Issue 125213 - Virus checker reports a trojan in the 4.1 windows download
Summary: Virus checker reports a trojan in the 4.1 windows download
Status: CLOSED NOT_AN_OOO_ISSUE
Alias: None
Product: Infrastructure
Classification: Infrastructure
Component: Downloads (show other issues)
Version: current
Hardware: All All
: P3 Normal (vote)
Target Milestone: 4.1.0
Assignee: AOO issues mailing list
QA Contact:
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-07-06 20:02 UTC by daywood
Modified: 2014-07-07 19:22 UTC (History)
1 user (show)

See Also:
Issue Type: DEFECT
Latest Confirmation in: ---
Developer Difficulty: ---

Attachments
Window from Norton 360 describing threat and action taken (32.20 KB, image/png)
2014-07-06 20:02 UTC, daywood 		no flags Details
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.
Description daywood 2014-07-06 20:02:33 UTC 
Created attachment 83648 [details]
Window from Norton 360 describing threat and action taken

My Norton 360 blocks the install download because it reports that there is a trojan called suspicious.cloud.9 in it. The download I am trying is from the main SoureForge site. I engaged Norton support to troubleshoot whether it was the checker or the download and they concluded it was the download. 

One of the reasons they concluded that the download is infected is that we could download successfully from the #1 alternate mirror linked from the SourceForge site. However, my Windows 7 computer won't install that one because it says it is a 32-bit image that is not compatible with my operating system. I know. One issue per report. Just letting you know that this has not been a joyful experience.
Comment 1 oooforum (fr) 2014-07-07 14:10:51 UTC 
I use ESET NOD32 and no problem.
Certainly a false positive.
Please, report to https://submit.symantec.com/false_positive/
Comment 2 Marcus 2014-07-07 18:48:49 UTC 
Here is another answer fro mthe dev@ mailing list from Dennis Hamilton:

http://markmail.org/message/ewzovt2uzqyqrmyb

1. Disable Norton 360 before downloading.

2. For download, do not select open, select Save and place in a memorable location (your Download folder, for example).

3. Use any of the procedures for verifying the Download.  This code is not signed, so you will have to use either the PGP or the MD5/SHA verifications.  

4. All of these verify that the downloaded file matches the file from which the verification files were produced.  The PGP verification will also assert that the file is signed by the release manager, Juergen Schmidt, at Apache OpenOffice, but there may be a warning that you don't have anything by which to trust that is the release manager's signature.  That is normal if you do not use PGP regularly and have a collection of public keys that you trust.

5. In Norton 360, see if there is a setting where it will only remove or quarantine files after confirmation by you.  This will let you over-rule Norton in the future, verifying the file yourself instead.