Page 1 of 1
Trojan downloaded with OO software
Posted: Mon Sep 08, 2008 9:49 pm
by southpaw3473
Hey all,
I have tried to download Open Office three times now and each time it installs a trojan on my computer. It's called Trojan.Zlob and my spyware detector catches it every time. After quarantine it returns when I start Writer. Does anyone have any idea about this? About 6 months ago the same thing happened but I think the trojan was different. Thanks so much for your help.
Re: Trojan downloaded with OO software
Posted: Mon Sep 08, 2008 10:22 pm
by acknak
Exactly where are you getting OpenOffice from--what web site?
Re: Trojan downloaded with OO software
Posted: Mon Sep 08, 2008 11:35 pm
by southpaw3473
From the Open Office Download page. It's really weird.
Re: Trojan downloaded with OO software
Posted: Mon Sep 08, 2008 11:42 pm
by Villeroy
southpaw3473 wrote:From the Open Office Download page. It's really weird.
The software is called OpenOffice
.org due to some marketing morons who believe they have an exclusive right on the name "open office" without selling anything under that name. So the office suite we are talking about is named after it's own web-site
http://openoffice.org
Please give us the link from where you downloaded something infected that claims to be OpenOffice.org.
Re: Trojan downloaded with OO software
Posted: Tue Sep 09, 2008 3:03 am
by southpaw3473
Re: Trojan downloaded with OO software
Posted: Tue Sep 09, 2008 8:15 am
by Hagar Delest
You should check the MD5sum to confirm if the file is correct (See here :
http://download.openoffice.org/2.4.1/md5sums.html, there is a link to the instructions on top of that page). If it's fine, it may be a false alarm and the AV should update its signature list.
Thanks to add '[Solved]' at beginning of your
first post title (
edit button) if your issue has been fixed.
Re: Trojan downloaded with OO software
Posted: Tue Sep 09, 2008 6:50 pm
by southpaw3473
That only works with old versions of Firefox, or so it says. I am not super literate with the intricacies of my computer so I don't quite know what MD5sum is or does. Sorry.
Re: Trojan downloaded with OO software
Posted: Wed Nov 05, 2008 12:14 pm
by owilky
I too have a trojan picked up by AVG Anti-Virus Pro... "Trojan horse Downloader. Generic8.BCQ"
Found here......C:\Documents and Settings\Peter\My Documents\Office\openoffice.org-core02.cab
OpenOffice version 3.0.9357.500
I tried the MD5sum link but it is not compatible with firefox3 so cannot check it that way.
Also my connection is dropped when using that page.
Re: Trojan downloaded with OO software
Posted: Wed Nov 05, 2008 1:47 pm
by Caracalla
You can use
this program to easily check the MD5sum.
Re: Trojan downloaded with OO software
Posted: Wed Nov 05, 2008 4:50 pm
by Duhhh
AVG has had a few false positives lately. I just installed AVG free and had it do a scan of my OO2.4, and it hit on program/msi-pkgchk.exe.
I've checked the file with virustotal.com, and out of 36 anti-virus tools, only AVG flags it as a trojan. Is AVG right, and all the others wrong?
If you have AVG pro, you can contact support so they can verify that the file is safe and update their database. Once they do an update, you can move the file from the vault (if you've told AVG to quarantine it) and everything should be back to normal.
Re: Trojan downloaded with OO software
Posted: Wed Nov 05, 2008 5:07 pm
by Hagar Delest
For the record, when I was under Windows at home, at tried AVG and drop it for Avast Home Edition. Not so good results with AVG.