-2

I am new to Ruby DevKit, and recently exposed to use this package for some integration work with CloudFoundry systems. Unfortunately, after I finished installing the Ruby Devkit, my antivirus software caught it to contain a trojan virus - which is tragic. I really need Ruby DevKit team to look into this because it is dangerous for any unsuspecting people out there to get their machine infected by this virus and suffer some damage accordingly.

  1. How I got my Ruby DevKit install package: http://rubyinstaller.org/downloads/ >> DEVELOPMENT KIT >> DevKit-tdm-32-4.5.2-20111229-1559-sfx.exe

  2. What my antivirus found in this package after install: [RubyDevKit]/mingw/bin/gcc.exe Detected: HEUR:Trojan.Win32.Generic

Panini Luncher
  • 639
  • 8
  • 10
  • 2
    Go to https://github.com/oneclick/rubyinstaller/issues and open up an issue. StackOverflow isn't the place for bug tracking. – ian Dec 30 '12 at 23:47

1 Answers1

3

I'm pretty sure you're OK. But I'll give you a couple reasons to feel better.

First: I uploaded the packaged gcc.exe to VirusTotal and it returned a clean bill of health.

Second: The HEUR flag means that it's from a Heuristic algorithm. Send it into the company that provides your Anti-Virus definitions so it can be examined. Once the provider does that and updates their definitions it should be fixed.

Third: The Devkit is date stamped. 20111229 means that this version of the Devkit was built on December 29 2011. So this version has been in use for over a year and I haven't noticed any other reports like this.

If you want any more information you are more than welcome to email the RubyInstaller Google Group as there are probably people who could help you out more there.

Azolo
  • 4,353
  • 1
  • 23
  • 31
  • 1. Azolo: Thanks. My antivirus is Kapersky professional 2012, which is one of the best out there. Everytime an antivirus catches something from download online, it must be treated as a red flag and not to be ignored. However, your explanation makes sense and useful. I will see and follow up with the company to review the gcc.exe file. 2. Iain: The link to report bug is good. Thanks for sharing. – Panini Luncher Jan 02 '13 at 22:22