Literally what the title of the post.
When installing the newly released freebies appears in each malware called VIRTUAL STORE my firewall identified as # 179wb75iydbmh. (WTF?)

I take my first post on this forum to send a greeting to all users.

...))))

 

It's not that you have downloaded it not from DLM site itself but
from one of those bullshit sites that offer downloads of many stuff and then you download a custom installer?
That usually install everything but what you want to.
(and when they're good, they fuck your computer with adware, when they're bad, dunno, maybe even malware)

 

I uninstalled the VSTS and I can not see the exact name as the threat, it no longer appears in the firewall log.

This is the link from which I downloaded the plugins...

https://delamanchavst.wordpress.com/2014/07/03/gto-gtx-qb-3-and-clipstar-are-all-released-for-free-compressors-eq-and-clipper/

 

i don't know how there could be malware if you downloaded from that site. none of those downloads even have installers. they are just the .dll files and .pdf files of the manuals. i scanned them with malwarebytes anti-malware anyway just to be sure, and the scan was negative:

7/7/2014 7:48:14 AM
mbam-log-2014-07-07 (07-48-14).txt

Scan type: Custom scan (G:\Downloads\GTO.zip|G:\Downloads\QB3.zip|G:\Downloads\ClipStar.zip|G:\Downloads\GTX.zip|)
Scan options enabled: File System | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Memory | Startup | Registry | Heuristics/Extra | P2P
Objects scanned: 4
Time elapsed: 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

I decided to write the post by the fact that the installer did not vst, and that made all the odder the detected threat.

I have reinstalled the freebies and I have opened my DAW.
This is the path of the threat that AV stops:

C: \ Users \ s \ AppData \ Local \ VirtualStore \ Program Files (x86) \ Steinberg \ Vstplugins \ DeLaMancha freebies \ GTO_revC \ CK_X_MIX.SEP

...I tried deleting the folder in the path, and to reopen the plugs folder is recreated.

For my part I have already wasted enough time with this scam. Anyway the plugs do not seem to have anything special.

Thank you again for your attention.


....))))

 

Ok, mystery solved.
Those are just SynthEdit modules, false positive 100%.
DeLaMancha explanation
Try to google for the suspect thing next time, you should find what I found