You are here

Trojan in 7zip installer

3 posts / 0 new
Last post
5hole
Offline
Last seen: 3 years 11 months ago
Joined: 2020-12-20 10:56
Trojan in 7zip installer

Noob here.

I downloaded 7zip on nov 2, filename: 7-ZipPortable_19.00_Rev_2.paf.exe.
This morning Malwarebytes for the first time detected a trojan: Trojan.SmokeLoader.

Has anyone else experienced this?

John T. Haller
John T. Haller's picture
Offline
Last seen: 2 hours 8 min ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
False Positive

See here: https://portableapps.com/support#false_positive

And the scan here: https://www.virustotal.com/gui/file/6caa61cc53b83b44bef6276ceec4dbc08411...

The scan is linked from the 7-Zip Portable page just below the Download button.

Sometimes, the impossible can become possible, if you're awesome!

rollingtatoo22
Offline
Last seen: 3 years 11 months ago
Joined: 2020-12-27 18:08
Same

Yes, i've had the same detection of Trojan.SmokeLoader on December 20, two times, one at \PROGRAM FILES(x86)\Atlassian\Sourcetree\tools\7z.exe, the other one at Windows\Installer\53B2FDB.msi. Oddly, MalwareBytes ignored the threats, but didn't even warn me about it. Just realized it detected them this morning while looking up scan history.

I've had Sourcetree on this computer since more then a year, haven't used it for months, probably didn't update it either. When trying to uninstall Sourcetree, i get an admin permission console for the script of the second detected Trojan, 53B2FDB.msi . I haven't launch the uninstaller because of it... Should i?

I've just scanned both my own suspicious files in VirusTotal, no engines detected either. I suppose it confirms it's safe and can be launched from admin to uninstall Sourcetree? Trojan.SmokeLoader seems like a pretty serious threat, if i understood well it is regularly morphing to stay hard to catch by security tools, i want to be completely sure it was a false positive if i can, and that the threat isn't still there, but hidden somewhere else in my PC.

https://www.pcrisk.com/removal-guides/12968-smoke-loader-trojan#a3

Log in or register to post comments