Open maphew opened 3 years ago
I've tried the submission route at https://www.techsupportalert.com/content/how-report-malware-or-false-positives-multiple-antivirus-vendors.htm instead.
Somewhat of a duplicate of #35. This happens with most Rust binaries for some reason. Thanks for submitting, hopefully that helps! I'm not exactly sure how to get around the Windows Smart Screen without paying money for a signing key...
I found a page that let me submit a sample without having customer account details: https://www.trendmicro.com/en_us/about/legal/detection-reevaluation.html.
Hopefully it doesn't take too long. Our org has had ransomware attacks that have been successful to point of locking up single machines on our network so I cannot proceed without an all clear.
Makes sense. In the meantime, you can always build from source if they'd be ok with that.
With rust toolchain / cargo installed, it's as easy as:
cargo build --release
Then binary is located at
target/release/grout[.exe]
I'm tempted! But I don't have enough programming chops to assess the source and be confident it's clean (and declare that to central IT).
Totally understandable! Wish I could be of more help here, but we're at the mercy of it getting whitelisted. Fingers crossed that submission will help.
Trendmicro / Apex One reports grout.exe from https://github.com/tarkah/grout/releases/tag/v0.7.0 as a ransomware threat.
I tried to submit a false positive report but the form requires a customer ID and other info which I don't have since another dept handles our AV.