Jump to content

Recommended Posts

I did a vulnerability scan today and have a vulnerable application: 7-zip console - how do I get rid of this and what is it? Thanks.

Share this post


Link to post

Also, plus the post above,

 

7 zip had a security bug which has been fixed in version 16.0. The latest version is 16.2. Just update.

Share this post


Link to post
Also, plus the post above,

 

7 zip had a security bug which has been fixed in version 16.0. The latest version is 16.2. Just update.

 

 

Thank you both for your help. I updated 7 zip and ran another vulnerability scan. It still shows up in the scan and when I go to the details, it is the same page as before. It is located in C:Program Files (x86) Install Shield Installation Information....Should I leave it alone? I don't even know what 7-zip is. Anyway, thanks again.

Share this post


Link to post

Can you please post an exact full path? That folder contains uninstall information for the programs you had installed using Install Shield.

Edited by Whizard

Share this post


Link to post
Can you please post an exact full path? That folder contains uninstall information for the programs you had installed using Install Shield.

 

The exact (I hope) full path:

 

C:\Program Files (x86)InstallShield Installation Information\{B46BEA36-0B71-4A4E-AE41-872...

 

I wasn't able to copy this so I typed it. Hope this helps. Thanks.

Share this post


Link to post
Can you please post an exact full path? That folder contains uninstall information for the programs you had installed using Install Shield.

 

 

C:\Program Files (x86)InstallShield Installation Information\{B46BEA36-0B71-4A4E-AE41-872...

 

 

This is what I see, could not copy it directly.

Share this post


Link to post

I am also receiving 3 application vulnerability notices for 7-zip console. I have never deliberately installed this product, and it does not appear in my list of programs and features, so I cannot remove the program.

 

Here are the exact full paths of the 3 messages I received:

C:\Program Files (x86)InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}\7z.exe

C:\Program Files (x86)InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\7z.exe

C:\Program Files (x86)InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\7z.exe

 

I clicked through from the "Details" link to get the latest version, and installed it. It appeared in my list of programs and features. I ran the vulnerability scan, and got the same 3 messages. I then uninstalled 7-zip. I ran the scan again and got the same 3 messages. I hesitate to put this in the exclusions. I'd like to just get rid of it.

Share this post


Link to post

Delete exutable 7z.exe from the folders:

C:\Program Files (x86)InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}

C:\Program Files (x86)InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}

C:\Program Files (x86)InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}

Share this post


Link to post
Delete exutable 7z.exe from the folders:

C:\Program Files (x86)InstallShield Installation Information\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}

C:\Program Files (x86)InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}

C:\Program Files (x86)InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}

 

 

 

Thank you very much Whizard ! Your expertise helped me get rid of those pesky vulnerabilities ! :)

Share this post


Link to post

For Bonus Points you should consider upgrading your applications:

 

CyberLink PowerDirector

CyberLink Power2Go

 

If they came pre-installed on your computer, and you are not using them, feel free to Uninstall them.

I suppose Media Suite includes all of the above applications in a bundle http://www.cyberlink.com/products/cyberlin...A.html?&r=1

Edited by Whizard

Share this post


Link to post

Hello,

 

I did a vulnerability scan today on my updated 2016 Internet Security and there are two vulnerable 7-Zip Console applications with C:\ Program FIles (x86)........ paths. How can I delete these vulnerabilities? I uninstalled the 7-Zip Console program that was on my computer (I don't know what it was for) but that did not help. Thanks for any suggestions.

 

edie

Share this post


Link to post
Exact path please?

 

C:\Program Files (x86)InstallShield Installation Information\{D36892B6-6299-447F-9C24-5D...

 

 

 

C:\Program Files (x86)InstallShield Installation Information\{B46BEA36-0B71-4A4E-AE41-872...

 

 

 

 

 

Share this post


Link to post
Do not truncate the CLSID, please post it in full.

 

What I posted is what shows up on my vulnerability scan results page of Kaspersky. I am unable to copy so I just typed it in.

 

Share this post


Link to post

You most likely do not have to worry about it. If you want to dig deeper into this you will need to provide the full path and CLSID to figure out which software left older version of 7zip.

Share this post


Link to post
You most likely do not have to worry about it. If you want to dig deeper into this you will need to provide the full path and CLSID to figure out which software left older version of 7zip.

 

What would be the way to dig deeper so I can find the full path and CLSIP? I would like to get rid of these vulnerabilities just to be on the safe side.

Share this post


Link to post

In general you would need to go into the directory indicated by KIS and delete 7zip executable from there.

If you can get a full CLSID you can figure out which application it belongs to and contact the vendor for an upgrade.

Edited by Whizard

Share this post


Link to post

Hi - Thanks for this post from a few months ago. Surprisingly, here I am with same issue on Dec 3, 2017. I've done many vulnerability scans with Kaspersky since June and none have shown up before now. Suddenly, 3 days ago the issue cited above shows up with 4 7-Zip console vulnerabilities!! When I start to replace it with a newer version as suggested by Kaspersky and by you above, Windows Defender shows a warning. I just want an assurance that I can ignore Defender. Operating system is Windows 10.

Co-incidently, 3 days ago I watched a video uploaded by one of the people on this thread to dailymotion.com - could this be the reason that Kaspersky found this now???? Wow, if so! 

  

Share this post


Link to post

I figured out how to copy the vulnerable objects path info requested above so here it is now: Also Win 10 is home version x64

03.12.2017 00.03.54 Vulnerable object (file) detected C:\Program Files (x86)\NSIS Uninstall Information\{6BADCD73-E925-46F7-A295-FF2448632728}\7z.exe File: C:\Program Files (x86)\NSIS Uninstall Information\{6BADCD73-E925-46F7-A295-FF2448632728}\7z.exe Object name: 10915

03.12.2017 00.03.53 Vulnerable object (file) detected C:\Program Files (x86)\NSIS Uninstall Information\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}\7z.exe File: C:\Program Files (x86)\NSIS Uninstall Information\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}\7z.exe Object name: 11026

03.12.2017 00.02.31 Vulnerable object (file) detected C:\Program Files (x86)\InstallShield Installation Information\{6BADCD73-E925-46F7-A295-FF2448632728}\7z.exe File: C:\Program Files (x86)\InstallShield Installation Information\{6BADCD73-E925-46F7-A295-FF2448632728}\7z.exe Object name: 10915

03.12.2017 00.02.31 Vulnerable object (file) detected C:\Program Files (x86)\InstallShield Installation Information\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}\7z.exe File: C:\Program Files (x86)\InstallShield Installation Information\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}\7z.exe Object name: 11026

To reinterate my 2 questions are:

1) may I just ignore Windows defender?

2) co-incidence or why did this vunerability get detected now rather than last June or sometime inbetween given my comment above above about viewing a video online? If you know, I am sure curious! 

MAny thanks, Bonnie Lynne

Share this post


Link to post

Similar/Same problem with 7Z.exe and possible 7Z.dll showing up as vulnerabilities after vulnerability scan.  c:\Program Files (x86)\NSIS Uninstall Information\{32C8E300-BDB4-4398-E9B7D8A233DB}  and C:\Program Files (x86)\NSIS Unintall Information\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}.  There are 7Z.exe and 7Z.dll files in both those folders.  I suspect that some application used those programs to do updates of software.  Neither 7Z nor 7Zip show up in the list of apps so I can uninstall them.  I did a vulnerability scan just a few days ago and these vulnerabilities did not show then.  Is it OK or even effective to just delete the 7Z.exe and 7Zdll files from these directories?  If not, how does one get rid of this vulnerability?

 

PS Win 10 64

PSS the modify dates of these files are 10/4/2016

Share this post


Link to post

Update:  I did a search for 7Z on the whole C drive and came up with numerous instances of both 7Z.exe and 7Zdll.  None of these had a modified date later than 10/10/17.  There was even a 7Z1700-x64.exe and a 7Z-1604x64.exe.  Most of the instances were in the InstallShield information directory, NVIDIA directory, and the already mentioned NSIS Unistall Informtion directories.  The NVIDIA looks to me like a downloader directory for downloading updates for the video card.  There were even some files with a .7Z  suffix.  The only ones that Kaspersky flagged were those in the NSIS Uninstall Information directories, of which there are only the two mentioned above which both contained 7Z.exe and 7Z.dll files.

Share this post


Link to post

The last time I got this type of warning I downloaded the latest version of 7-Zip copied the 7Z.exe and 7Z.dll files from that installation and pasted those everywhere they wer flagged by Kaspersky.  Then I uninstalled the 7-Zip I had just installed.  That was some time ago and I don't remember if it solved the problem.  It might have since I haven't seen a warning from Kaspersky as I might have just deleted those 7Z files thinking that the next time the programs that use 7-Zip a newer version would be installed to complete the update.

Share this post


Link to post

I just deleted the 7Z exes and dlls from the sub directories and the vulnerabilities were not there on the next vulnerability scan.

Share this post


Link to post

×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.