Anti-malware engines included in MetaDefender Core v4 do not install real-time protection agents. If you already have an anti-malware product installed on your system which may also be one of the anti-malware engines in your version of MetaDefender Core v4, it will interfere with the scanning process performed by MetaDefender Core v4. For this reason, it is recommended that you disable the real-time protection of your anti-malware product.
If your corporate policy does not allow you to disable your real-time anti-virus product, you will need to add some exception rules. As part of your exception rule, you need to exclude the OPSWAT installation folder which by default also includes the folder where MetaDefender Core is creating its temporary files.
Metadefender will not deploy engines if it detects an active on-access scanner. It does the detection using an eicar file put into the product's temp folder.
Please monitor the notification you see on the exclamation mark
Troubleshooting should start by checking the Scan Nodes tab under Inventory:
If you do not add this exception or if you do not disable real-time protection, results returned by MetaDefender Core v4 for scanning will not be consistent.
1. If no engines will be deployed :
The following result will be returned: Not Scanned
An error will be displayed
2. If the engines get deployed and you turn Real Time protection on, the return value of the scans would be one of the following:
Clean: If your existing anti-malware product was able to clean the threat
Failed (or other errors): If your existing anti-malware product removed the file before MetaDefender Core could scan it
If you need help on how to add an exception rule to exclude a given folder from scanning for a anti-malware product, please tell us what product you are using and we may be able to help you. Be sure to include the product version.
This article applies to MetaDefender Core v4
This article was last updated on 2018-03-26