Title
Create new category
Edit page index title
Edit category
Edit link
Why does MetaDefender Core skip quarantining files with the same hash?
This article applies to all MetaDefender Core releases deployed on Windows and Linux systems.
After scanning a known malicious file:
The first instance of the file is successfully quarantined.
A second instance of the same file (from another device or scan) is blocked, but not added again to the quarantine repository.
Users may wonder why the second file does not appear in quarantine storage.
Resolution:
No action is required. The system’s skipping of duplicate quarantine entries is:
Expected by design.
Safe, since blocking and handling still occur as configured.
Reduce disk space consumption.
As a result, there is no supported configuration to change this quarantine behavior.
Best practice
Keep hash calculation enabled in workflows
Do not modify quarantine behavior unless directed by OPSWAT Support
Validate failures by checking that blocked files are removed from the source device
If you require further assistance, please follow these instructions on How to Create Support Package?, before creating a support case or chatting with our support engineer.