixes or individual instruments—into MIDI that you can view in notation or play back instantly.
Watch the video.
You can see all the 2026 videos on our forum!
Bonus PAK and 49-PAK for Band-in-a-Box® 2026 for Windows®
With your version 2026 for Windows Pro, MegaPAK, UltraPAK, UltraPAK+, Audiophile Edition or PlusPAK purchase, we'll include a Bonus PAK full of great new Add-ons for FREE! Or upgrade to the 2026 49-PAK for only $49 to receive even more NEW Add-ons including 20 additional RealTracks!
These PAKs are loaded with additional add-ons to supercharge your Band-in-a-Box®!
This Free Bonus PAK includes:
- The 2026 RealCombos Booster PAK:
-For Pro customers, this includes 27 new RealTracks and 23 new RealStyles.
-For MegaPAK customers, this includes 25 new RealTracks and 23 new RealStyles.
-For UltraPAK customers, this includes 12 new RealStyles.
- MIDI Styles Set 92: Look Ma! More MIDI 15: Latin Jazz
- MIDI SuperTracks Set 46: Piano & Organ
- Instrumental Studies Set 24: Groovin' Blues Soloing
- Artist Performance Set 19: Songs with Vocals 9
- Playable RealTracks Set 5
- RealDrums Stems Set 9: Cool Brushes
- SynthMaster Sounds Set 1 (with audio demos)
- Android Band-in-a-Box® App (included)
Looking for more great add-ons, then upgrade to the 2026 49-PAK for just $49 and you'll get:
- 20 Bonus Unreleased RealTracks and RealDrums with 20 RealStyle.
- FLAC Files (lossless audio files) for the 20 Bonus Unreleased RealTracks and RealDrums
- MIDI Styles Set 93: Look Ma! More MIDI 16: SynthMaster
- MIDI SuperTracks Set 47: More SynthMaster
- Instrumental Studies 25 - Soul Jazz Guitar Soloing
- Artist Performance Set 20: Songs with Vocals 10
- RealDrums Stems Set 10: Groovin' Sticks
- SynthMaster Sounds & Styles Set 2 (sounds & styles with audio demos)
Learn more about the Bonus PAKs for Band-in-a-Box® 2026 for Windows®!
|
|
|
|
|
|
|
|
|
|
|
|
Forums57
Topics85,814
Posts796,527
Members39,965
| |
Most Online25,754
Jan 24th, 2025
|
|
|
|
|
|
|
|
|
Dansk
Deutsch - Windows
Español
Français - Windows
Italiano - Windows
Nederlands
Polski
Português
Svenskt
русский
Japanese
Simplified Chinese
Traditional Chinese
Korean