J_R_6_0
November 15, 2020, 1:11pm
1
Hi, I’ve just freshly installed VSCode and then the PlatformIO IDE. My copy of Norton 360 then quarantined poi.exe. Any suggestions please?
Category: Resolved Security Risks
Date & Time,Risk,Activity,Status,Recommended Action,Path - Filename
15/11/2020 12:41:16,High,pio.exe (SONAR.PSDownloader!g2) detected by SONAR,Quarantined,Resolved - No Action Required,c:\Users\xxxx.platformio\penv\Scripts\pio.exe
Category: Quarantine
Date & Time,Risk,Activity,Status,Recommended Action,Path - Filename
15/11/2020 12:41:16,High,pio.exe (SONAR.PSDownloader!g2) detected by SONAR,Quarantined,Resolved - No Action Required,c:\Users\xxxx.platformio\penv\Scripts\pio.exe
Category: SONAR Activity
Date & Time,Risk,Activity,Status,Recommended Action,Path - Filename
15/11/2020 12:41:16,High,pio.exe (SONAR.PSDownloader!g2) detected by SONAR,Quarantined,Resolved - No Action Required,c:\Users\xxxx.platformio\penv\Scripts\pio.exe
Yeah Norton even classifies other Microsoft VSCode tools as this “PSDownloader” (vcpkgmetricsuploader is detected as SONAR.PSDownloader!g1 by Symantec Endpoint Protection · Issue #6551 · microsoft/vcpkg · GitHub ). This is a heuristic detection from Norton, based on what the program tries to do. Indeed, PIO downloads other tools (compilers, frameworks, platforms, …), so you can build your microcontroller project, so it may seem like a tool that immediately wants to download stuff, but it’s definitely no virus.
The pio.exe
on my system, which is the latest dev release obtained via pio upgrade --dev
, is not detected in any of the 71 antivirus engines that virustotal.com knows (VirusTotal ).
You can can make double sure by also uploading your c:\Users\xxxx.platformio\penv\Scripts\pio.exe
(you’ll have to restore it first) to https://www.virustotal.com to make sure that it isn’t detected as anything normally, but this seems just like a false-positive to me.
And if you really really want to go sure that PIO is not something bad, it’s all open source at GitHub - platformio/platformio-core: A professional collaborative platform for embedded development and can also be installed from source
J_R_6_0
November 15, 2020, 2:10pm
3
Hi, thanks for the great reply. It is very much appreciated.