You need to report to PSPad authors, not here. PSPad is NOT supposed to use avast’s openssl, nor is avast forcing it to do any such thing.