AI2Offline apk causes Wacatac virus on Windows Defender

Hello, I have noticed that apk files generated from AI2Offline are being flagged with Wacatac virus on Windows Defender. I do not want to send apk file to anyone due to privacy concerns. I used NoxPlayer and I get threats found notification when installing my apks. This has never happened in the past and I need a solution because this is a big disaster. Even a blank app with no extensions, code, or components triggered the threats alert.

My two AI2Offline versions were downloaded in August 2021 and April 2022.

Both versions suffer the same issue. Along with one app built with a version of AI2Offline from March 2021.

Do you get the same virus warning if you build with real App Inventor ? If not, this is not an MIT App Inventor issue, you will need to raise this with the developers of AI2Offline.

The virus you mention appears to affect Microsoft Windows ?

I have not tried that yet because I stopped using the real AppInventor for privacy. I will try to build an apk later. And yes this appears to affect Windows 10 21H1. I have not received this since last month when I updated some of my apps and ran them in Nox (the most recent time I worked in AI2Offline)

And this sometimes happens with downloading apks in Chrome. It triggers Defender.

This sounds like a false positive on Windows Defender...


I built a blank app using real App Inventor and got no false positive.

I still get false positive even on latest version.

I decompiled one of my apps using JADX earlier this year and found references to my username (Windows) to the AppData folder in the apk. I encountered similar issues with developing an AutoHotKey app. Could that be causing it?

here is an example:

moduleMethod7.setProperty("source-location", "C:\\Users\\USER\\AppData\\Local\\Temp\\runtime1994034240844986443.scm:1572");

I don't want to have to go back to web-based AI2 and risk piracy of my apps.

Why not download the AI2 sources and build that, instead of using a third party AI2Offline ?

I don't have time to keep building ai2 sources every time.

And Ai2Offline just got dark mode. Plus, It gets bug fixes.

but it gives you false positives....

I just contacted Ai2Offline on SourceForge.

I'm not risking piracy of my apps unless that public link generation becomes its own option like it did in the past. I wish that save to apk option came back.

add exception for temp folder in Defender or use other antivirus


I'm not sure what you are referring to by piracy in online App Inventor. All apps in your account are private. It's not like other programs like Thunkable that are public unless you pay for private projects.

I'm talking about when saving an APK file it generates a QR Code and a short link. There used to be a save to apk option that only generated no public links.

My business will be downloading these apps. I don't want them to think there is a virus (even a false positive).

I have also reported this to Microsoft because this is a big disaster for me and possibly anyone who uses AI2Offline.

Actually, both systems work the same way, you just never see the link since it is immediately clicked to trigger the APK download. As long as you don't share the URL with anyone there shouldn't be an issue. The link is also only valid for 2 hours after which even you won't be able to access it.



  • to decompile the APK,
  • sign it (again)
  • and recompile it.

I was wrong, now the APK I exported from real App Inventor now triggers Defender (same Wacatac false positive), and Microsoft said they couldn't reproduce any detection!!!

We cannot reproduce any detection on the file. If the detection is still observed, follow the steps below to capture support log files from the system reporting detection.

now what?

Well, have you done what they (Microsoft) asked ?