Using PHOENIX CODE (Latest version of Brackets) Avast finds and quarantines PHNODE.EXE and program halts when I try to use built-in html viewer.
Searching the internet for answers I find Kaspersky has been alerted to this and has issued a fix. Anyone else got this problem ?
Hi Frank221,
Probably this discussion may give you more insight into this question:
https://github.com/phcode-dev/phoenix/issues/1821#:~:text=I%20installed%20your%20program%20for%20the%20first%20time
Describe the bug
I installed your program for the first time and clicked on the default project to learn and suddenly Kaspersky started giving me a warning. Kaspersky warning messages are below.
Event: Malicious object detected
Application: Node.js JavaScript Runtime
User: DESKTOP-B6IE8V3\Ev1_2
User type: Started by
Component: System Monitor
Result description: Detected
Type: Trojan horse
Name: PDM:Trojan.Win32.Generic
Threat level: High
Object type: Process
Object path: C:\Users\Ev1_2\AppData\Local\Phoenix Code\src-node
Object name: index.js
Reason: Behavior analysis
Databases version date: Today, 08/31/2024 18:26:00
MD5: 4D225167DB1C5FF49CFF24C43546C700
Event: Process terminated
Application: Node.js JavaScript Runtime
User: DESKTOP-B6IE8V3\Ev1_2
User type: Started by
Component: System Monitor
Result description: Process terminated
Type: Trojan
Name: PDM:Trojan.Win32.Generic
Threat level: High
Object type: Process
Object path: C:\Users\Ev1_2\AppData\Local\Phoenix Code
Object name: phnode.exe
MD5: 4D225167DB1C5FF49CFF24C43546C700
Event: Object deleted
Application: Node.js JavaScript Runtime
User: DESKTOP-B6IE8V3\Ev1_2
User type: Started by
Component: System Monitor
Result description: Deleted
Type: Trojan
Name: PDM:Trojan.Win32.Generic
Threat level: High
Object type: Process
Object path: C:\Users\Ev1_2\AppData\Local\Phoenix Code\src-node
Object name: index.js
MD5: 4D225167DB1C5FF49CFF24C43546C700
Event: Object deleted
Application: Node.js JavaScript Runtime
User: DESKTOP-B6IE8V3\Ev1_2
User type: Started by
Component: System Monitor
Result description: File deleted
Type: Trojan horse
Threat level: Informational
Object type: File
Object path: E:\documents\Phoenix Code\Home1\album
Object name: index.html
MD5: 4D225167DB1C5FF49CFF24C43546C700
Event: Object deleted
Application: Node.js JavaScript Runtime
User: DESKTOP-B6IE8V3\Ev1_2
User type: Started by
Component: System Monitor
Result description: File deleted
Type: Trojan horse
Threat level: Informational
Object type: File
Object path: E:\documents\Phoenix Code\Home1\assets\dist\js
Object name: bootstrap.bundle.min.js
MD5: 4D225167DB1C5FF49CFF24C43546C700
Event: Object deleted
Application: Node.js JavaScript Runtime
User: DESKTOP-B6IE8V3\Ev1_2
User type: Started by
Component: System Monitor
Result description: File deleted
Type: Trojan horse
Threat level: Informational
Object type: File
Object path: E:\documents\Phoenix Code\Home1\carousel
Object name: index.html
MD5: 4D225167DB1C5FF49CFF24C43546C700
Event: Object deleted
Application: Node.js JavaScript Runtime
User: DESKTOP-B6IE8V3\Ev1_2
User type: Started by
Component: System Monitor
Result description: File deleted
Type: Trojan horse
Threat level: Informational
Object type: File
Object path: E:\documents\Phoenix Code\Home1\cover
Object name: index.html
MD5: 4D225167DB1C5FF49CFF24C43546C700
Reproduction
No response
Expected behavior
No response
OS, Browser and Phoenix versions
windows 10
logs or debug stack trace if any
No response
Additional context
No response
There they treated it as an FP. Wait for Avast’s team reporting on this.
polonus
P.S. On node.js from SNYK: https://snyk.io/learn/nodejs-security-best-practice/