Sophos Malware Remediation Toolkit (SMaRT)

  • Article ID: 116418
  • Rating:
  • 43 customers rated this article 4.4 out of 6
  • Updated: 01 May 2014

What is SMaRT?

SMaRT provides a systematic process which allows you to deal with malware from the time you initially suspect or discover its presence, through to its removal. This process can be implemented by using the step-through Interactive Guide or by working through the downloadable PDF User Guide. Links to these are provided below.

Both SMaRT guides demonstrate the processes and tools needed to remove resistant malware. It advises on which tools should be used, under what circumstances, and how  best to use them.

NOTE: SMaRT is designed to be used with Windows 2000 and above.

When to use SMaRT

The SMaRT process should be used under any of the following circumstances:

  • A scan has alerted you to the presence of malware on your system. You have attempted to clean it up, but were unsuccessful. For example, this may be due to the fact that the system is reinfecting itself. SMaRT helps you to track down and deal with these situations
  • You believe you may have malware on your system, but are unable to locate it.
  • Suspicious items have been detected, but you are not clear as to whether they are actually malware.

How does SMaRT work?

The SMaRT process guides you through the use of the following specialised tools:

  • Source of Infection Tool (SOI) - used to identify where persistent malware originates. This can be either a network location or a local process.
  • Sophos Anti-Rootkit (SAR) – used to detect malware that uses stealth (rootkit) technology to evade detection by normal anti-virus scanners
  • Sophos Bootable Anti-Virus (SBAV) – used to detect and disinfect fully compromised computers using an independent operating system
  • Sophos Healthcheck (SHC) – used to check the status of the Sophos installation on the computer
  • Sophos Virus Removal Tool (SVRT) – used to clean up malware in standalone situations, often used when other anti-virus vendor products are installed

At each stage throughout the cleanup procedure you will scan and check your computer to determine whether cleanup has succeeded, and whether or not you need to use additional tools.

Getting started with SMaRT

A guide for users:

A guide for network administrators:

Download the tools:

  • Obtain the full SMaRT toolset from here, and follow the instructions given in the Interactive, User or Admin Guides.

 
If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent

Comments