Troj/Chepvil-A, UPS Delivery

---

iheartgnomes wrote:

I have downloaded this virus, according to the Sophos software,
Troj/Chepvil-A, UPS Delivery
And when I open the quarantine, it says to clean up manually. When I go to the page, and click follow these instructions, nothing happens. I really want to remove this virus or trojan. Is it dangerous? I have a Mac, and didn't think they got viruses. What should I do? Tried following some  advice about doing a custom scan, and removing it that way. But I am a novice and when I attempted to do this, the scan arrow wasn't clickable. If some one is kind enough to offer some step by step advice, I would appreciate a great deal.

---

This malware comes via email in a zip file, and runs (currently) on Windows only; it is part of the BredoLab botnet family.  The email usually says it's from UPS or FedEx, and sometimes the IRS.  The easiest way to clean these is to delete the email (it's likely in your Junk folder).

If you got it by downloading the fake "UPS Delivery" from webmail, just delete the zip file from wherever you've downloaded it to.

For the future though, you forgot one step in creating your custom scan:

Once you've created your scan, you need to add the folder it's going to scan using the + icon in the lower left of the window.  You can go back and do this afterwards by clicking the pencil icon on the right side of your custom scan in the main window.

Under the Scan Items tab, click the + and select the volume where the malware was detected (likely your main hard disk listed in the Devices area in the Open dialog) and click the Open button.  Then under Options tab, ensure you have "scan inside archives and compressed files" enabled, and set "When a threat is found:" to "Delete Threat".

---

iheartgnomes wrote:

I have downloaded this virus, according to the Sophos software,
Troj/Chepvil-A, UPS Delivery
And when I open the quarantine, it says to clean up manually. When I go to the page, and click follow these instructions, nothing happens. I really want to remove this virus or trojan. Is it dangerous? I have a Mac, and didn't think they got viruses. What should I do? Tried following some  advice about doing a custom scan, and removing it that way. But I am a novice and when I attempted to do this, the scan arrow wasn't clickable. If some one is kind enough to offer some step by step advice, I would appreciate a great deal.

---

This malware comes via email in a zip file, and runs (currently) on Windows only; it is part of the BredoLab botnet family.  The email usually says it's from UPS or FedEx, and sometimes the IRS.  The easiest way to clean these is to delete the email (it's likely in your Junk folder).

If you got it by downloading the fake "UPS Delivery" from webmail, just delete the zip file from wherever you've downloaded it to.

For the future though, you forgot one step in creating your custom scan:

Once you've created your scan, you need to add the folder it's going to scan using the + icon in the lower left of the window.  You can go back and do this afterwards by clicking the pencil icon on the right side of your custom scan in the main window.

Under the Scan Items tab, click the + and select the volume where the malware was detected (likely your main hard disk listed in the Devices area in the Open dialog) and click the Open button.  Then under Options tab, ensure you have "scan inside archives and compressed files" enabled, and set "When a threat is found:" to "Delete Threat".