This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CryptoGuard detected ransomware in C:\Program Files\Sophos\Endpoint Defense\SophosCleanup.exe

Dear All,

im facing CrytoGuard detected on sophoscleanup.exe

CryptoGuard detected ransomware in C:\Program Files\Sophos\Endpoint Defense\SophosCleanup.exe

anyone encountered this issue before?



This thread was automatically locked due to age.
  • Hi Lim Woei Kang,

    Thanks for reaching out to the Sophos Community Forum. 

    If you are looking for an immediate workaround, I'd suggest deploying the hotfix package for Intercept X.
    Sophos Exploit Prevention cumulative hotfix

    If you would like to look into why this issue occurred, try checking the details on the detection event. You can also find this information in the Windows Application Event Log by filtering for Event ID 911.

    It is quite strange that SophosCleanup.exe would be detected, so you may also want to raise a support case regarding this issue. If you do choose to go that route, please send me a private message with the case ID so I may inquire further. 

    Kushal Lakhan
    Team Lead, Global Community Support
    Connect with Sophos Support, get alerted, and be informed.
    If a post solves your question, please use the "Verify Answer" button.
    The New Home of Sophos Support Videos!  Visit Sophos Techvids