Rel. 3.6.1 and Norton AntiVirus

When I try to upgrade from 3.6.0 to 3.6.1 the Norton AntiVirus program keeps deleting the upgrade as an unsafe virus. This is the first release that I have had this type of problem with. Jeff

Jeff Hahn wrote:

When I try to upgrade from 3.6.0 to 3.6.1 the Norton AntiVirus program
keeps deleting the upgrade as an unsafe virus. This is the first release
that I have had this type of problem with. Jeff

      To make sure I understand: Norton deletes the LO 3.6.1 download file?
      Otherwise, you should not have Norton running when you install the upgrade; you should not be physically connected to the Internet either.
Disconnect from Internet, turn off anti-virus program, install LO update, turn on anti-virus program. ONLY WHEN AV IS RUNNING should you reconnect to the Internet.

--Dan

This is not the first time I have heard of Norton stating valid install files were viruses or other nasties.

I never had any good luck with Norton's AV, so I use the free version of Comodo product[s] for my Windows machines. I have hooked even PC repair and selling pro's to using it.

As for not having AV running when not online, well that is not what I would tell people. An anti-virus is needed if you are offline and suddenly there is a trojan or other nasty kicking in and doing a number. They can be picked up and not cleaned in a few ways other than being online. I have my Ubuntu system picking up new things from files that I have had on my system for months and suddenly it detects something the AV system does not like. If I did not have the AV system on 24/7, then those issues might not have been picked up. The real thing is that the AV systems update their data systems, mostly, after a new "nasty" has been detected. If your system has that "nasty" on it before that nasty has been added to your AV data system, then you will need to have the other parts of the AV and security system[s] on to detect the traces of it trying to work. SO do not turn your computer security off.

I have had to deal with too many systems from friends and clients where they did not have their security on 24/7 and kept up-to-date. Had one system that the AV was on but not updated in over 2 years and the guy lost a lot.

webmaster-Kracked_P_P wrote:

Jeff Hahn wrote:

When I try to upgrade from 3.6.0 to 3.6.1 the Norton AntiVirus program
keeps deleting the upgrade as an unsafe virus. This is the first release
that I have had this type of problem with. Jeff

     To make sure I understand: Norton deletes the LO 3.6.1 download file?
     Otherwise, you should not have Norton running when you install the
upgrade; you should not be physically connected to the Internet either.
Disconnect from Internet, turn off anti-virus program, install LO update,
turn on anti-virus program. ONLY WHEN AV IS RUNNING should you reconnect
to the Internet.

--Dan

This is not the first time I have heard of Norton stating valid install
files were viruses or other nasties.

I never had any good luck with Norton's AV, so I use the free version of
Comodo product[s] for my Windows machines. I have hooked even PC repair
and selling pro's to using it.

As for not having AV running when not online, well that is not what I would
tell people. An anti-virus is needed if you are offline and suddenly there
is a trojan or other nasty kicking in and doing a number. They can be
picked up and not cleaned in a few ways other than being online. I have my
Ubuntu system picking up new things from files that I have had on my system
for months and suddenly it detects something the AV system does not like.
If I did not have the AV system on 24/7, then those issues might not have
been picked up. The real thing is that the AV systems update their data
systems, mostly, after a new "nasty" has been detected. If your system has
that "nasty" on it before that nasty has been added to your AV data system,
then you will need to have the other parts of the AV and security system[s]
on to detect the traces of it trying to work. SO do not turn your computer
security off.

I have had to deal with too many systems from friends and clients where
they did not have their security on 24/7 and kept up-to-date. Had one
system that the AV was on but not updated in over 2 years and the guy lost
a lot.

      Perhaps I was not as clear as I should have been. I listed 5 steps that have been posted on lists like these when installing OOo. Programs like Norton will give false positives that prevent installation of a program. So, the AV program needs to be off when the installation is being done. However, the AV program should NOT be turned off until AFTER the computer is physically disconnected from the Internet. The installation should be done immediately after turning off the AV. The AV should be turned on again right after finishing the installation. At this point, verification that the AV is actually working is the next step. If it is not, steps have to be taken to get the AV working properly before doing anything else. Once this is done, reconnect to the Internet. My point was that the computer should not be connected to the Internet until AFTER the person knows that the AV is already working.
      Yes, anyone using an AV should weekly update it, sooner if there is a notice of an update because of a patch that is needed.

--Dan

Am 30.08.2012 02:21, Dan wrote:

      To make sure I understand: Norton deletes the LO 3.6.1 download file?
      Otherwise, you should not have Norton running when you install the
upgrade; you should not be physically connected to the Internet either.
Disconnect from Internet, turn off anti-virus program, install LO
update, turn on anti-virus program. ONLY WHEN AV IS RUNNING should you
reconnect to the Internet.

--Dan

And you do the above steps only if you are very sure that you downloaded and verified the download from libreoffice.org/download .
You find the md5 hash to verifiy your download when you click the "Info" link besides the "Torrent" link on libreoffice.org/download.

Hi
I vaguely remember Norton updated their virus-definitions on Thursdays so i would schedule a look-for-updates for Fridays.  Of course MS do their updates on Tuesdays (="Patch Tuesday") so Norton/Symantec might have changed in the last decade or so.

Of course if either find a particularly nasty problem then they do sometimes push patches or whatever out on a different day but it's fairly rare.  Of course an ISP might delay updates for a day or 2 so your machine might regularly get them a day or few later but i think by being regular MS and others have given ISPs a chance of knowing when they might get spikes so that those can be planned for easily.

I still don't get why Windows doesn't have a package-manager that just updates everything all in one go instead of each different program being forced to set-up it's own separate method of keeping things up to date.  Also i never had/have confidence in any machine having fully updated drivers and codecs and everything.  Windows appears to be carefully built to be insecure.

Regards from
Tom

Hi
Norton used to be completely awesome.  Everything they did was totally amazing and extremely useful.  Then they became corporate and serious.

Nowadays i use AVG or something else but still when a threat is publicised as being particularly nasty and i suspect one of the machines i deal with might have fallen foul of it i still find Symantec a good place to research into it.

One of the first jobs of a threat is to knock-out or dodge all known security so any of the big and famous antivirus' is likely to useless against any decent threat.  Luckily most threats are fairly trivial so even the big and famous antivirus programs can probably deal with it.  If it's non-trivial then there is always the option to nuke your Bios and reinstall your OS.  Still now that AVG is so famous i'm starting to consider other options.

Regards from
Tom

Are you saying projects like the NA-DVD might have a "modified" version of LO hiding something that should not be there? Yes, going to the main download site should be the default, but having local/regional projects where you can get LO is important. I think if you state that the only place for users to get LO is from the download site, then there might be some problems with distribution CDs/DVDs that are also listed on the download pages. If you hand out these media to people, but they are told that the only place that it is safe to get the packages is from the official download web site, then there might not be any trust in the localized projects. Hopefully this is not what you are saying.

Since I do not know how to create a md5-hash for my installation files on the NA-DVD project web page and physical media, I cannot offer that.

I use the free versions of Comodo. They have free [and paid] anti-virus and full security packages that include firewalls. I use to use the free AVG, but then I had to add a separate firewall package, like Zonealarm. Now I use only Comodo's free package that has both types of security. Of course, that is to say that I use Comodo only on my Windows systems.

When I only used Windows systems, I maintained a list of free options for packages. This link starts the section on security software. I do not update it [much] anymore, but the list does have some good options. http://www.lungstrom.com/list/#thisvirus

.

Hi
It is always possible that different locations end-up with a non-standard version of LO.  Part of the ethos of OpenSource is that people can make changes.  If they don't send their change in to the main development process here then they miss the chance to push their changes through a decent QA and the beta-testing that happens on millions of real-world machines around the world.

However, corporate organisations might want to do things like getting their logo and branding in their on the versions their staff uses.  Magazines might want to bundle LO in different ways or whatnot.  So even though you might end up with a non-standard version the changes might well be trivial and even beneficial.

However none of that is the problem that was alluded to.  Most sources of non-standard downloads will give their own md5sum and/or Sha to deal with the main problem.

The issue alluded to is that accidents might happen during download or copying and Cds/Dvds might end-up with scratches or smudges while still appearing to work.

Regards from
Tom

I did the original post. I am running Windows. With this download I am following the same procedure I used when I installed 3.6.0. I click on the "Main installer" at the LO website, select "run" from the Windows popup and wait. The program is downloaded after which time Norton does a "security scan." WIth 3.6.0 the security scan was done and the program then completed the installation without incident. With 3.6.1 at the completion of the security scan Norton announces that the download is a possible virus and then deletes it. Jeff

Am 30.08.2012 14:29, webmaster-Kracked_P_P wrote:

Are you saying projects like the NA-DVD might have a "modified" version
of LO hiding something that should not be there?

Do you trust any site like this one?

Most likely Norton has messed up. I am trying to get through on their Online help system, without much success. Jeff

I did the original post. I am running Windows. With this download I am following the same procedure I used when I installed 3.6.0. I click on the "Main installer" at the LO website, select "run" from the Windows popup and wait. The program is downloaded after which time Norton does a "security scan." WIth 3.6.0 the security scan was done and the program then completed the installation without incident. With 3.6.1 at the completion of the security scan Norton announces that the download is a possible virus and then deletes it. Jeff

Hi,

IMHO, Norton AV appears to be giving a false positive. Does it identify
the alleged malware? I would check Norton's Quarantine and see if you
can restore from there. You might contact Norton to see if they have a
work around.

Hi
Yes, as other people are saying (with varying degrees of paranoia) antiviruses do have a lot of false positives.  It's like having a guard dog and then grumbling because it barks.

A better course is to congratulate it on succesfully blocking something from installing (ie doing it's job) and then switch it off, do the install and then switch it on again.

As 1 person said it's wise to unplug the network cable or switch off your router (if at home) so that you have no internet connection while the antivirus is off but at that level of paranoia i would recommend just not using Windows in the first place.  With Windows you just have to accept that your system is not secure [shrugs] and that to some extent you are always going to have to just trust to luck.  It's wise to minimise that where it's reasonably possible.  Unplugging a network cable might not be easy but if it is then it's worth doing.

People say that Windows is easier but then forget that they have to struggle through this sort of thing.  Other systems have different struggles. 
Regards from
Tom

[image: Inline image 1] yes, and I think you've just described the
'Gates' fiasco' [image: Inline image 2]

Hi