1

When using Visual Studio 2017 and building a Xamarin project for Android I get the following error:

access to the path resources.apk.bk is denied

I've been getting this error for over 4 years and I know it's related to McAfee Enterprise but I still can't seem to fix it and the web has been no help. Every once in a while I take some time out and try again to fix it. Persistence paid off and I finally found the fix shown below.

Post Impatica
  • 14,999
  • 9
  • 67
  • 78

1 Answers1

1

You have to exclude resources.apk.bk from McAfee Enterprise OnAccess scanning but the trick is to configure it properly and the method is confusing.

I struggled with this because I kept adding resources.apk.bk to the "On-Demand" exclusions but that won't work, you have to add it to the "On-Access" exclusions.

There are 2 ways to fix it. If you have permission to configure your own McAfee client then I provide instructions below. Otherwise you have to have your McAfee administrator fix it which I show below as well.

McAfee Admin Instructions:

This step should be performed on the McAfee Enterprise server by your McAfee Enterprise Admin. Add resources.apk.bk to the "On-Access" exclusions, make sure they know it's for "On-Access" and not "On-Demand".

Fix you can do yourself if you have permission

  1. Right-Click on the McAfee icon in your task bar and click on "McAfee Endpoint Security".
  2. Assuming it's password protected, login with the admin password.
  3. In the green bar near the top click the text "Threat Prevention"
  4. Click "Show Advanced" button on the right
  5. Click "On-Access Scan" on the left
  6. Scroll down a little further until you see the Exclusions box
  7. Click Add
  8. within the top input box type in resources.apk.bk then click "Ok"
  9. Click "Apply" at the top right.

You should now be able to rebuild your Xamarin Forms Android project without receiving the error.

NOTE!

Keep in mind, if you configure your McAfee yourself, depending on how your McAfee Enterprise is setup your configuration may be overwritten at any moment, because most McAfee Enterprise setups overwrite your own configurations every 5 minutes because they want to make sure everyone is applying a policy that management requires.

Post Impatica
  • 14,999
  • 9
  • 67
  • 78
  • for `McAfee Enterprise` it is pointless to "fix this yourself". the policy needs to permit it. – Martin Zeitler Mar 08 '19 at 15:13
  • @MartinZeitler Several years ago our company's internal McAfee admin set my machine up as a power user's desktop within the McAfee Enterprise Management Console which allows me to create my own exclusions without them being overwritten.. I was able to set my exclusion and it's been working great and the McAfee policies are not overwriting it. So for me it wasn't pointless to fix it myself. – Post Impatica Mar 08 '19 at 21:12
  • that users have access to the management console, that is by itself pointless, from a security perspective, in a corporate environment (while this is a machine on the domain)... because the "separation of duties" had been ignored. escalating the issue to the administration appears to be the most likely solution. – Martin Zeitler Mar 08 '19 at 22:18