This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

We just had our first hit for cryptoguard.

 We got an alert this morning that it stopped a ransomeware, but my only options are to mark it resolved or close it. I would like to find what click, process, action triggered the problem but I do not see anything in the logs that helps me. What am I doing wrong, what information do I need to provide the forum?

DAve



This thread was automatically locked due to age.
Parents Reply
  • Duh, click on the file in the Artifacts list and a new pane opens on the right side. Thank you.

    Sophos actually found a  file left behind from a seven year old Ransomeware attack we experienced. We had removed and replaced from backup the affected files, but missed a directory. When a file from that directory was accessed this morning, Sophos caught it and stomped it

    As an aside, who decided that light grey on white was a good UI design? I am seeing that all over software and the internet and it is very very hard to use. Just my Friday rant.

    Thanks,

    DAve

Children
No Data