False ransomware identification?

  • 1
  • Question
  • Updated 2 months ago
  • Answered
I am trying to install an upgrade from Grubbasoftware.com for the TrueGrain app, but Trend Micro is showing the downloaded installation file as ransomware.  I have used the software since 2013.  It's a great product but now I'm not sure how to proceed.
Photo of kcarney1

kcarney1

  • 180 Points 100 badge 2x thumb

Posted 11 months ago

  • 1
Photo of kcarney1

kcarney1

  • 180 Points 100 badge 2x thumb
Also, after the Trend Micro warning I get this message from Windows: Windows cannot access the specified device, path, or file.  You may not have the appropriate permissions to access the item. 
Photo of Tom Emmelot

Tom Emmelot, Champion

  • 24,296 Points 20k badge 2x thumb
Hi kcarney1,

Test it for you.
Exit the TM program, right click icon than Exit.
Download the program, install the program and start TM again if it blocks again, click trust.
Hope this helps,
Nice program ;)

Kind regards,
Tom
Photo of kcarney1

kcarney1

  • 180 Points 100 badge 2x thumb
When you say install the program, I presume you mean run the TrueGrain installation file?  If it really is ransomware and I have exited TM, won't my PC then be compromised?  Beginner here.
Photo of TM_Victor

TM_Victor, Employee

  • 4,942 Points 4k badge 2x thumb
Hi kcarney1,

I think what you have in mind with @Tom Emmelot's suggestion is correct, which is to install the program.

Yes you are right that if it is really a ransomware, your device might be compromised.

Here is a suggestion regarding this one.

First, you may send a file reclassification request with the file that you have downloaded.

Just follow the procedures on "Submitting a URL or file reclassification request"

Our threat experts would perform the check for you and provide their findings before you install the said file.

Next is to contact the support lines for the TrueGrain application and inform what has happen.

Here is the link for the application's support: http://grubbasoftware.com/contact.html

We hope to hear from you soon.

Have a great week!

Trend Micro Home Users Community 
Photo of kcarney1

kcarney1

  • 180 Points 100 badge 2x thumb
My Trend Micro software just renewed, so I reinstalled TM and tried the TrueGrain .exe installation file again.  This time I did not get the suspicious file warning and it seemed to install OK but: At the end of the installation a window popped up to install a C++ program, vcredist_x64.  That is now the only file in the folder c:\program files\truegrain2.  The Truegrain app file is nowhere to be found on drive c.  This seems to be a problem on the vendor side, but I have read that vcredist_x64 is dangerous and wanted to ask about that.
Photo of Tom Emmelot

Tom Emmelot, Champion

  • 24,296 Points 20k badge 2x thumb
Hi kcarny,

You did not followed my advice and that is why it is not installed right.
So follow my advice how to download and install truegrain2.
The reason why vcredist_x64 wants to run is that a part of visual C++ 2015 is not on your PC and needs to install.
If TM is started again and ask to trust, just trust to run this nice program.
Installed it here 2 times and checked it with TM no problems.
It is a small program  that after install not appear in the uninstall tool of MS but the uninstall program is in the program start-list.
Hope this will help and i checked it twice so don't worry!

Kind regards,
Tom
Photo of kcarney1

kcarney1

  • 180 Points 100 badge 2x thumb
Hi Tom,

Yes I did that (exit TM and install etc.), but still no luck.  Vcredist_x64 is all that is installed, not Truegrain 2, even though the Truegrain installer shows a successful installation.  
Photo of Tom Emmelot

Tom Emmelot, Champion

  • 24,296 Points 20k badge 2x thumb
Hi kcarney1

This is what you see in my map after a good download and install without TM blocking anything!!!
Don't use your old download!!!



So try again.
Exit TM
Download file
Install TrueGrain and if the program want to install Visual C+2005, it wont work without!
Start TM again

Kind regards,
Tom
Photo of kcarney1

kcarney1

  • 180 Points 100 badge 2x thumb
Dang, it worked.  As you note, the key was downloading the installer file again after TM is exited.  Thanks again for your help.
Photo of TM_Pat

TM_Pat, Official Rep

  • 9,256 Points 5k badge 2x thumb
We'll close this thread now. Please create new topic here: https://en.community.trendmicro.com/tm_en/topics/new

This conversation is no longer open for comments or replies.