Sophos Endpoint is detecting a CryptoGuard detected ransomware in C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2302.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
I am unsure of the reason behind this detection and would appreciate your help in resolving this issue.
Hi TareK ,
Thank you for reaching out to the Sophos Community Forum. Would you be able to confirm what occurred on the device at the time of this detection? Was the application being used to download or share files?
After finding out what occurred on the device, and if you trust the application, you may apply the exclusions provided in the following article: https://support.sophos.com/support/s/article/KB-000039184?language=en_US
Let me know if this helps.