Sophos antivirus warning on Windows package installation component
Versions
- OS: Windows 10
- Gajim version: 1.8.1
- GTK version: 3.24.39
- Python-nbxmpp version: 4.3.2
Steps to reproduce the problem
- Download Windows package from https://gajim.org/downloads/1.8/Gajim-1.8.1-64bit.exe
- Run installer.
Expected behavior
Installation completes without unexpected errors.
Actual behavior
During installation, Sophos AV pops up a warning: "Generic Reputation PUA detected at C:\Program Files\Gajim\lib\frei0r-1\sleid0r_wipe-down.dll". It then states this file was "cleaned up" (removed). See the Sophos support page on "Potentially Unwanted Application" detection events. Sophos versions are 2023.1.2.3 (Core Agent) and 2023.1.1.7 (Sophos Intercept X), installed by my employer.
Searching the web for that DLL name, it looks like this library may provide visual effects for a slideshow. The "hax0r" naming convention inspires fear that it is malware (irrational or not!). Assuming it is legit, can you validate it somehow so the AV tool does not flag it? I do not have any Gajim plugins installed.