Credential theft has been blocked by the Registry Console tool

Question

Dear development team, 
 Support told me to post a feature request to the community. 
 I'm getting a lot of warnings every day saying "Credential theft has been blocked by the Registry Console tool". 
 When I consulted with support, I was told that the cause was CheckStatus.bat of Npcap installed on the PC. 
 The Npcap vendor says there are no security issues. 
 Sophos Support says this warning cannot be exclude. 
 Checking for this warning takes time every day, so please allow it to be exclude. 
 If exclusion is not possible, please include the Process Trace information in the email for easy review. 
 Best regards.

Qoosh · Answer

Thanks for reaching out to the Sophos Community Forum. 
 If the application in question is one that you trust, you can also use the steps in the following article to white-list the application from scanning. I suggest giving this a try if it has not yet been attempted. - Stop checking for all exploits on an application 
 I will reach out to you via PM to share further guidance on submitting feature requests.

Credential theft has been blocked by the Registry Console tool

Top Replies