Sophos Cloud Optix
You know that feeling when you’re pretty sure your Windows machine *might* be infected, but your anti-virus finds nothing?
Or worse, your anti-virus does detect malware, but the instructions to disinfect and rid your system of the malware are so complicated that you want to pull out your hair?
Well, Sophos has just released its Virus Removal Tool. Designed to be child’s play to use, it detects and, more importantly, disinfects all those nasty viruses, spyware, rootkits and even fake anti-virus with its flagship industrial-strength anti-virus.
Best of all it is free, and for Naked Security readers, there are no details to enter before you can download and use it.
Actually, really best of all, there is no need to remove existing anti-virus that is already installed.
For the past year or so, the Virus Removal Tool has been used by some of Sophos’s biggest customers to disinfect complicated malware that sneaked onto a poorly protected computer, but this is the first time Sophos has released this tool to the public at large.
Sophos has also provided a free support forum called Sophos FreeTalk where you can ask any questions about this and other free Sophos products.
The majority of our readers are pretty security conscious, and we know from experience that many of you are probably the IT guy or gal called upon to help family and friends sort out their computers when things go awry. Sophos hopes that this tool will make your lives a little bit easier.
Lastly, Sophos would love to hear your thoughts on its Virus Removal Tool. It sees this as a tool worth investing in, but the company wants to make sure it gets your thoughts first so it can prioritise any improvements accordingly.
Tell us what you think, win a chance to get a goody bag...
Is this available for putting on, and running from, a USB key/flash drive?
If you want to run the tool on a computer that’s not connected to the internet, the safest way is to download the installer (Sophos Virus Removal Tool.exe) on a different computer, write it to a blank CD, and run the installer from the CD on the disconnected computer.
Be careful about using a USB drive, because plugging one into an infected computer may cause the USB drive to become infected, and spread the malware to any other computer you plug it into afterwards.
Stephen Wassell (Sophos developer)
Many thanks Stephen, much appreciated
That's why I use a USB flash drive that I can mount in Ready-Only mode. I don't know why there's not a lot of flash drives out there that have this capability.
Sounds great! Does it work with Mac os x?
No, but our free Mac anti-virus does. 🙂
http://www.sophos.com/freemacav
Well, I'm not an IT person. I'm the "Oh, crap! What did I do now?!", person, so anything to help with viruses is greatly appreciated by me. I have had my computer crash three times already because of malware. *sigh* Thank you!
Good to see you guys rolling this out to the public. Too many times do you find non-tech savvy individuals with Virus protection software that detects viruses/malware, but not REMOVE the vulnerability.
That's the issue I'm experiencing. I downloaded the free virus removal tool, ran it, scanned it, waited 5 solid hours to scan just for it to tell me I have 1 Mal/Generic-S threat & cleanup was unsuccessful.
Question actually…would this be alright to use in conjunction with Trend Micro Security and not cause any problems? I would like to know before I download it..thanks!!
Hi,
It will work fine alongside any existing antivirus software.
I have been using Sophos in my Mac for a long time now and love the product. I also run Parallels on my system for when I need to run Windows only software, and will toss a Windows external drive on it from friends once in a while. I have never caught anything on my Mac, but I sure have on some of those drives!
I was unaware that Sophos also had a product for Windows, but now that I am aware of it, I can assure you that it will be on the PC’s that I own and those of the people who come to me for IT solutions. Yeah, I’m that geek people who know me call on to assist when they run into issues with anything electronic.
Thanks for providing another great tool for my “toolbox” Sophos!
Why would i need this if I already have the sophos antivirus ??
If your Sophos anti-virus is up to date, you probably won't find any additional malware, but if you see something suspicious and you want to double-check, it might be worth downloading this tool and running a scan. Its clean-up capabilities are designed a little differently, too. Remember though that this does not have on-access scanner, so I wouldn't use it instead of full anti-virus.
It says you can use it in addition to other antivirus programs. What about Microsoft Security Essentials? Would there be a conflict there?
will it work with already installed Norton???
I have tried to use it on a friends pc it detects but won't cleanup???
Yeah we built this to run alongside all major AV vendors
Is this for use on an iPad or other Macs?….your blog only mentions Microsoft.
This product is dedicated to Windows users.
Mac users can download the free Mac anti-virus, located at www.sophos.com/freemacav
For iPad and IPhone users, there is the Sophos Security Threat Monitor in the iTunes app store, though I don' t think this does any detection or disinfection, but it does provide information on the latest threats.
Hope this helps!
Why does it take more than 2 hours to scan surely that is not right
Sophos Virus Removal Tool scans for all known malware with the same thoroughness as our flagship commercial product, which does take time – though similar to other products' on demand scans.
Some other free tools run much quicker but they would only be scanning for a limited set of common threats.
Stephen Wassell (Sophos developer)
In reply to Julie-Anne and Karen – you can use Sophos Virus Removal Tool while another company’s anti virus software is installed, but if it has an on-access scanner you should disable that manually first (and enable it again when you’re finished).
The reason for that is their on-access scanner could block access to infected files when SVRT attempts to scan them, so preventing it from cleaning them up. It can’t just bypass all other companies’ on-access scanners – if that were possible all the malware would do it!
SVRT will work alongside other Sophos products without needing anything disabled.
Stephen Wassell (Sophos developer)
Ok – so I've got Norton. No idea whether it has an 'on-access scanner', or how to disable it. Their UI isn't exactly helpful in this regard …
I'm afraid I can't advise on how to turn off other products' on access scanners!
If you're not sure, go ahead and run Sophos Virus Removal Tool anyway – it's not going to cause any problems. The only risk is that your existing AV product may alert and block the files SVRT is trying to scan or clean up.
Great! An easy tool for everyone and not just for admins! But what about a CD-iso or USB-Stick-Iso (for writeprotect-enable sticks) to desinfect computers?
Can this product be used in conjunction with Auslogics Registry Cleaner, Malwarebytes, and Avast ? My current system is Windows XP Pro. Will it all work together ???
My questions is: why doesn't the anti-virus that I pay for, do all this anyway?
If I use Viper, what is the recommended procedure, and is it recommended?
Okay, don't laugh–but how do I tell if my anti-virus software has an on-access scanner and how would I disable such a thing?
I installed the free software this morning and ran a scan. When I got home from work I found that I had a virus that my other 2 malware removal programs never detected. Thank you Sophos!! I would recommend you to any one…
Who says they don’t? This is for those who want a second opinion and is NOT to be used as a primary antivirus since from what I’ve read it does not have a realtime protection mechanism (which mean it WILL NOT conflict with your existing av as it will only run when you start it). On the other hand, you need realtime protection to protect your pc between scans.
That's correct, this tool doesn't have an on-access scanner to offer realtime protection.
I am really surprised at how many people ask the EXACT SAME QUESTION. This probably bothers me more than the person that wrote the article, but please re-read the post. It is made to work with the currently installed anti-virus software. If your product is classified as an anti-virus solution, it will still work with this tool.
"How about Panda Anti-virus?"
"Is it an anti-virus?"
"Yes"
"Then yes"
It's really not that complicated.
From what I understand, to find rootkits such as the ZeroAccess kit described in one of your whitepapers, one would need to run an off-line scan. Do you have guidance for when one would need to run an off-line scan vs your Virus Removal Tool?
Thanks.
Sophos's threat detection engine can scan for rootkits in kernel memory. This means it can detect and – if all goes well – clean them even if they're already active and doing their best to be "invisible" and "ineradicable."
(We didn't explain this in the Zero Access article – since your comment we've updated it to list how we detect and deal with Zero Access and its components.)
Great! Thanks for the freebie tool. I use Norton via Comcast, but I find it sooooo cumbersome. It's great to have this Sophos tool to do a quick scan of my system. Plus, I know it's legit since it's coming from a security company that I'm very familiar with. Two thumbs ups!
The effectiveness of any anti-malware program that installs and executes on the operating system that it scans can (theoretically) be compromised by malware pre-existing (in memory or on disk) on the system being scanned.
Do you have a version that can operate in a known clean operating system (like a live Linux or Windows PE bootable DVD) and scan and clean an attached (mounted) disk volume of a suspected infected Windows OS?
I downloaded and ran Sophos Virus Removal Tool. I reported two dll files that belong to Drake Software (professional income tax preparation software), namely Drake09 and Drake10. These are false positives. How do I get Sophos Virus Removal tool to ignore these?
Maybe you can send the files in question to our labs for analysis.
Details on how to send us a sample here: http://www.sophos.com/support/samples/
Please include details of what you've experienced. Thanks!
Note to others: THIS TOOL IS NOT A REPLACEMENT FOR YOUR ANTIVIRUS!!! It is there to provide a "second" opinion and to offer help when your AV cannot be removed. This tool DOES NOT have real time scanning and only offer cleanup. It cannot protect you against viruses (only clean them up!).
This takes over 4 hours on my machine.
How do I get updates?
It did find two viruses that everything else missed!
Why does it need safe passage thru the firewall , which i did allow. For updates? I thought you had to sign up for the updates as per my quick scan/read of the help section.How many virus does it scan for ? Is it similar to avert's Stinger in the number of virus that it scans for ? Anyway i just clicked on the maximize in the upper right and nothing happened ? Though i am currently running my first scan with it, so far so good.
Fair enough.
Thats why I mess with Sophos! They have the IT worlds back! I'm only telling my certain users about this tool because I know a ton of other people that still believe 1 antivirus purchased means they are free of viruses forever! Its 2012. Don't you realize nothing is safe? 🙂
I downloaded and ran this program yesterday. I thought I signed up for notification of updates prior to the download being allowed. But from what I can tell one needs to check for updates prior to a new scan. Is this the case? The version I have downloaded is 2.0.
thanks
Tried to use it to remove Live Security Platinum but it kept scanning and scanning and scanning and I finally just canceled it because it continually said 0 threats. Can anyone help me???
I'm trying to get rid of Live Security Platinum right now. Hope Sophos works.
how much time to remove virus using sopos tool?????//
No, our malware removal tool doesn’t work on iPhones.
I downloaded sophos virus removal tool because of Andr/closer-A,but-I can’t open the exe file on my android tab.Am I being dense?What am I doing wrong?
The Virus Removal Tool is for Windows. For Android you need this:
http://www.sophos.com/en-us/products/free-tools/sophos-mobile-security-free-edition.aspx
very nice