You are here

ClamAV finds PUA in sdmi.dll (LibreOffice 3.4.3)

2 posts / 0 new
Last post
furryspider
Offline
Last seen: 3 weeks 1 day ago
Joined: 2011-09-15 14:23
ClamAV finds PUA in sdmi.dll (LibreOffice 3.4.3)

Hey guys,

just wanted to get your thoughts on this:
ClamAV finds a PUA called 'BlackRain' in this file:
App/libreoffice/program/sdmi.dll

As such, it isn't an issue with the launcher, and I guess it's not the dll compression either, seeing there's only one file affected.

For comparison, I've downloaded the 'regular' LibreOffice and installed it, and ClamAV doesn't find anything there. Also the old OpenOfficePortable 3.1.1 that I'm using has a file of the same name, but without malware alert.

Quick search hints that 'BlackRain' has to do with some iOS jailbreak software. Any chance the packager has an iPhone and got himself some malware playing with it?

depp.jones
Online
Last seen: 55 min 37 sec ago
DeveloperTranslator
Joined: 2010-06-05 17:19
False positive presumably. A

False positive presumably.
A scan with VirusTotal showed only one hit (with ClamAV), so it is most probably a false alarm on their end.
Please report it to ClamAV.

Log in or register to post comments