General and Known Issues


  • Metadefender Core 1, 4, and 8 come with a trial license good for 15 days after fresh installation (reinstalling does not reset trial).

  • Metadefender Core 12, 16, and 20 do not come with a trial license. To obtain a trial license, please contact OPSWAT sales -

  • Metadefender Core should be restarted whenever a new license has been applied via command line.

  • Metadefender Core was previously called Metascan.

  • Metadefender Core categorizes files as 'blocked' or 'allowed' based on the process results. Please refer to Callback for Processing a File (COM) for details.

Known issues

  • Scanning boot sector is only supported by the Total Defense and Quick Heal scan engine. Other engines will fail to scan for boot sector scan request.

  • REST Web Service installation may fail to install if UAC (User Access Control) is enabled. Turn off UAC and run the installation with Administrator privileges.

  • Metadefender Core does not support installation to directory paths that include non-ASCII characters.

  • When Metadefender Core is configured to use a local instance of MongoDB (the default configuration) the HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\OPSWAT\Metascan\db_instance (or HKEY_LOCAL_MACHINE\SOFTWARE\OPSWAT\Metascan\db_instance for 32 bit systems) key must be set to 'localhost' or ''. The local system cannot be referred to by IP address.

  • Metadefender Core does not support installation on systems where the TEMP environment variable contains more than one path.

  • In Metadefender Core 20 packages, the Sophos scan engine must have its definitions updated before scans can successfully complete.

  • The setting "Maximum File Size for files scanned through the web interface" found on the Configuration->Scan Configuration page in the Metadefender Core Management Console cannot currently be imported or exported through the Backup/Restore feature.

  • Disabling the 'support_custom_engine' property will disable all engines in Metadefender Core.

  • Threats found within archives will not be removed even if Metadefender Core is configured to delete or quarantine files that contain threats.

  • File size must be less than 2GB when scanning single file via REST or Metadefender Client.

  • Metadefender Core embedded engines should not be installed on a system which has an alternate product provided by the same vendor, for example, installation of the ESET Scan Engine with ESET Endpoint Security. This configuration is not supported by Metadefender Core.

  • Quick Heal can't scan file bigger than 2GB

Known Issues For Developer

  • Archives scanned through the COM interface do not have their scan results logged.

Known Issues Related To Email and ICAP

  • Email preview does not work for RTF formatted emails in quarantine.

  • Metadefender Core must have archive handling enabled in order to correctly scan GZIP content through the ICAP interface.

  • Files scanned through the Process COM API only have partial logging. This includes files scanned through the ICAP interface.

  • ICAP server does not block traffic if server is overloaded by default.