The FpcMalwareInspectionActionReason enumerated type contains values that specify the reason for the action that was performed on an HTTP response during malware inspection.
typedef enum FpcMalwareInspectionActionReason {
fpcMalwareInspectionActionReasonNone
No reason was found to perform any action during malware inspection.
= 0, fpcMalwareInspectionActionReasonNoneDetected
No malware was detected during malware inspection.
= 1, fpcMalwareInspectionActionReasonLowMediumThreatsAllowed
No remedial action was performed during malware inspection because low and medium threats are allowed.
= 2, fpcMalwareInspectionActionReasonInfected
The HTTP response was blocked because it was found to contain an infected file.
= 3, fpcMalwareInspectionActionReasonSuspiciousFile
The HTTP response was blocked because it was found to contain suspicious content.
= 4, fpcMalwareInspectionActionReasonEncryptedFile
The HTTP response was blocked because it was found to contain an encrypted file.
= 5, fpcMalwareInspectionActionReasonMaxArchiveNestingExceeded
The HTTP response was blocked because it was found to contain an archive whose achive depth level exceeded the user-defined maximum.
= 6, fpcMalwareInspectionActionReasonMaxSizeExceeded
The HTTP response was blocked because it was found to contain a file whose size exceeded the user-defined maximum file size.
= 7, fpcMalwareInspectionActionReasonMaxUnpackedSizeExceeded
The HTTP response was blocked because it was found to contain an achive whose unpacked size exceeded the maximum.
= 8, fpcMalwareInspectionActionReasonUnknownEncoding
The HTTP response was blocked because it was found to contain a file with unknown encoding.
= 9, fpcMalwareInspectionActionReasonCorruptedFile
The HTTP response was blocked because it was found to contain a corrupted file.
= 10, fpcMalwareInspectionActionReasonTimeOut
The HTTP response was blocked because the scanning time exceeded the user-defined maximum.
= 11, fpcMalwareInspectionActionReasonStorageLimitExceeded
The HTTP response was blocked because the storage space limit for malware inspection was exceeded.
= 12, fpcMalwareInspectionActionReasonUnsupportedFormat
The HTTP response was blocked because an unsupported format was detected during malware inspection.
= 13, fpcMalwareInspectionActionReasonStatusNotRequested
The HTTP response was blocked because it was found to contain a status not requested during malware inspection.
= 14, fpcMalwareInspectionActionReasonOther
The HTTP response was blocked for another unspecified reason during malware inspection.
= 15, fpcMalwareInspectionActionReasonDisabled
The HTTP response was allowed because malware inspection is disabled.
= 16, fpcMalwareInspectionActionReasonDisabledForPolicyRule
The HTTP response was allowed because malware inspection is disabled for the matching policy rule.
= 17, fpcMalwareInspectionActionReasonDisabledForChainingRule
The HTTP response was allowed because malware inspection is disabled for the matching Web chaining rule.
= 18, fpcMalwareInspectionActionReasonExceptionList
The HTTP response was allowed because the destination is included in the list of malware inspection exceptions.
= 19, fpcMalwareInspectionActionReasonProxyOriginatedResponse
The HTTP response was allowed because it originated from a proxy server.
= 20, fpcMalwareInspectionActionReasonServedByFilter
The HTTP response was allowed because it was servered by the Malware Insepction Filter.
= 21, fpcMalwareInspectionActionReasonStreaming
The HTTP response was allowed because the request/response pair was identified as exempted protocol messages.
= 22, fpcMalwareInspectionActionReasonResponseToConnect
The HTTP response was allowed because it was found to be a 200 response to a CONNECT request.
= 23, fpcMalwareInspectionActionReasonRoutedByCarp
The HTTP response was allowed because it was scanned before being routed by the Cache Array Routing Protocol (CARP).
= 24, fpcMalwareInspectionActionReasonSourceExceptionList
The HTTP response was allowed because the source is included in the list of malware insepction exceptions.
= 25, fpcMalwareInspectionActionReasonDefinitionsFolderNotSpecified
The HTTP response was allowed because the folder containing the malware inspection definitions is not specified.
= 26, fpcMalwareInspectionActionReasonRangeResponse
The HTTP response was blocked because it was a range response that did not include a range specification.
= 27 } FpcMalwareInspectionActionReason;
No reason was found to perform any action during malware inspection.
No malware was detected during malware inspection.
No remedial action was performed during malware inspection because low and medium threats are allowed.
The HTTP response was blocked because it was found to contain an infected file.
The HTTP response was blocked because it was found to contain suspicious content.
The HTTP response was blocked because it was found to contain an encrypted file.
The HTTP response was blocked because it was found to contain an archive whose achive depth level exceeded the user-defined maximum.
The HTTP response was blocked because it was found to contain a file whose size exceeded the user-defined maximum file size.
The HTTP response was blocked because it was found to contain an achive whose unpacked size exceeded the maximum.
The HTTP response was blocked because it was found to contain a file with unknown encoding.
The HTTP response was blocked because it was found to contain a corrupted file.
The HTTP response was blocked because the scanning time exceeded the user-defined maximum.
The HTTP response was blocked because the storage space limit for malware inspection was exceeded.
The HTTP response was blocked because an unsupported format was detected during malware inspection.
The HTTP response was blocked because it was found to contain a status not requested during malware inspection.
The HTTP response was blocked for another unspecified reason during malware inspection.
The HTTP response was allowed because malware inspection is disabled.
The HTTP response was allowed because malware inspection is disabled for the matching policy rule.
The HTTP response was allowed because malware inspection is disabled for the matching Web chaining rule.
The HTTP response was allowed because the destination is included in the list of malware inspection exceptions.
The HTTP response was allowed because it originated from a proxy server.
The HTTP response was allowed because it was servered by the Malware Insepction Filter.
The HTTP response was allowed because the request/response pair was identified as exempted protocol messages.
The HTTP response was allowed because it was found to be a 200 response to a CONNECT request.
The HTTP response was allowed because it was scanned before being routed by the Cache Array Routing Protocol (CARP).
The HTTP response was allowed because the source is included in the list of malware insepction exceptions.
The HTTP response was allowed because the folder containing the malware inspection definitions is not specified.
The HTTP response was blocked because it was a range response that did not include a range specification.
| Client | Requires Windows Vista or Windows XP. |
|---|---|
| Server | Requires Windows Server 2008. |
| Version | Requires Forefront Threat Management Gateway (TMG). |
| Header |
Declared in Comenum.h. |
Send comments about this topic to Microsoft
Build date: 11/30/2009
© 2008 Microsoft Corporation. All rights reserved.