Trezor bridge version 2.0.29 is shows as containing the Win32/Zpevdo.B Trojan by Windows Defender Antivirus

[brianddk]

The file was verified as having the correct GPG signature once virus protection was disabled.

> gpg2 --verify trezor-bridge-2.0.29-win32-install.exe.asc trezor-bridge-2.0.29-win32-install.exe
gpg: Signature made 03/09/20 13:36:25 Central Daylight Time
gpg:                using RSA key 86E6792FC27BFD478860C11091F3B339B9A02A3D
gpg: Good signature from "Pavol Rusnák <pavol@rusnak.io>" [unknown]
gpg:                 aka "Pavol Rusnák <stick@gk2.sk>" [unknown]
gpg:                 aka "Pavol Rusnák <stick@satoshilabs.com>" [full]
gpg:                 aka "Pavol Rusnák <prusnak@opensuse.org>" [unknown]
gpg:                 aka "[jpeg image of size 2449]" [unknown]

Enabling Windows defender immediately flags the file and removes it.

• Windows Defender Version: 10.0.18362.449
• Windows Version 1909 Build 18363.1139
• trezor-bridge-2.0.29-win32-install.exe
• trezor-bridge-2.0.29-win32-install.exe.asc
• Win32/Zpevdo.B Trojan

[prusnak]

This is a constant struggle with stupid antiviruses. They see string "bitcoin"/"crypto" and they go wild.

I keep uploading files to https://www.microsoft.com/en-us/wdsi/filesubmission marking them as false negative, but I am afraid that's the only thing we can do.

Thanks for the report!