Match-IT is a huge system and the probability of false positives from virus checkers is high. When this happens it can cause massive delays while it is resolved. All our files are digitally signed with a “code signing” licence that we have to jump through hoops and pay a high price to obtain; but virus checkers still attack our files with false positives.
When our programs start they rigorously self-check both their digital signatures and verify a pre-computed checksum. Any alteration to a Match-IT file will be detected and Match-IT will refuse to run: It it is safe to exempt our files form your AV.
While we do run our files through two virus checkers (Clamwin and Windows Defender) before uploading to the website, a change to your virus checker signature list (they typically update daily) may then detect new false positives. We have absolutely no way at all to counter this other than folder exemption. A good example happened on June 12th 2019 when Windows Defender on some sites (not all and not here) started attacking a file of ours that has not changed since 2015!
The following folders must be exempted in your virus checker(s) and Windows Defender if you allow it to run in parallel with your virus checker (often the case and in our experience often not realised).
Assuming Match-IT is installed into c:\match_it you need to exempt:-
c:\match_it (if you have more than one install, do this for all of them)
Only applicable if you are running Match-IT across the network (i.e. not using terminal services).
It is absolutely essential that workstation exemptions are in place otherwise you will get all workstations checking the sames files on the server which will also result in data corruptions.
If the Match-IT shortcut points to a mapped drive (not recommended), that mapped drive must be exempted. So if the shortcut points to M:\match_it… then exempt M:
If the Match-IT shortcut points to a server using a UNC path (recommended), the path to Match-IT must be exempted. So if the shortcut points to \\servername\match_it\… then exempt \\servername\match_it. NB: while that folder is in fact already exempted on the server, local virus checkers are not clever enough to realise that.
Like the server, you must also exempt the local c:\programdata\match_it.
Your IT company usually configure all this remotely with a global policy which means the workstations do not need to be done individually.
If you are unsure if the Match-IT exemptions are in place, please point your IT company at this article and ask them to check.
We also strongly recommend not using mapped drives; as they can be very slow.
Managed anti-virus programs often have alerts to the user turned off, so all the user will see is a problem with Match-IT. Typical symptoms are Windows saying that the shortcut target has disappeared and strange access denied errors. If you see anything like this, call us but also please point your IT company at this article and ask them to check configuration. Often a new PC can creep in under the radar or it has a free trial AV installed that needs to be removed. Problems can persist after exemption because of the quarantined files and your IT company may need to resolve that as well.
Current known threats
13/06/19 – Bit defender (and custom branded managed versions) is attacking sys/match_go.exe and sys/match_ix.dll.
13/06/19 – Windows defender is attacking sys/mime/core.exe.