Debugview++ classified as Trojan Win32/Zpevdo.B by Windows Defender

Question

Debugview++ classified as Trojan Win32/Zpevdo.B by Windows Defender

monty241 opened this issue 6 years ago · 5 comments

Reproduction:

Download debugview++.msi version 1.8.0.44 using Google Chrome (productie channel).
Automatically blocked and classified as trojan Win32/Zpevdo.B

See pictures.

Answer 1 · 2019-04-01T06:27:04.000Z

I have had similar problems myself at my company, where mcafee classified it as a different kind of heuristic thread. I've tried to remove certain API calls to see if that would have, but no luck... I would be happy to fix this but, I have no idea why its being classified as a trojan. Of course debugview++ does use debug-api's but, there is really no choise, its a debugging application :)

Answer 2 · 2019-04-01T06:28:47.000Z

If you google Zpevdo.B you will see that more people struggle with false positives of this kind...

Answer 3 · 2019-04-01T06:53:54.000Z

I've submitted this case to Windows Defender

Answer 4 · 2019-04-01T09:21:59.000Z

Good news, its been marked as a false-positive and removed from detection.

Answer 5 · 2019-04-01T09:22:57.000Z

closing... please re-open if more troubles are encountered