Free Virus Removal Tool for download from Sophos

Filed Under: Featured, Malware

Sophos free Virus Removal ToolYou know that feeling when you're pretty sure your Windows machine *might* be infected, but your anti-virus finds nothing?

Or worse, your anti-virus does detect malware, but the instructions to disinfect and rid your system of the malware are so complicated that you want to pull out your hair?

Well, Sophos has just released its Virus Removal Tool. Designed to be child's play to use, it detects and, more importantly, disinfects all those nasty viruses, spyware, rootkits and even fake anti-virus with its flagship industrial-strength anti-virus.

Best of all it is free, and for Naked Security readers, there are no details to enter before you can download and use it.

Actually, really best of all, there is no need to remove existing anti-virus that is already installed.


For the past year or so, the Virus Removal Tool has been used by some of Sophos's biggest customers to disinfect complicated malware that sneaked onto a poorly protected computer, but this is the first time Sophos has released this tool to the public at large.

Sophos has also provided a free support forum called Sophos FreeTalk where you can ask any questions about this and other free Sophos products.

The majority of our readers are pretty security conscious, and we know from experience that many of you are probably the IT guy or gal called upon to help family and friends sort out their computers when things go awry. Sophos hopes that this tool will make your lives a little bit easier.

Sophos's free Virus Removal Tool

Lastly, Sophos would love to hear your thoughts on its Virus Removal Tool. It sees this as a tool worth investing in, but the company wants to make sure it gets your thoughts first so it can prioritise any improvements accordingly.

, , , , , , , , ,

You might like

53 Responses to Free Virus Removal Tool for download from Sophos

  1. Keith · 1270 days ago

    Is this available for putting on, and running from, a USB key/flash drive?

    • Stephen Wassell · 1270 days ago

      If you want to run the tool on a computer that’s not connected to the internet, the safest way is to download the installer (Sophos Virus Removal Tool.exe) on a different computer, write it to a blank CD, and run the installer from the CD on the disconnected computer.

      Be careful about using a USB drive, because plugging one into an infected computer may cause the USB drive to become infected, and spread the malware to any other computer you plug it into afterwards.

      Stephen Wassell (Sophos developer)

      • Keith · 1270 days ago

        Many thanks Stephen, much appreciated

      • Kelvin · 1270 days ago

        That's why I use a USB flash drive that I can mount in Ready-Only mode. I don't know why there's not a lot of flash drives out there that have this capability.

  2. Linus · 1270 days ago

    Sounds great! Does it work with Mac os x?

  3. Christy · 1270 days ago

    Well, I'm not an IT person. I'm the "Oh, crap! What did I do now?!", person, so anything to help with viruses is greatly appreciated by me. I have had my computer crash three times already because of malware. *sigh* Thank you!

  4. Steve Jackson · 1270 days ago

    Good to see you guys rolling this out to the public. Too many times do you find non-tech savvy individuals with Virus protection software that detects viruses/malware, but not REMOVE the vulnerability.

    • LiLRoCKgrl · 1270 days ago

      That's the issue I'm experiencing. I downloaded the free virus removal tool, ran it, scanned it, waited 5 solid hours to scan just for it to tell me I have 1 Mal/Generic-S threat & cleanup was unsuccessful.

  5. Julie-Anne · 1270 days ago

    Question actually...would this be alright to use in conjunction with Trend Micro Security and not cause any problems? I would like to know before I download it..thanks!!

  6. Brian Rossbach · 1270 days ago

    I have been using Sophos in my Mac for a long time now and love the product. I also run Parallels on my system for when I need to run Windows only software, and will toss a Windows external drive on it from friends once in a while. I have never caught anything on my Mac, but I sure have on some of those drives!

    I was unaware that Sophos also had a product for Windows, but now that I am aware of it, I can assure you that it will be on the PC's that I own and those of the people who come to me for IT solutions. Yeah, I'm that geek people who know me call on to assist when they run into issues with anything electronic.

    Thanks for providing another great tool for my "toolbox" Sophos!

  7. conradhenney · 1270 days ago

    Why would i need this if I already have the sophos antivirus ??

    • caroletheriault · 1202 days ago

      If your Sophos anti-virus is up to date, you probably won't find any additional malware, but if you see something suspicious and you want to double-check, it might be worth downloading this tool and running a scan. Its clean-up capabilities are designed a little differently, too. Remember though that this does not have on-access scanner, so I wouldn't use it instead of full anti-virus.

  8. Karen · 1270 days ago

    It says you can use it in addition to other antivirus programs. What about Microsoft Security Essentials? Would there be a conflict there?

  9. philip · 1270 days ago

    will it work with already installed Norton???

  10. Claire · 1270 days ago

    I have tried to use it on a friends pc it detects but won't cleanup???

    • Shai Gelbaum · 1257 days ago

      Yeah we built this to run alongside all major AV vendors

  11. Judi walker · 1270 days ago

    Is this for use on an iPad or other Macs?....your blog only mentions Microsoft.

    • caroletheriault · 1270 days ago

      This product is dedicated to Windows users.

      Mac users can download the free Mac anti-virus, located at

      For iPad and IPhone users, there is the Sophos Security Threat Monitor in the iTunes app store, though I don' t think this does any detection or disinfection, but it does provide information on the latest threats.

      Hope this helps!

  12. Sean o Donnell · 1270 days ago

    Why does it take more than 2 hours to scan surely that is not right

    • Stephen Wassell · 1270 days ago

      Sophos Virus Removal Tool scans for all known malware with the same thoroughness as our flagship commercial product, which does take time - though similar to other products' on demand scans.

      Some other free tools run much quicker but they would only be scanning for a limited set of common threats.

      Stephen Wassell (Sophos developer)

  13. Stephen Wassell · 1270 days ago

    In reply to Julie-Anne and Karen - you can use Sophos Virus Removal Tool while another company’s anti virus software is installed, but if it has an on-access scanner you should disable that manually first (and enable it again when you’re finished).

    The reason for that is their on-access scanner could block access to infected files when SVRT attempts to scan them, so preventing it from cleaning them up. It can’t just bypass all other companies’ on-access scanners – if that were possible all the malware would do it!

    SVRT will work alongside other Sophos products without needing anything disabled.

    Stephen Wassell (Sophos developer)

    • Ian · 1270 days ago

      Ok - so I've got Norton. No idea whether it has an 'on-access scanner', or how to disable it. Their UI isn't exactly helpful in this regard ...

      • Stephen Wassell · 1270 days ago

        I'm afraid I can't advise on how to turn off other products' on access scanners!

        If you're not sure, go ahead and run Sophos Virus Removal Tool anyway - it's not going to cause any problems. The only risk is that your existing AV product may alert and block the files SVRT is trying to scan or clean up.

  14. Chris · 1270 days ago

    Great! An easy tool for everyone and not just for admins! But what about a CD-iso or USB-Stick-Iso (for writeprotect-enable sticks) to desinfect computers?

  15. Wanda Schmidt · 1270 days ago

    Can this product be used in conjunction with Auslogics Registry Cleaner, Malwarebytes, and Avast ? My current system is Windows XP Pro. Will it all work together ???

  16. My questions is: why doesn't the anti-virus that I pay for, do all this anyway?

  17. Kaf · 1270 days ago

    If I use Viper, what is the recommended procedure, and is it recommended?

  18. hazel · 1270 days ago

    Okay, don't laugh--but how do I tell if my anti-virus software has an on-access scanner and how would I disable such a thing?

  19. Sally Martins · 1270 days ago

    I installed the free software this morning and ran a scan. When I got home from work I found that I had a virus that my other 2 malware removal programs never detected. Thank you Sophos!! I would recommend you to any one...

  20. Who says they don't? This is for those who want a second opinion and is NOT to be used as a primary antivirus since from what I've read it does not have a realtime protection mechanism (which mean it WILL NOT conflict with your existing av as it will only run when you start it). On the other hand, you need realtime protection to protect your pc between scans.

    • Stephen Wassell · 1270 days ago

      That's correct, this tool doesn't have an on-access scanner to offer realtime protection.

  21. RANDOM ANNOYANCE · 1270 days ago

    I am really surprised at how many people ask the EXACT SAME QUESTION. This probably bothers me more than the person that wrote the article, but please re-read the post. It is made to work with the currently installed anti-virus software. If your product is classified as an anti-virus solution, it will still work with this tool.

    "How about Panda Anti-virus?"
    "Is it an anti-virus?"
    "Then yes"

    It's really not that complicated.

  22. JDC · 1270 days ago

    From what I understand, to find rootkits such as the ZeroAccess kit described in one of your whitepapers, one would need to run an off-line scan. Do you have guidance for when one would need to run an off-line scan vs your Virus Removal Tool?


    • Paul Ducklin · 1269 days ago

      Sophos's threat detection engine can scan for rootkits in kernel memory. This means it can detect and - if all goes well - clean them even if they're already active and doing their best to be "invisible" and "ineradicable."

      (We didn't explain this in the Zero Access article - since your comment we've updated it to list how we detect and deal with Zero Access and its components.)

  23. Karen Spring · 1270 days ago

    Great! Thanks for the freebie tool. I use Norton via Comcast, but I find it sooooo cumbersome. It's great to have this Sophos tool to do a quick scan of my system. Plus, I know it's legit since it's coming from a security company that I'm very familiar with. Two thumbs ups!

  24. Vincent Cina · 1270 days ago

    The effectiveness of any anti-malware program that installs and executes on the operating system that it scans can (theoretically) be compromised by malware pre-existing (in memory or on disk) on the system being scanned.

    Do you have a version that can operate in a known clean operating system (like a live Linux or Windows PE bootable DVD) and scan and clean an attached (mounted) disk volume of a suspected infected Windows OS?

  25. Norman · 1270 days ago

    I downloaded and ran Sophos Virus Removal Tool. I reported two dll files that belong to Drake Software (professional income tax preparation software), namely Drake09 and Drake10. These are false positives. How do I get Sophos Virus Removal tool to ignore these?

  26. Note to others: THIS TOOL IS NOT A REPLACEMENT FOR YOUR ANTIVIRUS!!! It is there to provide a "second" opinion and to offer help when your AV cannot be removed. This tool DOES NOT have real time scanning and only offer cleanup. It cannot protect you against viruses (only clean them up!).

  27. Kevin Norman · 1269 days ago

    This takes over 4 hours on my machine.
    How do I get updates?
    It did find two viruses that everything else missed!

  28. Dented Lion · 1268 days ago

    Why does it need safe passage thru the firewall , which i did allow. For updates? I thought you had to sign up for the updates as per my quick scan/read of the help section.How many virus does it scan for ? Is it similar to avert's Stinger in the number of virus that it scans for ? Anyway i just clicked on the maximize in the upper right and nothing happened ? Though i am currently running my first scan with it, so far so good.

  29. roy jones jr · 1260 days ago

    Thats why I mess with Sophos! They have the IT worlds back! I'm only telling my certain users about this tool because I know a ton of other people that still believe 1 antivirus purchased means they are free of viruses forever! Its 2012. Don't you realize nothing is safe? :)

  30. Elaine · 1234 days ago

    I downloaded and ran this program yesterday. I thought I signed up for notification of updates prior to the download being allowed. But from what I can tell one needs to check for updates prior to a new scan. Is this the case? The version I have downloaded is 2.0.


  31. Michele Williams · 1218 days ago

    Tried to use it to remove Live Security Platinum but it kept scanning and scanning and scanning and I finally just canceled it because it continually said 0 threats. Can anyone help me???

    • Brad · 1117 days ago

      I'm trying to get rid of Live Security Platinum right now. Hope Sophos works.

  32. rukmangadan · 1062 days ago

    how much time to remove virus using sopos tool?????//

  33. No, our malware removal tool doesn't work on iPhones.

  34. Amanda Wright · 295 days ago

    I downloaded sophos virus removal tool because of Andr/closer-A,but-I can't open the exe file on my android tab.Am I being dense?What am I doing wrong?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Hi. I am a social, brand and communications expert with 10 years in senior roles in the tech space. I'm currently Sophos' s Global Director of Social Media and Communities. Proudest work achievement? Creating and launching award-winning Naked Security. Outside work, I am a mean cook, an avid reader, a chronic insomniac, a podcast obsessive and blogger .