Detected

my software detected your libreoffice have many trojan and malware spy file at your installation file and setuped folder,welcome to clean and fix such trojan,otherwise,your software are unsafe

Where did you get the install file and was the detection on that file or after it was installed? What OS are you using and which Anti-Virus, and detection/cleaning, packages are you using? That may help use know what is going on.

I have never heard of this issue coming up before. My Comodo suite of software has never detected any Trojan and other "nasties" in LO's install files. I have the 4.2.5 installed on my main Win7 laptop and LO was clean.

Hi
It is more likely to be a false-positive. All anti-virus and security
systems run the risk of finding false-positives otherwise they are not
working hard enough.

Also the software competes against major profit-making software from
certain companies so their security programs or anti-virus programs could
have a good reason to have such 'accidents'.

On the other hand the software is free to distribute and modify&distribute
so that people can have tweaked versions to cover a variety of scenarios.
For example on Cds/Dvds glued to the front of mags, or in corporate
environments to place their logo in the menu-bars. Almost all of these are
legitimate and trustworthy. They should all point to the main official
website to make it easy to get the pure original from;
http://www.libreoffice.org/
http://www.libreoffice.org/downloads

If that version created a problem then it would be great to hear which
security program or anti-virus you are using and maybe someone here, or
you, could let them know they have a false-positive.

Good luck and regards from
Tom

I would not use a "modified" version of LO, that adds their logos [or other things] without telling the user that they have modified LO from the original version. I had one software do that and it took weeks of work to install the "non-modified" version so the modifications were no longer seen. I just do not trust these "un-stated modified versions". I create a DVD project for LO and use the original files [all 90+ of them]. I would never modify LO and not tell people that is has been modified. The DVD labels that are included in my DVD project .iso files show both my side and the official LO site URLs next to each other in/on the label "artwork" files and DVD media I burn/print. I also hate the modified software packages that then require the user to go to the original software help service and you are told that since the software was modified those help-line people cannot help the user[s].

Yes, open source and freely modifiable is a good idea, but those developed modified packages should not be called the "exact" same name as the unmodified ones and distributed that way. We need independent coders to "play" with ideas and tweaking LO, to see what they can do to improve the package, or make it "their own version". But users need to know if they are being given a modified package. Once I repository version of LO had a different color splash screen as the same version number downloaded from LO pages. I wondered what else was modified, but the Linux help system could not tell me and would not even admit to that they changed the splash screen in their repository version. So I tend remove repository version after the "updating" and install the official LO website version[s].

Yes, I have had problems with false-positives with some security packages, but less with Comodo's free :Internet Suite" of security software. Of course, it is good to make sure of the software source[s] and run anti-virus on the downloaded install file[s] BEFORE you install them. Some packages automatically check downloaded files before they are saves outside if the "download temp. folder" before it is saved in the targeted one, while others do not. Also make sure you use "Web of Trust" that has a rating system that warns of issues with web pages that might be better to avoid - say kid safe, security issues reported, etc.. It works with Google search and as a "web page entry advisor" on Chrome, Firefox, and IE. Free too.

Tom Davies has written on 7/16/2014 9:34 AM:

Hi
It is more likely to be a false-positive.

Looks to me like a troll! "welcome to clean and fix..."

Hi
On the other hand you quite enjoy using Personas (but without them having a
corporate logo) to tweak your own version of LO to the way you like it and
a lot of people add Extensions, dictionaries and all sorts.

Almost always all those are completely harmless. I imagine people usually
want to make it clear that they have done things to it = to take credit for
it or to distinguish it from the vanilla flavour.

I am not sure it is possible to do modifications without making it clear
that there have been changes tbh
Regards from
Tom

Yes, but Personas and optional add ons to LO are the user's choice and you are not "forced" to keep them.

LO, and most browsers, have built in "set up" options for adding additional "resources" and "decorations" that the user can easily enable/disable or add/remove. These type of things are useful, but you are able to not use these extras if you wish. What I hate is when you have a modified package that changes things and you are not able to opt-out of these changes. A good coder/hacker can modify things, tweaking for good or ill, so that the user cannot see these "secret" modifications.

I once used a dial up package on a laptop that I use both on a broadband network and able to use a dial up access when traveling. That package modified my existing IE browser, or replaced it, and it took a "disk wipe" and reinstall to remove their modifications to IE's background and menu add ons. That was before I started using browsers like Firefox and Opera [before Chrome]. The same thing goes for "web site nasties" that will replace the default page when you start your browser or add a new tab [Windows environment], or even change home pages, plus other things. Security software seems to not stop it from happening and it takes a removal of the browser's user profile and and other configs.

These "forced" modifications of user packages, or undocumented modified packages of popular FOSS software, is never a good thing. For LO, it could give a bad impression of the software. If you are informed that the package is a modified version of LO - before you download and install it - then the user has an informed choice in the matter. The can choose to use the modified version or go to a different download site. On my URL for the NA-DVD project, the web site version of the DVD has the install, help, and language packages that are exact versions of the ones you can download from the official download site. I offer the online version of the DVD's ISO file so users can see what is in the DVD before downloading the 4+/- GB file. I do not modify any packages that I get from LO. Other non TDF/LO associated download sources might not be able to claim this.

The key is if someone modifies a install file and does not tell you about this, you run the risk of it having something nasty in it, like a trogan, worm, virus, etc.. That is why you should ALWAYS run anti-virus and/or other security packages on the file [and anything downloaded] before you use/install it. That is basic security 101 info. The fact the the OP had a "detection" of a trogan [false positive or not] shows that he/she does this. I know others who do not and even fails to keep the security packages up-to-date [or even remove them since they never use the packages].