False Virus detection with colorspace package?

After updating to version 2.14 and copying packages from my Version
2.13.2 library  I ran

update.packages(checkBuilt=TRUE,ask=FALSE) to update these packages.
This failed because AVG reported a virus in the "temporary" copy of
colorspace.dll created during the install and the update then failed
because it was unable to open this temporary file.  To continue I
deleted the colorspace packages and its reverse dependences and the
reverse dependencies of the reverse dependencies.  After deleting
these packages the update process then finished.

I would presume that the virus is probably a false detection.  However
when I virus check the version 2.13.2 library AVG does not find a
virus.  As far as I can determine the only difference between the two
packages is that they are built with different versions of R.  I would
intend to reinstall these packages when the problem has been solved.
I am sending a report to AVG. For the moment I can fall back to the
earlier version if necessary.

Has any one else detected a similar problem.

An extract of the diagnosis sent to AVG is below.

Best regards

John

AVG Free Version 2012.0.1869 Virus database 2092/4602 detects a virus
in the colorspace package in the R statistical system.  The zip file
containing the offending file can be downloaded from

http://ftp.heanet.ie/mirrors/cran.r-project.org/bin/windows/contrib/r-release/colorspace_1.1-0.zip
or from any of the CRAN mirrors.

The message produced by AVG is

*****************************************************

File name:   c:\.....\colourspace\libs\i386\colorspace.dll

Threat name: Virus found Win32/Heur

Detected on open

*****************************************************

Is this a false positive?

-- 
John C Frain
Economics Department
Trinity College Dublin
Dublin 2
Ireland
www.tcd.ie/Economics/staff/frainj/home.html
mailto:frainj at tcd.ie
mailto:frainj at gmail.com

This kind of thing is all too common. You can download the source, review the code, and build the package yourself, and compare the supplied binary with your home-built one. Chances are AVG will complain about that one too, and you can confirm the false positive. Anti virus software is not too friendly with non-mainstream software.
---------------------------------------------------------------------------
Jeff Newmiller ? ? ? ? ? ? ? ? ? ? ? ?The ? ? ..... ? ? ? ..... ?Go Live...
DCN:<jdnewmil at dcn.davis.ca.us> ? ? ? ?Basics: ##.#. ? ? ? ##.#. ?Live Go...
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?Live: ? OO#.. Dead: OO#.. ?Playing
Research Engineer (Solar/Batteries ? ? ? ? ? ?O.O#. ? ? ? #.O#. ?with
/Software/Embedded Controllers) ? ? ? ? ? ? ? .OO#. ? ? ? .OO#. ?rocks...1k
---------------------------------------------------------------------------
Sent from my phone. Please excuse my brevity.

John C Frain <frainj at gmail.com> wrote:

After updating to version 2.14 and copying packages from my Version
2.13.2 library ?I ran

update.packages(checkBuilt=TRUE,ask=FALSE) to update these packages.
This failed because AVG reported a virus in the "temporary" copy of
colorspace.dll created during the install and the update then failed
because it was unable to open this temporary file. ?To continue I
deleted the colorspace packages and its reverse dependences and the
reverse dependencies of the reverse dependencies. ?After deleting
these packages the update process then finished.

I would presume that the virus is probably a false detection. ?However
when I virus check the version 2.13.2 library AVG does not find a
virus. ?As far as I can determine the only difference between the two
packages is that they are built with different versions of R. ?I would
intend to reinstall these packages when the problem has been solved.
I am sending a report to AVG. For the moment I can fall back to the
earlier version if necessary.

Has any one else detected a similar problem.

An extract of the diagnosis sent to AVG is below.

Best regards

John

AVG Free Version 2012.0.1869 Virus database 2092/4602 detects a virus
in the colorspace package in the R statistical system. ?The zip file
containing the offending file can be downloaded from

http://ftp.heanet.ie/mirrors/cran.r-project.org/bin/windows/contrib/r-release/colorspace_1.1-0.zip
or from any of the CRAN mirrors.

The message produced by AVG is

*****************************************************

File name: ? c:\.....\colourspace\libs\i386\colorspace.dll

Threat name: Virus found Win32/Heur

Detected on open

*****************************************************

Is this a false positive?

--
John C Frain
Economics Department
Trinity College Dublin
Dublin 2
Ireland
www.tcd.ie/Economics/staff/frainj/home.html
mailto:frainj at tcd.ie
mailto:frainj at gmail.com