[R] R 2.12.0 - malware detect by antivirus software

Duncan Murdoch murdoch.duncan at gmail.com
Sun Oct 17 21:53:30 CEST 2010


Paulo Barata wrote:
> Dear Dr. Murdoch,
>
> My thanks to you and to Dr. Ligges for your replies.
>
> I will do my part and will inform Avira about what happened.
> If possible, I will send then the R 2.12.0 installation
> file for their examination. As Dr. Ligges said, it is quite
> possible indeed that a false positive alarm has happened.
>
> But please allow me to point out that Avira, as far as I know,
> is considered to be one of the best pieces of antivirus software
> in the market. See, for instance, the AV Comparatives web site at
> www.av-comparatives.org. No antivirus software is 100% perfect,
> that is, in the real world there is no software with a 0% false
> positive rate. Or, looking from the other side, every antivirus
> software is "sloppy" in some way. Considering that fact,
> shouldn't the R core team have some definite policy with regard
> to false positive alarms concerning the R installation file?
> Is this the first time that this happened? Will this be the last
> time?
>   

This is by no means the first time, and I doubt it will be the last time. 

I think our policy is listed in the banner that prints when you start R:

"R is free software and comes with ABSOLUTELY NO WARRANTY."

If you want a stronger warranty, you could try looking at commercial 
software (or commercial builds of R), but I doubt you'll get one that's 
worth very much.

Duncan Murdoch

> Best regards,
>
> Paulo Barata
>
> --------------------------------------------------------------------
>
> On 17/10/2010 17:10, Duncan Murdoch wrote:
>   
>> Uwe Ligges wrote:
>>     
>>> I checked with two online services which ran more than 40
>>> different virus scanners on the file and only Avira gave a
>>> warning. Hence I assume it is a false positive with Avira and you
>>> can go on with the installation.
>>>
>>> @ Duncan as the maintainer for the binary setup installer: It
>>> might make sense to report the false positive to Avira in order to
>>> protect ourselves from dozens of messages on this list tomorrow.
>>> Additionally, you may want to add a note on the CRAN download page.
>>>
>>>       
>> I don't think so. False positives from sloppy virus checkers are too
>> common. Paulo may want to help out Avira by pointing out their
>> error, but I won't.
>>
>> Duncan Murdoch
>>
>>     
>>> Best wishes,
>>> Uwe Ligges
>>>
>>> On 17.10.2010 20:18, Paulo Barata wrote:
>>>       
>>>> Dear R-list members,
>>>>
>>>> I have just downloaded R 2.12.0 for Windows. When installing,
>>>> my antivirus software detected some malware during the
>>>> installation process.
>>>>
>>>> I use Windows XP SP3. My antivirus software is Avira Premium
>>>> Security Suite, product version 10.0.0.542 (19/4/2010),
>>>> search engine 8.02.04.82 (14/10/2010), virus definition file
>>>> 7.10.12.231 (17/10/2010). That software said: "Malware found".
>>>> When I clicked in "details", I found this information: object:
>>>> open.exe; Detection: TR/ATRAPS.Gen. Consulting the Avira web
>>>> site, this is indicated as a Trojan, dated 15 May 2008.
>>>>
>>>> I have repeated the installation process twice, always with
>>>> the same malware detection. When installing, I used the English
>>>> language, I ticked the "Technical Manuals", "PDF help pages"
>>>> and "docs for Packages grid and Matrix", and I used the
>>>> default options.
>>>>
>>>> Should I proceed with the installation of that version of R?
>>>>
>>>> Thank you very much.
>>>>
>>>> Paulo Barata
>>>>
>>>> --------------------------------------------------------------
>>>> Paulo Barata
>>>> Fundacao Oswaldo Cruz - Oswaldo Cruz Foundation
>>>> Rua Leopoldo Bulhoes 1480 - 8A
>>>> 21041-210 Rio de Janeiro - RJ
>>>> Brazil
>>>>
>>>> E-mail: pbarata at infolink.com.br
>>>> Alternative e-mail: paulo.barata at ensp.fiocruz.br
>>>>
>>>> ______________________________________________
>>>> R-help at r-project.org mailing list
>>>> https://stat.ethz.ch/mailman/listinfo/r-help
>>>> PLEASE do read the posting guide
>>>> http://www.R-project.org/posting-guide.html
>>>> and provide commented, minimal, self-contained, reproducible code.
>>>>         
>>
>>



More information about the R-help mailing list