-
UI Type: Angular
-
Database System: EF Core SQL Server
-
Tiered (for MVC) or Auth Server Separated (for Angular): yes
-
Exception message and full stack trace:
-
Steps to reproduce the issue:
Something went wrong with me, as my antivirus Kaspersky catch this file from ABP Studio as a Trojan.
3 Answer(s)
-
0
Hi,
Where did you installed the ABP Studio? We have different signing certificate right know on the Microsoft Store. Can you try the same operations after installing from Microsoft Store?
By the way, if possible can you share ABP Studio logs right after this warning? Which operation causes this detection?
Your support ticket is refunded
-
1
Hi
Thank you for your respone and for refunded the ticket.Where did you installed the ABP Studio?
I have installed the ABP studio from your site from a while but I don't use it I was use the ABP suite but yesterday I try to upgrade my application from ABP 8.2.3 to ABP 9.0.5 . but in the morning I faced the problem with my antivirus as you can see.Can you try the same operations after installing from Microsoft Store?
We don't use the Microsoft Store according to our policy but I will try to contact them to give it a try.if possible can you share ABP Studio logs right after this warning?
Unforionatly, Antivirus was remove ABP studio from my device so I can't send to you the ABP logs but if you have another option to do that let me know.Which operation causes this detection?
I don't use it at all it's already close at this moment I just used it yesterday.Update: I have find this log in abp-studio-backend-logs.txt may it's useful for you as it's happen today before the antivirus warning :
2025-02-16 21:08:14.401 +02:00 [INF] Request starting HTTP/2 POST http://localhost:38271/IStudioBackendHub/Connect - application/grpc null
2025-02-16 21:08:14.475 +02:00 [INF] Executing endpoint 'gRPC - /IStudioBackendHub/Connect'
2025-02-17 09:40:20.412 +02:00 [INF] Executed endpoint 'gRPC - /IStudioBackendHub/Connect'
2025-02-17 09:40:20.417 +02:00 [INF] Request finished HTTP/2 POST http://localhost:38271/IStudioBackendHub/Connect - 200 null application/grpc 45139199.9903ms
2025-02-17 09:40:20.420 +02:00 [INF] Connection id "0HNAENL1N02Q1", Request id "0HNAENL1N02Q1:00000001": the application completed without reading the entire request body. -
1
I am reaching out to report that our security tool has detected a possible Trojan (PDM:Trojan.Win32.Generic) in the ABP Studio executable. Below are the details of the alert:
Event: Malicious object detected
Application: ABP Studio
User: lucas
Component: Proactive Watchdog
Detection Result: Detected
Type: Trojan
Name: PDM:Trojan.Win32.Generic
Threat Level: High
Object Type: Process
Object Path: C:\Users\lucas\AppData\Local\abp-studio\current
Object Name: volo.abp.studio.ui.host.exe
Reason: Database signatures
Database Release Date: 02/11/2025 03:06 PMSince ABP Studio is a tool actively used in our company for development, we need to verify whether this detection is a false positive or if there is a genuine security issue with the installation. To justify the review with our IT security department, we kindly request a detailed report that confirms the legitimacy of this executable.
We appreciate your prompt response and any recommendations on how to proceed in this matter.
Looking forward to your reply.