Thank you for the quick response on my previous post, "[Fixed] md5 mismatch". Now we get to deal with this old thing again —
Just as with the last version of LibreOffice (and as has been previously reported at https://portableapps.com/node/36363 and https://portableapps.com/news/2013-07-27--libreoffice-portable-4.1.0-rel...), Norton's heuristic engine jumped on unopkg.exe and deleted it ("Threat actions performed: 1"). I restored it so that I could upload it to VirusTotal (https://www.virustotal.com/en/file/4d30597a80390db41441895fdc19fc4772e9f...) where it scored 5/50:
Qihoo-360 HEUR/Malware.QVM01.Gen 20140223
Symantec Suspicious.MLApp 20140223
TheHacker Posible_Worm32 20140222
TrendMicro PAK_Generic.001 20140223
TrendMicro-HouseCall PAK_Generic.001 20140223
Additionally, ClamAV categorizes it as a PUP. Frankly, that's my opinion, too. As such, I delete it and it doesn't seem to effect the functionality of LibreOffice, or at least the portable version.
I'm aware that it's what you would classify as a false positive, but it does no good to report it to Norton because, when the next version of LibreOffice comes out, Norton sees it as a new threat. I've visited http://api.libreoffice.org/docs/tools.html to find out what the EXE does; I can't say I came out much the wiser, but if I'm understanding anything on that page at all, unopkg is not an intrinsic part of LibreOffice. This raises a question for me — should you be including it with the download? I know your policy is not to muck with the apps, but having to cajole the AV gets old after awhile. Naive suggestion, perhaps, but could it be offered as a separate option (with the appropriate caveats)?
Understand, I do not think for a nanosecond that you are distributing malware. You are my go-to for things portable and have been for years. The thing is, I've also done very well by Norton down the years, so I'm not about to jump ship over this issue. I'm just wondering if there is any possible mechanism to avoid the false detection since you can't tell the AV to ignore unopkg until after it decides unopkg is Evil.
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on Facebook
Follow us on LinkedIn
Follow us on Twitter
Follow us on Mastodon
Follow us on BlueSky
I have the same issue with Symantec. It deleted the files unopkg.bin and unopkg.exe.
I have also installed the fullversion of LibreOffice 4.2.1. and Symantec didn't reported anything. I have replaced both files in the portablapps version and it works just fine.