• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 754
  • Last Modified:

Exchange 2007, Symantec Mail Security Running, but getting Bloodhound.RLTrap detected and deleted

Exchange 2007, Symantec Mail Security Running, but getting Bloodhound.RLTrap detected and deleted
I am currently running Windows 2008, Exchange 2007, Symantec Mail Security for Microsoft Exchange ver  Constantly getting the Bloodhound RL Trap, and always deleted, over 20 per day
1 Solution
Sudeep SharmaTechnical DesignerCommented:
Bloodhound is the advance heuristic technology used by Symantec products to detect the viruses and worm for which virus definitions are not created yet or you may say they are unknow viruses. But they are detected since the behaviour of the files detected are similar to the know viruses.

If you are getting those alerts it means that Symantec Mail Security for Exchange is removing the message which may contain the malicious code in them.

So I would say that your mail server is been targeted by the spammer and they are sending malware/spyware attached to the email messages.

Further, it is also been found that some legitimate files are also been detected by Bloddhound as malicious but they were not. So in some case it is just false positive. But you are getting 20 or more in a day so I think it is not the case here.

More info on Bloodhound RL Trap


I hope that would help.

jaschmeroldAuthor Commented:
Thanks very much for your response, I also talked to Symantec, seems like the virus attempt has died down.  Thanks for your detailed response, was very helpful
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now