How to exclude OPSWAT folder from Anti-Virus Windows Defender?

When scanning sample malware files such as the commonly used EICAR from Download Anti Malware Testfile - EICAR it is important to exclude the OPSWAT folder from all existing Anti-Virus software programs on the machine. Failure to exclude the OPSWAT folder can lead to “Not Scanned” results, as the Anti-Virus software will pick up the malware signatures for processing before the MetaDefender Core software can process. Therefore, MetaDefender Core will be unable to determine the hash, leading to the scan result “Not Scanned”.

Common Anti-Virus softwares to perform exclusions, including but not limited to: McAfee, Norton, Bitdefender, Malwarebytes, SentinelOne

How to exclude on Windows Defender

Please ensure you have the proper permissions to add exclusions, such as administrator rights.

Navigate to “Windows Security” > “Virus & threat protection”

Under “Virus & threat protection settings” click “Manage settings”

Scroll down to “Exclusions” and click “Add or remove exclusions”

Add the folder “OPSWAT”, by default it is located in the install directory: "C:\Program Files\OPSWAT" [Your directory may be different depending on if you have performed a customer install, placing the OPSWAT folder inside a separate Drive]
Add the folder “Temp” stored at location C:\Users\<user>\AppData\Local\Temp.

If you are still receiving “Not scanned” results, please also exclude the MetaDefender Core processes: engineprocess.exe, engineprocess32.exe, ometascan.exe, postgres.exe and nginx.exe.

Additionally you can exclude the MetaDefender Core Registry path:

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metascan\global

For the following:

dlppath

quarantinepath

sanitizepath

If Further Assistance is required, please proceed to create a support case or chat with our support engineer.

Last updated on

Was this page helpful?