I have come across this many times. We receive an alert that 'C2/Generic-B' was detected but nothing was done. Run a full Sophos scan and says it is "Not Cleanable" In the meantime, the device is likely talking to Russia and sniffing through the…

I'm running a full scan on a PC running Sophos Endpoint Security and Control version 10.6, managed by Sophos Enterprise Console. I get the error 'Administrator rights required for rootlet scan'. As this endpoints is managed by the SEC, how can I enable…

Hello, We have sophos endpoint protection and exploit protection on over 100 systems. I am seeing the below message spam event viewers on several systems several times a second which to me sounds like there is a likely performance slowdown due to it…

Hello, I have recently migrated our Enterprise Console onto a new server and have successfully managed to point endpoint machines to the new updating server via the use of OU Containers and Group Policies. The problem is we have some machines…

Hi We've been using Sophos Endpoint Protection for many years now and while we have found it protects our systems, I am looking at other products to provide protection against specialist malware - in particular zero-day ransomware. I am familiar with…

Hi guys, Im using the Application Control policy in our SEC (version 550). Does somebody know, how to create a (simple) list/view from the applications that i have blocked in the policy? Greetings, Jeffrey

Hi All, After reading this new promotional website: https://www.sophos.com/en-us/lp/ransomware.aspx it seems that Sophos AV itself is not strong enough to mitigate or prevent the Malware in spreading out, hence additional software is required for purchase…

Hi Folks, We have a Sophos Central Server Protection, and we're looking for a way to setup a scheduled scan for a shared network folder. Could you please advice if that's possible to do at all and if it is how to do it. I was thinking of mapping…

HI, I have a bunch of machines in our DMZ which pickup their defs from our on prem enterprise console server runnign 5.5.0 some of them get an error 'Decode operation failed. Details: License has expired. Please renew your license and force an update…

This is less question and more of an FYI as I had this issue but have solved it and am sharing as there were't any resources I found here that helped with this issue. BACKGROUND: Piloting Windows 10 and implementing new Security GPOs using Microsoft…

Hi, How do i clear out the Quarantine of a endpoint from either the console or end users computer. I have searched everywhere I can think of and cannot find a way. Thanks James

People, All of my workstations and the servers are running Sophos Endpoint Security and Control v10.7 while the Management Server is running Sophos Enterprise Console version 5.2.2 Can anyone here please share some tips and steps on how to configure…

Does anyone know how to stop Sophos from scanning at startup? When we first start or restart the PC, we have to wait around 10 to 20 minutes before we can use our PC, CPU and Memory is highly utilised. This happens to our clients too as we supply…

Hi All, i have installed the Sophos enterprise control 5.5.0 in windows 2012 server. i dont have AD connections to all the client servers. So i wanted to add them manually. installed the sophos through the shared folder from sophos server. when…

Hello, i am tying to generate an clientpackage for Windows via the CLI: DeploymentPackager.exe -cli -mng -cidpath "d:\sophosrepo\Uudate Manager\CIDs\S000\SAVSCFXP\" -sfxpath "d:\sopftware\output\" -crt R. But it generates an error, that the Source…

Hey all, Thanks in advance for your time to read and comment!! We are new to Sophos great suite of products and stuck trying to install Advanced EndPoint Protection via Sophos Central. Our question: Where can we find training on this particular…

Hi , I've a issue with client machine , client have manager by SEC, SEC license is working , but now client show license has expired message . I collect sdu log and find sau setup log : 28-03-2017 15:28:28 Successfully requested Sophos Endpoint…

Yesterday morning there was an update to our console that put Adobearm.exe in the list of blocked applications in which it had not been ever. We've moved it to the 'allowed' listing and pushed out the update to all end points. That doesn't seem to have…

Hello Community, We use a new SEC and had a lot of 80070002 Errors when trying to protect Computers. While having a look at the fsmgmt.msc on our Fileserver I noticed, that It didnt try to acces the network share as <administrator account> or SophosUptMgr…

Hi, We've recently blocked access to mail.google.com on one of our web control policies. I can see that this is working, and has successfully stopped some users access to gmail. However, one user is still able to access mail.google.com, even though…

Hello, I recently inherited a network running Sophos on all client machines. Our client machines are primarily all running Mac OSX although we do have a few booting into W7. When I connected to our Sophos server, I'm noticed a message on the majority…

This is more of an information post to be honest, but could not find a more suitable place to post it! I spent some time searching for the two error codes that I was seeing, but could not find any knowledge base article that dealt with them directly.…

Hi all, I am in the process of moving our AV solution from McAfee 8.x to Sophos Central. I was wondering if anyone has done this before in their environment and what their experience was? We have approx. 7,000 machines which are 90% Windows 7 and…

I need to monitoring the client status, so i need to check if the client it's ok or was find a virus/PUA. I need to extract this information to create a script that send it to our monitor

I have a standalone Sophos client which is failing to update and shows connecting to server, but never connects when I manually run the update. iconfig file shows ConnectionAddress=http://es-web-2.sophos.com/update/ . I am unable to ping or resolve…