C:\Program Files (x86)\CentraStage\Gui.exe flagged as suspicious by Bitdefender Gravity Zone

Hi everyone,
I am having trouble with Bitdefender Gravity Zone. I am using the Bitdefender Gravity Zone Business Security solution, and I am getting a severity score of around 60 that the file C:\Program Files (x86)\CentraStage\Gui.exe is suspicious or Malware
Dectect by the (Endpoint Detection and response)
I am not sure why this file is being flagged as suspicious. I have verified that the file is legitimate, and it is part of the CentraStage software (Datto RMM) that I am using to manage my IT infrastructure.
It detects as below in The events for the following title
RegSigModifyInternetZonemap
\REGISTRY\USER\[SID Number]\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
SuspiciousExtensionChange
Anomaly.System.SevereAlerts
An anomaly has been detected.
PsexecExecuted
The Windows System Internals tool PsExec has been executed.
SuspiciousProxySettingsManipulation
A suspicious process manipulated the registry for Proxy Settings
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
I would appreciate any help that you can provide in resolving this issue. Please let me know if you have any questions.
Thank you,
Comments
-
Kindly contact the bitdefender business support by visiting https://www.bitdefender.com/support/contact-us.html?last_page=BusinessCategory
Additionally, @Alex_Dr or @Andra_B can have a look into this for you.
Regards
OMEN Laptop 15-en1037AX (Bitdefender Total Security) & Samsung Galaxy S22 Ultra (Bitdefender Mobile Security)
0 -
Hello @Thariq,
I do apologize for the late reply.
Have you tried setting an exclusion for the exe file? If you have and the situation still continues, I strongly suggest contacting the Enterprise Support Team as they will need confirmation to exclude the file from our database.
Please keep me updated with further development.
Best regards,
Alex D.
1