Configuration and Settings

Why are Japanese TXT files detected as "application/octet-stream" instead of "text/plain"?

How to Connect a MetaDefender Core Container to the same instance in Shared Database Mode?

Can local AVs interrupt ongoing scans?

Can I create new workflows?

Can I control access to the RAM disk in MetaDefender Core v5?

Can I view configuration changes on the Core side (audit)?

How can I add a mail server to the Core deployment?

How do I prevent Symantec Endpoint Protection from interfering with the optimal functioning of MetaDefender Core?

How can I find a sanitized file scanned with MetaDefender Core v5?

What is the retry mechanism for MetaDefender Core connecting to the remote Postgres Database?

How to use MetaDefender Core V5 Blocklist/Allowlist feature?

How can I configure the maximum queue size in MetaDefender Core v5 ?

How do I remove an engine from my MetaDefender instance?

How can the Temp folder be changed?

How can I increase parallel count and Max queue size?

How can I change MetaDefender Core Deep CDR's timeout settings?

My scans keep failing due to an exceeded archive file number, how do I determine the number of files in an archive and then configure my process settings accordingly?

Why are password protected archives blocked and how do I unblock them?

How to disable WEB UI file scan without user authentication?

How To Allow Only Certain Files to be Scanned with MetaDefender Core?

How to generate an API key on the Core deployment?

How to Modify the Hostname of Your MetaDefender Core Server and Potential Impact?

What are the permissions on the shared folder for the temp directory?

How to implement a numerical escape function for HTML?

How to reset password for users?

How to Block/Allow Custom Extensions using RegEx?

How to migrate MetaDefender Core from PostgreSQL local to PostgreSQL remote?

How to change Core Web Management Interface Address Port?

Does MetaDefender Core store original files?

Why Japanese characters are not recognized or displayed correctly in archives?

How to install pre-built libgdiplus on RedHat 9?

Does Deep CDR support sanitizing split archives?

How to exclude OPSWAT folder from Anti-Virus Windows Defender?

Where are MetaDefender Core Install Directories and Registry?

Under what circumstances does the scan result not show the username?

How to send MetaDefender Core logs to NAS ( Network Attached Storage ) Path?

Why is a file blocked by Deep CDR or Proactive DLP but I can still download the sanitized version?

Does Deep CDR support Adobe Illustrator (AI) files in PostScript format?

How to add the source IP in scan details?

How do I integrate Jenkins with MetaDefender Core?

Can I apply a new license key before the current one expires?

How to automate backup configuration settings for MD Core? (API)

Why I can't push configuration due to password storage?

How do I install MetaDefender Core in Rocky Linux 9

How to properly configure Syslog Server for MetaDefender Core?

Why MetaDefender Core’s nginx ssl.conf changed to ssl.mdcore.conf?

How to configure SMTP server with authentication under MetaDefender Core to send notification to M365?

How to Upgrade MetaDefender Core in Docker While Retaining Old Data?

How to mount the sanitized folder and the quarantine folder from the MetaDefender Core container to the host machine?

How to enable HTTPS for MD Core UI only and Rest API is on HTTP?

Why Does My MD Core Deployment on Kubernetes Lose Data After a Restart?

Errors and Troubleshooting

Why is MetaDefender Core unable to connect to the database?

What can I do if MetaDefender shows a high number of files that failed to scan?

What should I do if an engine is in "failed" or "permanently failed" status?

What are the engine clean-up instructions?

Why is the scan stuck in "processing" state on WebScan UI, when the Core Processing History shows that it is already finished?

Why have the ESET and Kaspersky scan engines failed to initialize on the hardened Linux OS?

Why has the Symantec custom engine failed to deploy?

What are common reasons for Deep CDR scan/sanitization failures and how do I fix them?

What do the various error messages mean in MetaDefender Core RestAPI?

Why are some modules not appearing in my MetaDefender Core inventory?

Why does my MetaDefender Core install fail?

Why do you sometimes see a discrepancy between the File Type and MIME Type information?

Why files are not sanitized?

Why am I receiving a “400” error for API file submission?

How to Mitigate Scan Failures in MetaDefender Core Triggered by Real-Time Protection Systems?

How to Resolve MetaDefender Core Service Start-up Failures on IPv6-Disabled Linux Systems?

How to Understand OPSWAT's Multiscanning AV Detection Differences Compared to Other Scanners?

How to Troubleshoot Inaccessible Management Console?

How do I fix module update error “Error parsing metadescriptor, message='Could not download metadescriptor'”?

Why does ClamAV show "permanently failed" after enabling the daemon log file?

How to troubleshoot HTTPS failure on MetaDefender Core?

How to Remove Engines from MetaDefender Core using command line?

How to enable debug logging for MetaDefender Core?

Why did the deployment of the Threat Intelligence Module Fail?

Why did the deployment of the Reputation Module Fail?

How do I verify if MetaDefender products are sending out syslog messages to the syslog server?

Why is MetaDefender Core not starting after moving or deleting the certificates from the initial location?

Why doesn’t CDR detect the JavaScript I appended to a PDF file?

Why Deep CDR is not Sanitizing Files Inside a ZIP?

Why does the “deleteafterimport” error appear when importing an MD Core configuration from standalone mode to shared database mode?

What is the meaning of action_ran and action_failed in JSON scan result?

Why can't I sanitize HEIC files?

Why Am I Getting "No Rows to Show" When Using a Proxy Without Authentication in Browser Settings?

How Does TLS 1.0/1.1 Deprecation Affect Compatibility Across OPSWAT Products?

Why can small file changes bypass the Antivirus detection?

How do I verify if MetaDefender products are sending out syslog messages to the syslog server?

How do I fix files being blocked due to unexpected "File type mismatch" verdict?

Why are MetaDefender Core engines permanently failed?

How do I Reset the Password for MetaDefender Update Downloader?

Why Does MetaDefender Core Fail to Connect to the Database After a System Restart?

What do you do if your engine fails to update?

What is causing my Scans to be slow on MetaDefender Core?

What do I do if my modules disappear from the Core UI?

Why do all engines fail to update on a Windows server, and I see SSL handshake failed error?

What to do if Core and PostgreSQL Services are no longer starting after force restart of ometascan service ( Error Code 610 )

Why do I receive the error of "Failed to request scan. Insufficient number of anti-malware engines active"?

How do I Resolve SSL Handshake Failures when Updating OPSWAT MDCore modules — Certificate Chain SSL Error for URL 'https://update.dl.opswat.com' ?

Features and Functionality

Why does Kiosk show "Invalid Core Setup"?

How to Use a RAMDISK for the tempdirectory?

Why does ClamAV seem to be slower than other engines?

What temporary folder do Custom Engines use ?

What PDF file annotations are Supported/Non-Supported by MetaDefender Core’s Deep CDR?

What does "Potentially Vulnerable File" result mean?

What CAB files are Supported/Non-Supported by MetaDefender’s Deep CDR?

What are the MetaDefender Core Security Policies and how do they work?

Is Metadefender Core compromised while scanning files?

What is the Queue Mechanism on Metadefender Core?

How does the Post Actions feature work?

How does the External Scanners feature work?

How do I generate and save a MetaDefender Core scan result summary in JSON format?

How and why are my image files altered during processing with Deep CDR and Proactive DLP?

Does MetaDefender Core v5 offer real-time antivirus protection on the system where it is installed?

Does MetaDefender Core v5 Detect the NotPetya Ransomware?

Are there any limitations to the MetaDefender Core scan engines?

Can MetaDefender Core block renamed files (such as renamed .exe files)?

How can I export the processing history from the Core console?

How to Utilize YARA Rules with MetaDefender Core?

What is the Design of MetaDefender Core and Its Protective Measures?

What does the items sanitized/removed count in Deep CDR sanitization report mean?

Why image sanitization doesn't report any object in details?

What are the requirements to process XDW/XBD/XCT files with CDR?

How do we utilize API uploads so the correct file type and sanitization occurs every time?

What are the differences between AVs in OPSWAT and the other services?

Does OPSWAT Use Security Checks on Our Code, Libraries, Credentials, etc?

How to access and analyze detailed scan results for an infected file?

Why MetaDefender Core blocks Sandbox Verdicts that are not marked to be blocked?

How to scan multiple files at once with MetaDefender Core

Is MetaDefender Core able to extract, detect and block malicious embedded macros?

Does OPSWAT provide a file dataset that can be used to evaluate MetaDefender Core's capabilities?

How would discontinuing Threat Intelligence affect customers?

How do I Validate FileType Digital Signature on MetaDefender Core?

How to add custom detection for a file type?

What can I do if MetaDefender Core shows a high number of files that failed to scan?

Why did the required password pop up when scanning an unencrypted file?

How to Test the Syslog Server functionality from MetaDefender Core?

When and how to use “PDF to Image Configuration” Deep CDR feature?

How do I send specific log entries to syslog integration?

How do I send the MetaDefender Core logs in Windows event log?

Does installing an antivirus impact a containerized deployment?

Why does the DeepCDR engine delete the content of the HTML file?

What is the Document Encryption Timeout setting and how does it work?

How do I manually clean up the MD Core engine's local folder?

How can I handle a high CPU load on my Core server

Does MetaDefender Core generate a file download link after all scan sessions?

Why are hyperlinks sometimes still present in documents opened in Microsoft Office or PDF Reader after Deep CDR sanitization?

Why Is Deep CDR Returning "Action: none" and No Sanitized File?

Is MetaDefender Core affected by CVE-2024-7264 Vulnerability?

How Does OPSWAT Determine Which Files Are Acceptable for Content Disarm and Reconstruction (CDR)?

Where are the quarantine and sanitized folders located after mounting them from the MD Core container to the Ubuntu host machine?

Feedback and Support

How do I obtain a Trial License for MetaDefender Core?

How long is the support lifecycle for a specific version of MetaDefender Core?

How do I get a False Detection (False Positive or False Negative) corrected?

Licensing, Setup and Deployment

What dependencies does MetaDefender’s Deep CDR for Linux have?

What links, target-services or target host-IPs need to be allowed for Metadefender Core to function accurately?

How do I set up exclusions on my anti-malware software to prevent disruption of the MetaDefender Core scanning process, when my corporate policy does not allow it?

How do I deploy MetaDefender Core to an offline Windows environment?

How do I deploy MetaDefender Core to an offline Linux environment?

Does the Deployment ID change at any time?

How do I activate my offline deployment of MetaDefender Core?

How do I activate/deactivate a MetaDefender Core Deployment via API calls?

How do I update to a new license key on a Metadefender Core server?

What types of licenses are available for MetaDefender Core?

After license renewal does the product activation happen automatically (if the license key is the same)?

How to install .NET 6 Runtime dependencies on Linux Distributions?

What are the List of folders that should be removed after MetaDefender Core uninstallation on Linux?

How to connect LDAP via SSL on Linux

How to Backup and Restore standalone database for MetaDefender Core?

How to install msttcore-fonts on Linux systems?

How to upgrade Amazon Corretto JRE?

Can I activate the product license before the start date?

How to completely uninstall MetaDefender Core?

How to Trust MetaDefender Core’s Self-Signed Certificate When HTTPS Is Enabled?

How are MetaDefender Core AWS AMI images secured and updated?

How to handle high CPU load on MetaDefender Core server?

What will happen to the MD core after the license is expired?

Testing MetaDefender Core

Is there a virus test I could use to test MetaDefender Core engines?

How do I check if "noexec" flag exists on a Linux OS?

How can I run tests to see the different scan results on MetaDefender Core?

Updates, Patches and Bug Fixes

Are scan engine updates automatic?

What operating system patches should be applied to the system hosting MetaDefender Core?

How do I check the update status of MetaDefender Core’s licensed AV scan engines?

What is the frequency of signature/definition updates on MetaDefender Core?

Why does the Deep CDR engine keep failing to update?

What Happens After the Discontinuation of Kaspersky Support for Windows and Linux?

Does a CVE affect MetaDefender Core?

End-of-Life Support for CentOS 7 and RedHat 7 in MetaDefender Core and Engines

End of Life Support for Ubuntu 20.04 and Amazon Linux 2 in MetaDefender Core

Will MetaDefender Core Experience Downtime During Engine Updates?

How to Update Antivirus Engines in MetaDefender Core Manually?

Where do I Find the 'Last Update' for the Database Version Download in API?

Version Upgrades

Are MetaDefender Core v5 upgrades free?

Are MetaDefender Core version upgrades automatic?

How do I manually upgrade to the latest MetaDefender Core version?

What is the latest MetaDefender Core version?

How to upgrade an End-of-Life [EOL] MetaDefender Core?

Can I upgrade MetaDefender Core from an very old version such as version 4.x.x to the latest version 5.x.x?

Can I upgrade MetaDefender Core from a very old version directly to the latest available?

Why Is Deep CDR Returning "Action: none" and No Sanitized File?

This article is applied to MetaDefender Core releases after v5.13.1, deployed on Windows and Linux systems

Issue

When submitting files to Deep CDR, no sanitized file is generated, and the CDR result shows:

Action: none

This may occur even when the file contains elements commonly associated with risk, such as macros or embedded links.

Reason

Starting in MetaDefender Core v5.13.1, a feature called Analysis Mode was introduced.

When Analysis Mode is enabled:

Deep CDR does not perform sanitization or generate a reconstructed output file.
Instead, it scans and reports internal objects (e.g., macros, scripts, URLs) without modifying the file.
This mode is designed for performance optimization and in-depth inspection, not content sanitization.
As a result, the CDR action is recorded as none, and no sanitized file is returned.

For more information, please refer to this article: Analysis mode - MetaDefender Core

Resolution

To allow Deep CDR to sanitize and return a cleaned file:

To ensure Deep CDR generates a sanitized file:

Go to Core > Workflow Management.
Select the relevant workflow name.
Navigate to the Deep CDR section.
Go to the Advanced tab.
Uncheck the option "Analysis Mode".

Save the changes and resubmit the file.

When Analysis Mode is disabled, Deep CDR will sanitize the file and generate a sanitized output according to the configured policies.

If Further Assistance is required, please proceed to log a support case or chatting with our support engineer.

Last updated on

Was this page helpful?

On This Page

Why Is Deep CDR Returning "Action: none" and No Sanitized File?Issue Reason Resolution