You are here

ClamAV finds PUA in sdmi.dll (LibreOffice 3.4.3)

2 posts / 0 new
Last post
Last seen: 12 years 10 months ago
Joined: 2011-09-15 14:23
ClamAV finds PUA in sdmi.dll (LibreOffice 3.4.3)

Hey guys,

just wanted to get your thoughts on this:
ClamAV finds a PUA called 'BlackRain' in this file:

As such, it isn't an issue with the launcher, and I guess it's not the dll compression either, seeing there's only one file affected.

For comparison, I've downloaded the 'regular' LibreOffice and installed it, and ClamAV doesn't find anything there. Also the old OpenOfficePortable 3.1.1 that I'm using has a file of the same name, but without malware alert.

Quick search hints that 'BlackRain' has to do with some iOS jailbreak software. Any chance the packager has an iPhone and got himself some malware playing with it?

Last seen: 6 days 4 hours ago
Joined: 2010-06-05 17:19
False positive presumably. A

False positive presumably.
A scan with VirusTotal showed only one hit (with ClamAV), so it is most probably a false alarm on their end.
Please report it to ClamAV.

Log in or register to post comments