How to test the new Intercept X features?

Update: 4/3/2020 - This test tool is no longer available. More info to come.


EFS Guard

Dummy (Unsigned) ⇒ Ransomware ⇒ EFS

Note: it is important to choose the unsigned version of "Dummy", as the signed version is allowed to encrypt files.

Dynamic Shellcode Protection

Dummy ⇒ Code exploits ⇒ Dynamic Shellcode (HeapHeapProtection)

CTF Guard

Dummy ⇒ Process protection ⇒ CTF Service exploit


Dummy ⇒ Code exploits ⇒ LoadLib APISet

Parents Reply
  • Sorry it was a .exe, yes of course. It's bad that I connot upload a picture here. Anyhow, it was detected as ML\PE-A Root Cause Firefox. Firefox downloaded sophostester.exe. Sophostester_unsigned.exe triggered the event. It's only an information for the vendor. For me as a customer it's a little bit confusing that a vendor owned program is detected and there is no global exclusion for this tool as default. Cheers!

No Data