Noob here.
I downloaded 7zip on nov 2, filename: 7-ZipPortable_19.00_Rev_2.paf.exe.
This morning Malwarebytes for the first time detected a trojan: Trojan.SmokeLoader.
Has anyone else experienced this?
New: fb2kPortable / foobar2000 (Apr 18, 2024), Platform 29.4 (Apr 10, 2024)
1,000+ portable packages, 1.1 billion downloads
Please donate today
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on Facebook
Follow us on LinkedIn
Follow us on Twitter
Follow us on Mastodon
Follow us on BlueSky
See here: https://portableapps.com/support#false_positive
And the scan here: https://www.virustotal.com/gui/file/6caa61cc53b83b44bef6276ceec4dbc08411...
The scan is linked from the 7-Zip Portable page just below the Download button.
Sometimes, the impossible can become possible, if you're awesome!
Yes, i've had the same detection of Trojan.SmokeLoader on December 20, two times, one at \PROGRAM FILES(x86)\Atlassian\Sourcetree\tools\7z.exe, the other one at Windows\Installer\53B2FDB.msi. Oddly, MalwareBytes ignored the threats, but didn't even warn me about it. Just realized it detected them this morning while looking up scan history.
I've had Sourcetree on this computer since more then a year, haven't used it for months, probably didn't update it either. When trying to uninstall Sourcetree, i get an admin permission console for the script of the second detected Trojan, 53B2FDB.msi . I haven't launch the uninstaller because of it... Should i?
I've just scanned both my own suspicious files in VirusTotal, no engines detected either. I suppose it confirms it's safe and can be launched from admin to uninstall Sourcetree? Trojan.SmokeLoader seems like a pretty serious threat, if i understood well it is regularly morphing to stay hard to catch by security tools, i want to be completely sure it was a false positive if i can, and that the threat isn't still there, but hidden somewhere else in my PC.
https://www.pcrisk.com/removal-guides/12968-smoke-loader-trojan#a3