high
Summary
Summary
Action
| Affected operating systems | Windows |
|---|---|
| Protection available since | 19 October 2007 20:12:09 (GMT) |
| Last updated | 8 September 2008 23:19:19 (GMT) |
| Detected by | All Sophos products |
Sophos beta program
- Endpoint Security and Control 9.0
- Small business solutions 4.0
Action
- Summary
- Action
Issue
How to remove Troj/Virtum-Gen (also known as Virtumundo) from your computers.
Sophos product and version
Sophos Anti-Virus for Windows 2000+
Operating system
Windows 2000, Windows XP, Windows 2003
What to do
IMPORTANT: Do not attempt to use SAV32CLI to remove Troj/Virtum-Gen (Virtumundo).
If a Sophos on-access, or on-demand, scan detects Troj/Virtum-Gen, the 'Clean Up' and 'Delete' options become unavailable. You must run a full system scan to remove it. You can run the scan either from Enterprise Console or locally on the infected computer.
- Run a full system scan:
- From Enterprise Console,
- In the console, right-click the infected computer.
- From the menu, select 'Full system scan'.
- On the infected computer(s)
- Right-click the Sophos shield and select 'Open Sophos Anti-Virus'.
- Click 'Set up a new scan'.
- Select all drives.
- Click 'Configure this scan'.
- In the dialog box, ensure that 'Scan all files' is selected, click OK.
- Click 'Save and start'.
- From Enterprise Console,
- Once the scan completes, the 'Clean Up' option should be available. Select that option.
- When prompted, reboot the computer(s).
- Run a second scan to verify that Troj/Virtum-Gen has been removed.
If this procedure fails to remove Troj/Virtum-Gen, contact Sophos Technical Support.
If you need more information or guidance, then please contact technical support.
These instructions are also available in the knowledge base article: Troj/Virtum-Gen (Virtumundo) clean up procedure.
|
