Hi Everyone,
Customers using Sophos Anti-Virus on an endpoint or server may see error messages in the C:\ProgramData\Sophos\Sophos Anti-Virus\logs\SAV.txt logs files similar to the below:
- Suspicious behavior detection encountered an error while checking behavior of process 'C:\Windows\System32\taskhostex.exe'.- 20180507
- Suspicious behavior detection encountered an error while checking behavior of process 'C:\Windows\System32\wuauclt.exe'.20180525
- Suspicious behavior detection encountered an error while checking behavior of process '\\?\globalroot\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe'.20180514
- Suspicious behavior detection encountered an error while checking behavior of process 'C:\Windows\System32\ie4uinit.exe'.20180514
This is caused by an update in April 2018 to the HIPS rules on the device.
This error message can be ignored, it does not cause any side effects and does not harm protection. For more details refer KBA 132249.
This thread was automatically locked due to age.