maphew
commented
3 years ago I've tried the submission route at https://www.techsupportalert.com/content/how-report-malware-or-false-positives-multiple-antivirus-vendors.htm instead.
Open maphew opened 3 years ago
maphew
commented
3 years ago I've tried the submission route at https://www.techsupportalert.com/content/how-report-malware-or-false-positives-multiple-antivirus-vendors.htm instead.
tarkah
commented
3 years ago Somewhat of a duplicate of #35. This happens with most Rust binaries for some reason. Thanks for submitting, hopefully that helps! I'm not exactly sure how to get around the Windows Smart Screen without paying money for a signing key...
maphew
commented
3 years ago I found a page that let me submit a sample without having customer account details: https://www.trendmicro.com/en_us/about/legal/detection-reevaluation.html.
Hopefully it doesn't take too long. Our org has had ransomware attacks that have been successful to point of locking up single machines on our network so I cannot proceed without an all clear.
tarkah
commented
3 years ago Makes sense. In the meantime, you can always build from source if they'd be ok with that.
With rust toolchain / cargo installed, it's as easy as:
cargo build --releaseThen binary is located at
target/release/grout[.exe]I'm tempted! But I don't have enough programming chops to assess the source and be confident it's clean (and declare that to central IT).
tarkah
commented
3 years ago Totally understandable! Wish I could be of more help here, but we're at the mercy of it getting whitelisted. Fingers crossed that submission will help.
Trendmicro / Apex One reports grout.exe from https://github.com/tarkah/grout/releases/tag/v0.7.0 as a ransomware threat.
I tried to submit a false positive report but the form requires a customer ID and other info which I don't have since another dept handles our AV.