This event is generated by the Sybari Antigen program when it finds a virus. <direction> can be either Inbound, Outbound, or Internal, depending on which mail queue it found the virus in. <virus name> will either be the name of the Virus found, or in the case that the mail message matched one of the keyword or spam block lists, the offending keyword. <state> is either "Purged" or "Quarantined" depending on the options selected in the Antigen program.
“ExceedinglyNested” is the value Antigen returns when it encounters a compressed file that contains more than the pre-set number of nested compressed files. This value is set to 5 by default but may be changed in the registry setting "MaxNestedCompressedFiles". See Sybari Knowledge Base for more details.