De La Mancha freebies malware

Discussion in 'Software' started by 53Y35, Jul 6, 2014.

  1. 53Y35

    53Y35 Member

    Joined:
    May 26, 2014
    Messages:
    32
    Likes Received:
    13
    Literally what the title of the post.
    When installing the newly released freebies appears in each malware called VIRTUAL STORE my firewall identified as # 179wb75iydbmh. (WTF?)

    I take my first post on this forum to send a greeting to all users.

    ...))))
     
  2.  
  3. ArticStorm

    ArticStorm Moderator Staff Member

    Joined:
    Jun 7, 2011
    Messages:
    7,689
    Likes Received:
    3,917
    Location:
    AudioSexPro
    i downloaded a couple of his vsts and there is malware, there is in fact not even a setup, so no way to drop malware is it used to be the common way to do so.

    so the fact that you install de la mancha is already false. Or can you point out the plugin, where you getting this message with your analyse-software?
     
  4. copylefter

    copylefter Producer

    Joined:
    Mar 3, 2012
    Messages:
    707
    Likes Received:
    118
    Location:
    text_section
    It's not that you have downloaded it not from DLM site itself but
    from one of those bullshit sites that offer downloads of many stuff and then you download a custom installer?
    That usually install everything but what you want to.
    (and when they're good, they fuck your computer with adware, when they're bad, dunno, maybe even malware)
     
  5. 53Y35

    53Y35 Member

    Joined:
    May 26, 2014
    Messages:
    32
    Likes Received:
    13
    I uninstalled the VSTS and I can not see the exact name as the threat, it no longer appears in the firewall log.

    This is the link from which I downloaded the plugins...

    https://delamanchavst.wordpress.com/2014/07/03/gto-gtx-qb-3-and-clipstar-are-all-released-for-free-compressors-eq-and-clipper/
     
  6. realitybytez

    realitybytez Audiosexual

    Joined:
    May 29, 2013
    Messages:
    1,451
    Likes Received:
    633
    i don't know how there could be malware if you downloaded from that site. none of those downloads even have installers. they are just the .dll files and .pdf files of the manuals. i scanned them with malwarebytes anti-malware anyway just to be sure, and the scan was negative:

    7/7/2014 7:48:14 AM
    mbam-log-2014-07-07 (07-48-14).txt

    Scan type: Custom scan (G:\Downloads\GTO.zip|G:\Downloads\QB3.zip|G:\Downloads\ClipStar.zip|G:\Downloads\GTX.zip|)
    Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P
    Objects scanned: 4
    Time elapsed: 4 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)
     
  7. 53Y35

    53Y35 Member

    Joined:
    May 26, 2014
    Messages:
    32
    Likes Received:
    13
    I decided to write the post by the fact that the installer did not vst, and that made all the odder the detected threat.

    I have reinstalled the freebies and I have opened my DAW.
    This is the path of the threat that AV stops:

    C: \ Users \ s \ AppData \ Local \ VirtualStore \ Program Files (x86) \ Steinberg \ Vstplugins \ DeLaMancha freebies \ GTO_revC \ CK_X_MIX.SEP

    ...I tried deleting the folder in the path, and to reopen the plugs folder is recreated.

    For my part I have already wasted enough time with this scam. Anyway the plugs do not seem to have anything special.

    Thank you again for your attention.


    ....))))
     
  8. copylefter

    copylefter Producer

    Joined:
    Mar 3, 2012
    Messages:
    707
    Likes Received:
    118
    Location:
    text_section
    Ok, mystery solved.
    Those are just SynthEdit modules, false positive 100%.
    DeLaMancha explanation
    Try to google for the suspect thing next time, you should find what I found :thumbsup:
     
Loading...
Similar Threads - Mancha freebies malware Forum Date
De La Mancha SLiX & Ditto Software Aug 27, 2019
Anybody have Delamancha dirtbox 2 please? Software Mar 18, 2018
Anyone have SideArm Compressor by delamancha Software Jan 9, 2016
Loophole And Impakter VSTi Plugins By de la Mancha Are Now FREE! Software News Oct 23, 2014
GTO, GTX, QB-3 and Clipstar by de la Mancha free... Software News Jul 3, 2014
Loading...