Available Scan Results (scan_result_i, scan_all_result_i)

value

short description

long description

0

No Threats Found

No threat detection or the file is empty

1

Infected/Known

Threat is found

2

Suspicious

Classified as possible threat but not identified as specific threat.

3

Failed To Scan

Scanning is not fully performed (For example, invalid file or no read permission). If no engine is included and scan is enabled, this will be the final result.

4

Cleaned / Deleted

Threat is found and file is cleaned (repaired or deleted): repair is not supported yet

5

Unknown

Unknown signature. NOTE: this is only used in multiple hash lookup. For single hash lookup, scan_result_* are not returned as response.

6

Quarantined

File is quarantined

7

Skipped Clean

Scan is skipped because this file type is in white-list*

8

Skipped Infected

Scan is skipped because this file type is in black-list*

9

Exceeded Archive Depth

Threat is not found but there are more archive levels which were not extracted.

10

Not Scanned / No scan results

Scan is skipped by the engine either due to update or other engine specific reason. If scan is disabled, this will be the final result.

11

Aborted

The current scan was stopped by the server

12

Encrypted

File/buffer is not scanned because the file type is detected as encrypted (password-protected). If the Internal Archive Library is ON encrypted return type is not going to be returned through Metascan scan progress callbacks since the engines do not perform any scan operations. If the Internal Archive Library is OFF Metascan will pass the encrypted files to the engines directly, bypassing the detection.

13

Exceeded Archive Size

The extracted archive is too large to scan

14

Exceeded Archive File Number

There are more files in the archive than configured on the server

15

Password Protected Document

Document that is protected by a password [e.g., Office documents or PDFs that require a password to view its contents]. If a file is password protected document, no sanitization will be applied.

Metadefender Core supports detecting password protected document. Here is example of file extension we have tested. If any file extension is not listed here, use https://www.metadefender.com for you to test.

PDF, DOCX, DOC, DOCM, DOTX, DOTM, DOT, PPTX, PPT, POT, POTM, POTX, PPS, PPSM, PPSX, PPTM, PPTX, XLSX, XLS, XLSM, XLSB,XLS, XLTX, XLTM, XLT, XLAM, XLA

17

Mismatch

The file's extension does not match the detected file type. Only applicable when using workflows.

18

Potentially Vulnerable File

 

255

In Progress

 

Scan not started

This means the file has not yet been sent to the engines for scanning. The progress_percentage value will be 0 and the in_queue value will be non zero.

scan_results.scan_all_result_i = -1

scan_results.scan_all_result_a = ""

Scan partially completed

This means some engines have returned results but there are still more remaining. This progress_percentage value will be greater then 0 and less than 100.

  • Accumulated result at the time scan result was queried.

Scan is disabled or skipped

This means the request is complete but scanning has been disabled or has been skipped for some other reason such as file type mismatch. The progress_percentage value will be 100.

scan_results.scan_all_result_i = 100

scan_results.scan_all_result_a = "Not Scanned"

This is same as other Metascan interface such as COM interface and Java interface.