Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 508 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to remove Win 7 Security 2011?

Trojan

Ran a full system scan on sophos 9.5.5 and it didnt find windows 7 security 2011.

How do i go about removing this?

Do sophos have a specific tool for this?

http://www.spywarevoid.com/remove-win-7-security-2011-win7-security-2011-removal.html

:10423


This thread was automatically locked due to age.
Parents
  • 0

    Hello Trojan,

    a general remark first. While FakeAV can be easily spotted by a human (and "specialised" scanners) it's hard to detect with proactive methods. "Universal" scanners (not only Sophos) don't work like these custom tools but they can get rid of the malware once a specific identity is available.

    If you detect some rogue "security tool" you should send a sample to Sophos. Include whatever looks fishy. If you can't collect it from the live system (as the file might be locked) either slave the disk or boot from an external medium. Sophos will issue new IDEs a few hours later and normally SAV will then remove the malware. Most of the time on-access will prevent it from running after a reboot and a full scan will remove the remains and any vectors and helpers. Sometimes you have to run SAV32CLI in safe mode. Only in very few cases special action is required.

    Again: Please send the samples - if you need assistance Support will gladly help you.

    Christian 

    :10429
Reply
  • 0

    Hello Trojan,

    a general remark first. While FakeAV can be easily spotted by a human (and "specialised" scanners) it's hard to detect with proactive methods. "Universal" scanners (not only Sophos) don't work like these custom tools but they can get rid of the malware once a specific identity is available.

    If you detect some rogue "security tool" you should send a sample to Sophos. Include whatever looks fishy. If you can't collect it from the live system (as the file might be locked) either slave the disk or boot from an external medium. Sophos will issue new IDEs a few hours later and normally SAV will then remove the malware. Most of the time on-access will prevent it from running after a reboot and a full scan will remove the remains and any vectors and helpers. Sometimes you have to run SAV32CLI in safe mode. Only in very few cases special action is required.

    Again: Please send the samples - if you need assistance Support will gladly help you.

    Christian 

    :10429
Children
No Data
Unfiltered HTML