7-Zip self-extractors 9.09 and 9.10 falsely flagged as Trojan

[taoyue]

Self-extractors built using the 7zs.sfx self-extractor image from versions 9.09 beta and 9.10 beta of 7-Zip Extras are showing up as false positives in Malwarebytes Anti-Malware.

Files Infected:

P:\MalwareBytes-PinyinTones\7zS.sfx (Trojan.Dropper.Gen) -> No action taken. [F2383A75D3690CED18FF88FC4328521A]

P:\MalwareBytes-PinyinTones\PinyinTones32-codeplex.exe (Trojan.Dropper.Gen) -> No action taken. [F2383A75D3690CED18FF88FC4328521A]

P:\MalwareBytes-PinyinTones\PinyinTones32-codeplex.exe-sfx (Trojan.Dropper.Gen) -> No action taken. [F2383A75D3690CED18FF88FC4328521A]

P:\MalwareBytes-PinyinTones\PinyinTones64-codeplex.exe (Trojan.Dropper.Gen) -> No action taken. [F2383A75D3690CED18FF88FC4328521A]

P:\MalwareBytes-PinyinTones\7z909_extra\7zS.sfx (Trojan.Dropper.Gen) -> No action taken. [F2383A75D3690CED18FF88FC4328521A]

P:\MalwareBytes-PinyinTones\7z910_extra\7zS.sfx (Trojan.Dropper.Gen) -> No action taken. [F2383A75D3690CED18FF88FC4328521A]

Attached is a ZIP file containing all the flagged files above. As far as I can tell, only versions 9.09 and 9.10 of 7-Zip Extras (not the regular 7-Zip package) are affected. Of course, I did not test every version of 7-Zip -- only the ones surrounding the affected version.

MalwareBytes_PinyinTones_7ZS.zip

mbam_log_2010_11_03__22_16_48_.txt

[nosirrah]

This will be fixed in about 15 minutes.