Jump to content

Recommended Posts

Hello,

I just got 2 detections from a scan that identify two file from the DeepL translator as malware. Can we verify if these are a real threat or not?? File downloaded from 

https://www.deepl.com/app

 and has been installed for probably a year. It just auto updated maybe yesterday. Log below.

Thanks,

Jared

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 9/21/22
Scan Time: 3:31 PM
Log File: fb98fb4a-39e3-11ed-bcbd-f079596eae69.json

-Software Information-
Version: 4.5.14.210
Components Version: 1.0.1767
Update Package Version: 1.0.60360
License: Free

-System Information-
OS: Windows 10 (Build 19044.2006)
CPU: x64
File System: NTFS
User: DESKTOP-NN8CPMF\jared

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 297209
Threats Detected: 2
Threats Quarantined: 0
Time Elapsed: 2 min, 10 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 2
Malware.AI.2083181846, C:\USERS\JARED\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\STARTUP\DeepL auto-start.lnk, No Action By User, 1000000, 2083181846, , , , , 668066956F1BEB57B32EB58493CC319B, 1E82F69593A65F371E8CFBF6849FA9CF39D5F6F2AD2D803727D500E64000EBF1
Malware.AI.2083181846, C:\USERS\JARED\APPDATA\ROAMING\0INSTALL.NET\DESKTOP-INTEGRATION\STUBS\1EAE01F3CDB5FF0ECF683B15A60A1489573C1188CB34ABC205FCF7A924B4E54D\AUTO-START.EXE, No Action By User, 1000000, 2083181846, 1.0.60360, 812D14C4C62FE8227C2AD516, dds, 01955584, 1122AA4C7A1DBE71D5850FBBE7B0DEB0, D98C225162F538C76371D75AC1B7BC8E8C442947CE190B4E38D42986BE7AA741

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

 

Edited by AdvancedSetup
Disabled live hyperlink
Link to post
Share on other sites

  • Staff

It looks like this was whitelisted yesterday. If you still see a detection, please do the following to clear your hubble cache:

  1. Click on the Malwarebytes icon in the system tray
  2. Select "Quit Malwarebytes"
  3. Navigate to %PROGRAMDATA%\Malwarebytes\MBAMService
  4. Delete the file HubbleCache
  5. Open Malwarebytes
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.