Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 6 subscribers
  • Views 5456 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Troj/Bredo-00

dydelite

Hi,

I have installed the anti virus software and completed a scan which found the Troj/Bredo-00.

It said to clean up manually. I followed the instructions but couldn't understanding instruction No. 2 "On the web page, click the action tab".

Nothing happened i.e. I couldn't do instruction 3 which said follow the instructions there for dealing with the threat.

Is this trojan dangerous?
Ii would appreciate any help as I am new to my MAC :-) 

:1006877


This thread was automatically locked due to age.
  • 0

    Hello Anne,

    first of all, please make sure you spell the threat's name correctly (ideally use copy/paste) - it's Troj/Bredo-OO (oh-oh not zero-zero).

    The instructions you quote are from version 7 - do you use v7 or v8? Anyway this part is (and was for some time) outdated. It refers to the analysis pages which can be accessed by clicking the threat's name in Quarantine Manager (QM), for example Troj/Bredo-OO, where you now see Summary and More information just above Affected Operating Systems, previously there were three "tabs" and one of them was Action. To remove the threat make note of the path(s) displayed in the Threat details. Either create a custom scan click the [+] on the bottom left of the Scans window (of the Scans window is not open choose Window->Scans from the menu bar), the Settings ... window opens with Scan items in focus. [+] opens a finder window where you can browse to the threat's location, doesn't need to be the full path, anything "above" is sufficient, the scan just takes longer (but obviously you wouldn't want to scan the whole disk just to remove something from, say,  /yourUser/Library/Mail). Please see also this forum about creating a custom scan. Note that the UI has changed with time (again from v7.3 to 8.0) and as far as I can see does not yet behave as written in the help/manual - you can't drag a threat's path from QM to Scans (at least I was unable to do so). Then go to the Options tab and select the desired action for "When a threat is found".  Or just use Finder to to locate and delete the threat.

    The good news is that the Bredo family targets Windows and is not dangerous for you :smileyhappy:

    HTH

    Christian

    :1006879
  • 0

    Christian,

    Many thanks for your help with this trojan.

    It was apparently residing on my external HD which I use solely for my music. I couldn't delete it but assume this shouldn't be a problem in the future.

    Cheers,

    Anne

    :1007121
  • 0

    Have a message saying Troj/Bredo-anc - this is on a mac - how do i clear this up.

    :1010192
  • 0
    rdf254 wrote:

    Have a message saying Troj/Bredo-anc - this is on a mac - how do i clear this up.

    This will be in an email message, likely having something to do with a UPS shipment or airline reservation, containing a zip file with an exe file inside.  If you can't clean it up from the quarantine manager, temporarily disable on-access scanning and just delete the email message.

    :1010254