These are the alternative solutions for customizing the DLP messages:
1- We can customize the exception.virus_detected exception if customer is not using it for ICAP AV.
2- We can make customize exception.virus_detected exception in a generic way that would be reasonable for detected viruses and data leaks.
3- Use the vendor exception if it is customizable.
the first 2 alternatives you will need to customize the exception.virus_detected which looks like this in the exception file: ( Configuration> policy > Exceptions)
(details "Content contained $(quot)$(x-virus-id)$(quot) virus. Details:$(crlf)$(x-virus-details)")
(summary "Virus was detected in the content")
This is the DLP using the virus_detected exception to handle a DLP signature
And this is the vendor exception (BC in this case)