Classification ATP/Content/Virus

Reason

Definition

Virus-scan01

Found identical attributes of classified virus emails in metadata

Virus-scan01-XARG-V

Found known virus structure in multiple attributes of the email

Virus-scan02-Header-V

Found virus signature in email header

Virus-scan03-Link-Va

Linking of a compromised URL

Virus-scan04-Body-V

Found virus signature in email body

Virus-scan05-<VirusName>

Virus found – known, classified virus

Virus-scan06-<VirusName>

Virus scanner 2 found a virus

virus-scan07-doubleextension

Found a file with veiled or faked file type in an archive

Virus-scan07-archive-in.archive

Found nested archives in an archive

virus-scan07-heur-exploit

Found minimum one unknown and potentially dangerous file in an archive

Virus-scan07-fakeoffice2003

Found macro code of Office 2007 in an Office 2003 file

virus-scan07-potential-fake-archive

Found an archive with wrong declaration of content type (MIME-Content-Type)

Virus-scan08-executable

Found potentially dangerous file in attachment

Virus-scan09-asehtmlheuristics

Evidence of phishing and suspicious attachment found

Virus-scan09-ASEurl 0xHeuristics

Evidence of phishing and suspicious link found

Virus-scan09-ASEzipHeuristics

Evidence of phishing and suspicious attachment found

Virus-scan10-<VirusName>

Indistinct virus message through Heuristic intend analysis

Virus-scan12-AttachmentV

Found virus signature in attachment

Virus-scan13-ASE-PhishingHeuristics

Evidence of phishing and suspicious email header found

Virus-scan14-Short-URL-obfuscation

Links are veiled through nested URL shortening

Virus-scan15-ASE-Phishing

Direct link to malware or phishing website

Virus-scan16-ASE-Phishing-heur

Evidence of phishing and inconsistent sender address

Virus-scan17-ASE-office-macro-exploit

Found evidence of malware and Office file with macros, OLE object or VBS code as attachment

Virus-scan17-office-webarchive-exploit-heur

Evidence of malware and attachment with suspicious content found

virus-scan17-office-rtf-exploit-heur

Evidence of malware and attachment with suspicious content found

virus-scan17-Macro

Evidence of malware and attachment with suspicious content found

Virus-scan18

Evidence of malware and the email was sent by different senders or email servers

Virus-scan21-<Virusname>

Virus message by optional virus scanner 3

Virus-scan22-<Virusname>

Virus message by optional virus scanner 4

Content Control

Customer defined forbidden attachment in Control Panel