How to remove trojans, worms, viruses, and other malware with Sophos Anti-Virus

  • Article ID: 112129
  • Rating:
  • 417 customers rated this article 2.2 out of 6
  • Updated: 15 Apr 2013

This article is designed to be of use to both end-users who may want to cleanup their endpoint computers, and to IT administrators. If you are an IT administrator, where necessary, please refer to the relevant articles and documentation listed below, also please note the information given in the next paragraph regarding the SMaRT tool.

If you have correctly followed the instructions given below for your operating system, and the malware has not been successfully removed, we recommend that you use the Sophos Malware Remediation Toolkit (SMaRT).

Refer to the Threat Center pages for detailed and specific information about malware and threats of all types.

1. Using the Console to remove malware

For details of how to remove malware over a network using Enterprise Console, Enterprise Manager, or Sophos Control Center, refer to your Console Help manual or on-line help.

2. Windows: Sophos Anti-Virus version 9 and above

To remove malware on the affected computer:

  1. Go to Start | Programs | Sophos | Sophos Endpoint Security and Control and run the 'Sophos Endpoint Security and Control' program.
  2. Click on 'Manage quarantine items'.
  3. In the Quarantine Manager, click the 'Available actions' column header to sort the list of threats according to the action available.
  4. For the following results in the Actions column:
    1. Clean up
      • Select the items displaying this option and then click 'Perform action | Clean up'
    2. Full scan required
      • Click on 'Home' and then 'Scan my Computer' to initiate a scan
      • Once the scan has complete, return to the Quarantine Manager and then clean up the detected items as per the results shown in the Actions column.
    3. Partially removed. Reboot required to complete the cleanup
      • Select these items and then click 'Clear from List'
      • Click on 'Home' and then 'Scan my Computer' to initiate a scan
      • Once the scan has complete, return to the Quarantine Manager to deal with any remaining items.
      • If this appears a second time for the same items, please contact your IT administrator.
    4. Insufficient rights, please contact your administrator
    5. Delete, Move, Authorize
  5. If you have cleaned up all of the items, but are finding that they are returning to your computer, please contact your IT administrator.

Note: If manual cleanup is required, you must locate and navigate to the file and then delete it.

3. Mac OS X computers

Please refer to the knowledgebase article Removing Malware from a Mac OS X.

4. Linux

  1. Use savscan with the -remove option
    savscan -remove
  2. Run a scan to check that malware infected files were deleted.

5. UNIX

  1. Use SWEEP with the -remove option
    sweep -remove
  2. Run a scan to check that malware infected files were deleted.

6. OpenVMS

Refer to the Sophos Anti-Virus for OpenVMS user manual.

thank you for the feedback


 
If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent

Comments