B4A: False Windows Defender alerts (Trojan:Script/Wacatac.B!ml) in C:\Users\username\AppData\Local\Temp\tmp7460.tmp

KMatle · Feb 16, 2024

Hi all,

since today while switching between debug & release I get some false alarms when B4A tries to dex/copy/merge some files. Defender then blocks it. Here I have to click on "clean project" 2 or 3 times and everything is fine until I switch again. Someone else with this behaviour? (WIN11)

JohnC · Feb 16, 2024

It sounds like some change in your code now produces a signature like a virus so defender blocks it.

You should be able to setup a rule/exception in defender to ignore that file/directory so it will ignore checking those from now one.

JohnJ · Feb 16, 2024

KMatle said:
Hi all,

since today while switching between debug & release I get some false alarms when B4A tries to dex/copy/merge some files. Defender then blocks it. Here I have to click on "clean project" 2 or 3 times and everything is fine until I switch again. Someone else with this behaviour? (WIN11)

Yes, I'm getting that also. Good to know that it isn't "real".

JohnC · Feb 16, 2024

If this just started to happen for multiple people, then that indicates that your copy of defender downloaded a new list of virus signatures and one of them now matches a B4x file and is false triggering.

So, if you can configure defender to "ignore" that flag, then somehow this has to be reported to microsoft to get them to whitelist it.

JohnJ · Feb 16, 2024

KMatle said:
Hi all,

since today while switching between debug & release I get some false alarms when B4A tries to dex/copy/merge some files. Defender then blocks it. Here I have to click on "clean project" 2 or 3 times and everything is fine until I switch again. Someone else with this behaviour? (WIN11)

Anything new on this? Now I can't compile at all in debug mode. The trojan file name changes as does the file in the tmp directory. This has become a major issue now as I need debug mode.

JohnC · Feb 16, 2024

Is there a way to have defender ignore the entire tmp directory so even if the filenames change, it wont trigger?

Or is there a way to get defender to ignore the "type" of virus, like "Trojan:Script/Wacatac.B!ml"?

MarcoRome · Feb 17, 2024

Add an exclusion to Windows Security - Microsoft Support

Find out how to stop Windows Security from alerting you about or blocking a trusted file, file type, or process, by adding it to the exclusions list.

support.microsoft.com

add the folders where you installed B4X (B4A + B4i + B4J)

KMatle · Feb 17, 2024

Here it's only the temp folder(s). I clicked on "accept" (I've the German version so it may be an other word) in the Defender's options and now it seems to be ok.

JohnJ · Feb 17, 2024

MarcoRome said:
add the folders where you installed B4X (B4A + B4i + B4J)

I added the folder that the project is in and that works.

pliroforikos · Feb 19, 2024

i have the same problem...

Sandman · Feb 19, 2024

Yeah, this crap really has increased. I never ever happened to me before, but since a couple of weeks it started to be somewhat common. Very annoying.

rabbitBUSH · Feb 19, 2024

Sandman said:
Yeah, this crap really has increased.

Is this the "Writing on the wall" for a LINUX version of B4X? ((can't imagine how Erel would achieve that port, but, then, Its Erel ... should we just wait....?)

Sandman · Feb 19, 2024

rabbitBUSH said:
Is this the "Writing on the wall" for a LINUX version of B4X?

I can't imagine this situation is even a factor in Erel's decision process when he's considering a Linux version of B4X.

B4A: False Windows Defender alerts (Trojan:Script/Wacatac.B!ml) in C:\Users\username\AppData\Local\Temp\tmp7460.tmp

KMatle

Expert

JohnC

Expert

JohnJ

Member

JohnC

Expert

JohnJ

Member

JohnC

Expert

MarcoRome

Expert

Add an exclusion to Windows Security - Microsoft Support

KMatle

Expert

JohnJ

Member

pliroforikos

Active Member

Sandman

Expert

rabbitBUSH

Well-Known Member

Sandman

Expert