Cask boost 1.85.0 considered malware by Intego antivirus

[oceanborn2]

Output of brew config

HOMEBREW_VERSION: 4.2.19
ORIGIN: https://github.com/Homebrew/brew
HEAD: 54bea636b41f7953c01a7da5f488f08c1b42ffd1
Last commit: 5 days ago
Core tap JSON: 27 Apr 08:35 UTC
Core cask tap JSON: 27 Apr 08:35 UTC
HOMEBREW_PREFIX: /opt/homebrew
HOMEBREW_CASK_OPTS: []
HOMEBREW_MAKE_JOBS: 10
Homebrew Ruby: 3.1.4 => /opt/homebrew/Library/Homebrew/vendor/portable-ruby/3.1.4/bin/ruby
CPU: 10-core 64-bit arm_firestorm_icestorm
Clang: 15.0.0 build 1500
Git: 2.39.3 => /Applications/Xcode.app/Contents/Developer/usr/bin/git
Curl: 8.4.0 => /usr/bin/curl
macOS: 14.4.1-arm64
CLT: 15.3.0.0.1.1708646388
Xcode: 15.3
Rosetta 2: false

Output of brew doctor

Please note that these warnings are just used to help the Homebrew maintainers
with debugging if you file an issue. If everything you use Homebrew for is
working fine: please don't worry or file an issue; just ignore this. Thanks!

Warning: Some installed casks are deprecated or disabled.
You should find replacements for the following casks:
  android-sdk
  arduino
  brackets


Warning: Some installed kegs have no formulae!
This means they were either deleted or installed manually.
You should find replacements for the following formulae:
  python-jinja
  python-pyparsing
  python-pathspec
  python-markupsafe

Warning: Some installed formulae are deprecated or disabled.
You should find replacements for the following formulae:
  exa
  [email protected]
  [email protected]
  [email protected]
  minimal-racket
  [email protected]
  python-dateutil
  python-pytz

Warning: You have unlinked kegs in your Cellar.
Leaving kegs unlinked can lead to build-trouble and cause formulae that depend on
those kegs to fail to run properly once built. Run `brew link` on these:
  python-jinja
  python-pytz
  python-dateutil
  cryptography
  python-markupsafe

Warning: /usr/bin occurs before /opt/homebrew/bin in your PATH.
This means that system-provided programs will be used instead of those
provided by Homebrew. Consider setting your PATH so that
/opt/homebrew/bin occurs before /usr/bin. Here is a one-liner:
  echo 'export PATH="/opt/homebrew/bin:$PATH"' >> ~/.zshrc

The following tools exist at both paths:
  bashbug
  ctags
  openssl
  patch
  pip3
  python3

Warning: Some installed formulae are missing dependencies.
You should `brew install` the missing dependencies:
  brew install llvm@17

Run `brew missing` for more details.

Description of issue

Hello,

On my macbook, intego detected "OSX/PSW.ext malware" on version 1.85.0 of boost.
Anyone else has this issue ?

Is it a false report?

regards,

Relevant casks

boost

[oceanborn2]

intego version 10.9.89 on Macbook M1 / Sonoma 14.4.1

[norsk0ter]

Just ran into the same issue.

[Azdaroth]

I've just experienced the same issue for boost but also for mysql

[oceanborn2]

Hello. For mysql, I suppose this must be considered as another issue unless it also uses the boost library and that the detection concerns boost itself in mysql. Pascal Le dim. 28 avr. 2024 à 21:11, Karol Galanciak ***@***.***> a écrit :

…

I've just experienced the same issue for boost but also for mysql — Reply to this email directly, view it on GitHub <#5318 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ABXPPYMCK7RQNF6R5JINNMDY7VCXBAVCNFSM6AAAAABG35TM2OVHI2DSMVQWIX3LMV43SRDJONRXK43TNFXW4Q3PNVWWK3TUHM4TENJVGIYTC> . You are receiving this because you authored the thread.Message ID: ***@***.***>

[SMillerDev]

Homebrew has no control over what virus scanners claim the source build software is. I'd recommend complaining to them

[norsk0ter]

The big question is whether the file is infected with malware or not. Does anyone know?

[flight1973]

I also encountered VirusBarrier detecting OSX/PSW.ext in libboost_log_setup.dylib in Boost 1.85.0

[echarlus]

Same here ... Has anyone confirmed that the file is safe ?