How do I set up exclusions on my anti-malware software to prevent disruption of the MetaDefender Core scanning process, when my corporate policy does not allow it?
This article applies to all MetaDefender Core V4 and V5 releases deployed on Windows or Linux systems.
Anti-malware engines included in MetaDefender Core do not install real-time protection agents.
If you already have an anti-malware product installed on your system which also happens to be one of the anti-malware engines in your version of MetaDefender Core, it will interfere with the MetaDefender Core scanning process.
For this reason, OPSWAT recommends that you disable the real-time protection of your anti-malware product. If your corporate policy does not allow you to disable your real-time anti-virus product, you will need to add some exception rules.
To implement your exception rule, you must exclude the following from the relevant anti-malware product’s real-time protection:
- the OPSWAT Installation folder which by default also includes the folder where MetaDefender Core is creating its temporary files
- the ometascan, engineprocess, engineprocess32 and nginx processes (note that some engines will need to run on different process instances (e.g. ClamAv) that are managed by the engineprocess parent process ).
If you do not add this exception or if you do not disable real-time protection, results returned by MetaDefender Core scanning will not be consistent, and the return value of the scans would be one of the following:
- Clean: If your existing anti-malware product was able to clean the threat
- Failed (or other errors): If your existing anti-malware product removed the file before MetaDefender Core could scan it.
If you are using Symantec Endpoint Protection as your local AV, please adjust the settings as instructed in This KB Article.
Should you require a real time protection agent to be installed in addition to MetaDefender Core, please ensure that it is not a product featured among the MetaDefender Core’s included scanning engines.
If you need help learning how to add an exception rule (to exclude a given folder from an AV products scan area) please tell us what product you are using and we may be able to help you - but be sure to include the product version. To contact us, please follow these instructions on auto$, before creating a support case or chatting with our support engineer.