• Slow performance on Sophos Endpoint protected systems

    Hi, we're having general problems with the endpoints that are protected by sophos endpoint. We have all computer connected to sophos central and in general we did not have any security issues, but we see that some activities became very slow (mainly…
  • Systray Sophos non affiché après installe Sophos en ligne de commande

    Bonjour, Nous rencontrons un problème quand on installe Sophos en ligne de commande (SophosSetup.exe --products=antivirus,intercept,xdr --quiet ) le logiciel d’installation Sophos se lance bien, l’installation se fait correctement. Le seul problème…
  • Endpoint Web Protection - max link length? Adobe Creative Cloud download fails

    We could not download Adobe creative cloud. It just did not work. No message by the endpoint at all. It works when disabling Web Protection in the Endoint. There is one block message in the endpoint event log for a totally weird Adobe Download URL…
  • Website block message customization in sophos central

    Hi Team, It's been 5+ years since we asked this, and we would like to ask if we can now customize messages for blocking websites in Sophos central.
  • Browser not working, but internal network resources accessible, able to PING, TRACERT, and NSLOOKUP

    Hi all, My company is using Intercept X managed on Sophos Central (200+ terminals). 2 weeks back some users started facing the issue of their browsers not loading any web pages at all, resulting in timeout. This is regardless of browser type, be it…
  • can't uninstall

    SOPHOS Endpoint Agent cannot be uninstalled on a specific computer. When I try to uninstall, it is blocked Message 'AmsiRegistrationProtection' exploit blocked in Admin Application Authorization UI Uninstalling other apps and executing commands are…
  • Can not install sophos cloud client ( Windows )

    Dear All I would like your support, I try to deploy sophos client to our client, I download installation file from console, but install is failed I already check on firewall, it no block, for log file it show 2023-07-10T05:18:16.0211113Z…
  • Custom Query Intermittent Results

    We have created a custom query to allow us to find specific file names and path on any system within our tenant. SELECT file, path FROM sophos_file_journal WHERE file LIKE '$$Filename$$'; This is very temperamental, as it will sometimes return a result…
  • hi team i stuck at downloading for 1 hr plus and it show failed for the cache and relays server installation. Urgent case please give a hand on these ?it happen suddenly after done all the requirement its still fail and keep showing downloading.

  • DynamicShellCode - Event Log Service

    I am getting hundreds of these error messages. Uninstalling and reinstalling Sophos hasn't helped. What can I do to either stop these messages or fix the root cause?
  • Controlled application blocked: Microsoft Powershell

    I've seen a few posts already about this but nothing in recent years. I've turned on Application policy to try an prevent misuse of PowerShell and other tools. However its raised a large number of regular (hourly) alerts on most of the endpoints. Suggests…
  • Intercept X - core agent updates

    Hello everyone, is it usual, that Core Agent Version doesn´t change on the devices? All of our devices are still on 2022.4.3.1. I always thought Intercept X updates itself completely automatic. Screenshots of the "Agent Summary" in sophos central…
  • Windows VPN not connection. Error 809

    Hi, I use multiple Windows VPN connections and DrayTek VPN connections to connect to my clients and last week all the windows vpn connections stopped working. I have tried everything I can find on the web to resolve and I want to rule out/determine whether…
  • Sophos Endpoint products compatibility issue with Azure Code Signing (ACS) program

    Hello everybody, Does Sophos Endpoint products must be running a version of Microsoft Windows that has been updated to support the Azure Code Signing (ACS) program, which replaced the deprecated cross-signing program? Windows support for the Azure…
  • Sophos Endpoint: Accessing LAN or WLAN takes up to several minutes

    Hey guys For the past two years, we have been using Sophos Intercept X with an XG210 firewall in our company. Since then, we've been experiencing difficulties establishing network connections with our LAN or WLAN. The main issue is that the endpoints…
  • Malware Quarantine

    Hi, Im getting this error in Sophos central for our client PC. "Malware or potentially unwanted applications in quarantine" How am i going to clean this? and if where is the location of the quarantine folder? Thanks, nidz
  • Sophos blocked "ALVA" PDF creation/ printing - it only worked when Sophos Endpoint Agent was reinstalled

    We're using the software "ALVA" by Ascherslebener Computer GmbH. Yesterday there was a scheduled update install of "ALVA". After installing the update you were not able to create or print any files out of the "ALVA" software. Also there was no error message…
  • SOPHOS INTERCEPT X - PORT SCAN DETECTION

    Greetings very good afternoon community! I have a question. Is the endpoint capable of detecting and reporting a port scan? That it has been executed on the network and towards computers that have the Endpoint installed? I have seen that the Sophos…
  • Sophos Endpoint using 50GB of Ram on Clients

    Not sure what has happened Sophos was asking for a reboot dure to an update on many computer last week and this week machines are being crippled. 50GB of memory usage, alerts in Windows were out of Virtual memory (When is the last time you ever thought…
  • Mal/HTMLGen-A

    One of our user has " Outbreak detected " report due to the following domain access. does this site really have any issue or this is an wrong detectection, as much as I can see it blocked image files only ? if no how sophos going to resolve it? https…
  • Manual malware cleanup required: 'Unknown Threat' at 'null'

    Hello everybody. I've never seen this type of behavior. How to proceed in this case? Description Manual malware cleanup required: 'Unknown Threat' at 'null' More information We tried to clean up a threat but failed. Thanks
  • Sophos me esta bloqueando una pagina que indica Mal/HTMLGen-A

    Sophos no deja entrar a mis usuario a una pagina de gobierno ( egob.finanzas.cdmx.gob.mx/.../a ) porque una aplicación que usa la categoriza como "Mal/HTMLGen-A". Ya puse la pagina en una whitelist y nada.
  • Sophos Endpoint Agent doesn't use Message Relay and fails Update

    Hello Community, i recently started deploying the Sophos Endpoint(/Server?) Agent to our Servers. These servers don't have internet access and i have set up a Update Cache Server with Message Relay. I perform the installation with a customized script…
  • Threat Analysis Center / Detections: "Vulnerability SRP path rules missing" caused by MDR checks

    The detections section in Threat Analysis Center is filling with many of these events caused by MDR checks. SRP seems to be related to Microsoft Software Restriction Policies. What is the intension of this check? "COMPLIANCE-SRP-DISALLOWED-PATHS…
  • Access of Bluetooth

    I would like a setting from Sophos central to have block Bluetooth but only connect Bluetooth headphones which only transmits 2-way (in and out) audio but no data or file sharing. It is Possible or not...? If it possible then please guide me...!