On 14-02-2012 22:58, Wim Lewis wrote: > On 14 Feb 2012, at 1:42 PM, Johan Samyn wrote: >> Hi, >> I just compiled openssl-1.0.0g on a Win7 box using MingW. All went well, >> except I got a virus alert from Avira for 'TR/Graftor.10418.101' found >> in the file .../openssl-1.0.0g/test/asn1test.exe. That virus was added >> to the Avira VDF file on 2012-01-18. >> Avira denies access to it, so that file is unusable, and I quarantained >> it (to get rid of the alerts). Is this a real threat ? Has anyone else >> experienced it ? Or is it a hoax (cause to me it seems a bit weird to >> have a virus after just compiling a package like openssl) ? > It seems likely that it's just an overly broad virus definition in Avira's > database. A web search turns up at least one other person with a similar > problem: > http://itsacleanmachine.blogspot.com/2012/01/antivirus-anger.html > Another possibility, I guess, is that Graftor.10418.101 propagates by > infecting compilers and causing them to write infected output. I think you'll > need to ask Avira for advice. > >
(sending this to the openssl-users mailing list too.) Thanks for the info, I'll contact Avira (and perhaps the Mingw people too). -- Johan Samyn ___________________________________________________________________ "Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away." - A. de Saint-Exupery ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
