This article applies to all MetaDefender Core V5 releases deployed on Windows systems.
When scanning sample malware files, such as the commonly used EICAR from Download Anti Malware Testfile - EICAR, it is important to exclude the OPSWAT folder from all existing Anti-Virus software programs on the machine. Failure to exclude the OPSWAT folder can lead to “Not Scanned” results, as the Anti-Virus software will pick up the malware signatures for processing before the MetaDefender Core software can process. Therefore, MetaDefender Core will be unable to determine the hash, leading to the scan result “Not Scanned”.
Common Anti-Virus softwares to perform exclusions, including but not limited to: McAfee, Norton, Bitdefender, Malwarebytes, SentinelOne
How to exclude on Windows Defender
Please ensure you have the proper permissions to add exclusions, such as administrator rights.
- Navigate to “Windows Security” > “Virus & threat protection”
- Under “Virus & threat protection settings” click “Manage settings”
- Scroll down to “Exclusions” and click “Add or remove exclusions”
- Add the folder “OPSWAT”, by default it is located in the install directory: "C:\Program Files\OPSWAT" [Your directory may be different depending on if you have performed a customer install, placing the OPSWAT folder inside a separate Drive]
- Add the folder “Temp” stored at location
C:\Users\<user>\AppData\Local\Temp.
Important Note regarding engine process exclusion
- If Windows Defender is used only as a local AV (and not as an AV engine inside MetaDefender Core), then you may additionally exclude these MetaDefender Core processes:
engineprocess.exe,engineprocess32.exe,ometascan.exe,postgres.exe, andnginx.exe. - However, if Windows Defender is configured both as the local AV and as an AV engine inside MetaDefender Core, then you should not exclude
engineprocess.exe(and its variant) from the real-time protection exclusion list. Excluding the engine process in that scenario can impair the integrated AV engine’s functionality.
Registry Exclusion (Optional)
You can optionally exclude the following registry path:
HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metascan\global
For the values: dlppath, quarantinepath, sanitizepath.
If Further Assistance is required, please proceed to create a support case or chat with our support engineer.
