Issue: Portable gsudo.exe now deliberately flagged as PUP `Generic.Application.Gsudo` by BitDefender
Xeevis opened this issue · 3 comments
Issue Description
It appears BitDefender has now took a hardline against gsudo and this time not as false positive, but in a deliberate attempt as it identifies threat as Generic.Application.Gsudo
. It will rigorously block any attempt to download the portable version with Antivirus, Advanced Threat Defense and Online Threat Prevention as all flag the gsudo.exe
and will block download or will quarantine aby archives or installers that bundle it (as is the case with WingetUI).
This doesn't affect the MSI installer in any way and using the installed gsudo.exe by 3rd party processes is fine as well.
Screenshots
-
gsudo installed with MSI installer is left alone and when WingetUI is set to use installed gsudo no suspicious behavior is detected either
Context:
- Windows version: Win11 22H2
- gsudo version: 2.0.4 (affects at least 10 most recent versions)
- BitDefender Total Security | Build 26.0.32.123
It seems to only affect the .Net46/AnyCpu build.
Info about how to contact av vendors https://www.techsupportalert.com/how-to-report-malware-or-false-positives-to-multiple-antivirus-vendors/