G-d willing
Hello DA Team,
I downloaded the latest SDK to my laptop and when running daml studio my Norton Antivirus jumped indicating the following issue:
The antivirus was triggered even before this message, I just didn’t take a screenshot of it.
Anything that I need to do in order for that not to happen?
Hi @cohen.avraham,
I am certainly very rusty with WINOS but I would remove your complete Daml folder from any future active scans. Especially if you created it, work with it and are the only one what has access to it.
Looking at that program path that allegedly triggered the alert, that’s your Daml EXEC, that I’d assume you put there. Try that. If it works, great else come back.
G-d willing
Thanks @Ben_M and @rohitt,
I am aware of how to remove a folder from future scans of the antivirus. However, it was surprising for me to receive this alert from the antivirus as I was not getting it when installing previous versions.
I was thinking that it will be a good thing to raise this matter.
Thanks for being understanding 
I’ll flag this with the Daml Language team for due diligence.
Just for reference, here is another popup that was raised by the antivirus.
The action seems to be triggered by an attempt to delete a file belonging to a VS Code extension. Can you check if by chance this popup is triggered by VS Code itself, rather then by running it with daml studio?
Hi @cohen.avraham,
Since we’re discussing security here, it may be a good idea to put on a paranoid hat for a second. Can you post here the SHA256 of your daml.exe? This is most likely a false positive on Norton’s part, but it does seem worth double-checking you didn’t accidentally end up with something else masquerading as Daml.
To get a SHA256 hash on Windows you can use this command:
certutil -hashfile FILENAME SHA256
Can you please post the computed SHA256 for daml.exe and, if you still have it, the installer you downloaded?
Also please clarify which version, specifically, this is happening with.
G-d willing
Sorry, for the late response.
@stefanobaghino-da , well, it did happen when opening the VS code. I assume that something was blocked, cause it does not happen again when opening the VS code again. But I am not 100% sure this is the reason.
@Gary_Verhaegen I ran the SHA256 you asked and here is the result:
SHA256 hash of daml.exe:
d4f1298f0fed69cbea76d09087cab8083f4085d244b00bb57dff0c68d5900b07
CertUtil: -hashfile command completed successfully.
It happened on version 2.4.0, It was downloaded by running the daml install 2.4.0 directly from my command line
That’s the expected value.
Thanks for reporting!