You are here

Trojan in 7zip installer

3 posts / 0 new
Last post
Last seen: 2 years 11 months ago
Joined: 2020-12-20 10:56
Trojan in 7zip installer

Noob here.

I downloaded 7zip on nov 2, filename: 7-ZipPortable_19.00_Rev_2.paf.exe.
This morning Malwarebytes for the first time detected a trojan: Trojan.SmokeLoader.

Has anyone else experienced this?

John T. Haller
John T. Haller's picture
Last seen: 12 min 44 sec ago
Joined: 2005-11-28 22:21
False Positive

See here:

And the scan here:

The scan is linked from the 7-Zip Portable page just below the Download button.

Sometimes, the impossible can become possible, if you're awesome!

Last seen: 2 years 11 months ago
Joined: 2020-12-27 18:08

Yes, i've had the same detection of Trojan.SmokeLoader on December 20, two times, one at \PROGRAM FILES(x86)\Atlassian\Sourcetree\tools\7z.exe, the other one at Windows\Installer\53B2FDB.msi. Oddly, MalwareBytes ignored the threats, but didn't even warn me about it. Just realized it detected them this morning while looking up scan history.

I've had Sourcetree on this computer since more then a year, haven't used it for months, probably didn't update it either. When trying to uninstall Sourcetree, i get an admin permission console for the script of the second detected Trojan, 53B2FDB.msi . I haven't launch the uninstaller because of it... Should i?

I've just scanned both my own suspicious files in VirusTotal, no engines detected either. I suppose it confirms it's safe and can be launched from admin to uninstall Sourcetree? Trojan.SmokeLoader seems like a pretty serious threat, if i understood well it is regularly morphing to stay hard to catch by security tools, i want to be completely sure it was a false positive if i can, and that the threat isn't still there, but hidden somewhere else in my PC.

Log in or register to post comments