Hi guys,
Its been a while now that I realized the luajit-32.exe file - which is unpacked in the AppData\Local\Temp\defold-unpack-xxx folder is always being flagged by the McAfee antivirus on Windows, and it actively stops a Defold game from running. It seems its a false positive. Maybe this may need to be brought up with the guys at McAfee?
Can you send in a file and report it as a false positive from within the software itself?
You can’t do that from the Software itself. I believe its best done from the vendor’s side as per this Knowledge Base Article: https://www.mcafee.com/support/?articleId=TS103032&page=shell&shell=article-view
Seems today the entire archive has been sent to Quarantine after a scan (this is the just downloaded Defold v 1.5.0)
In specific I believe it has an issue with LuaJIT itself.
This makes it virtually impossible for Windows users who have McAfee to use defold.
Would it be possible to whitelist Defold/luajit-32.exe?
McAfee KB - How to exclude files from virus scans on Windows or macOS (TS102056)
Possible. But for some reason the Game execution hangs.
Wow. I wonder how and why it quarantines the executable… Does it provide a reason?
We recently purchased an EV Code Signing certificate and we’ll see if it helps to sign the executable. Perhaps it passes the check if the exe is signed.
I guess the only hint is the Threat it mentions. Which seems like a virus signature maybe?
Hi, just wondering when you might use the EV Code Signing certificate to sign the executable to see if it resolves the McAfee issue which I am also experiencing?
Hi there, somebody have found a some solution for this issue? I have tried several versions and with all of them I can’t compile, McAfee always block luajit-32.exe.
Hi,
Version 1.3.0 works for me. It’s the only option I can find to carry on using Defold.
Not been able to exclude luajit-32.exe from McAfee.
I am finding each time the Defold editor is opened, luajit-32.exe is unpacked into a folder in C:\Users[Username]\AppData\Local\Temp that is named defold-unpack-xxx, where xxx is a 40-character hexadecimal string. McAfee will not allow the luajit-32.exe file to be added to its real time scanning exclude list at this point - I assume because it is in use by the editor. When the editor is closed, the folder is emptied and the luajit-32.exe file no longer exists. Reopening the editor creates a new folder in C:\Users[Username]\AppData\Local\Temp using a different 40-character hexadecimal for the name.
So the file path varies and at no point can the file be excluded from the McAfee real time scan.
Precisely. This is the exact reason I have not been able to use Defold. I mean Defold is amazing, its just that each time I run it I have to run into problems whitelisting the luajit-32 executable because apparently it keeps on extracting it to a different folder each time.
Keeping track of this is a huge pain.
Excluding files from real-time scanning is impractical because it doesn’t function as intended. However, the method described below works effectively.
Here’s a temporary solution: Open McAfee, navigate to real-time scanning, and temporarily disable real-time scanning for, let’s say, 15 minutes, which is the shortest option. It will automatically resume afterward, but you can also manually turn it back on. After doing so, go to the quarantined items and restore the luajit-32.exe file. Now you can use Defold until this method is no longer effective. You can easily repeat this workaround; it takes just two minutes. For me, this method works even after updating Defold and rebooting my PC.
We will address this issue for the next release. We will see if we can sign the LuaJIT exe with our code signing certificate, and possibly also look into how and where we unpack the files.
I’ve started this task now. Hopefully there’s going to be a version of Defold for you to try in a day or two!
Thx, I have experiment a little and in order to make working the 1.6.0 version I had to replace the luajit-32.exe with a copy of luajit-64.exe in the .jar file, although is not the cleanest option this worked to me.
The problem with that is that the two exes produce byte code for 32/64 bit targets respectively. Just so that you’re aware.
I think our next version 1.6.2 will have signed exes.
Here’s a version with signed luajit exes. I would appreciate if someone with McAfee installed could give it a try:
Tried it (even cleared cache). luajit-32.exe is still getting flagged.
