Does Sophos Endpoint use DNS for comms with Sophos Central? I've seen lots of DNS queries of type TXT going to urls along the lines of: 3.1o198r00n57o62rrp3743xxxxxxxxn7p8n1p328q8uew742o437qp83152.48s2p9q4on2q5892367xxxxxx497rs238p3qp2859q3pp2q02nq2…

Hi, i installed Sophos Endpoint Security and Control 1.4.0 Cloud Server; unfortunatly, it blocks my software (not a virus) and it (the software) doesn't work fine. I read all the FAQ and the Help-On-Line but i couldn't understand how i can resolve my…

I'm currently having an issue with just one PC. This started a month or so ago when 10.6.4 was applied to all of the clients via the Recommended update policy. Network Threat Protection, System Protection, Remote Management System, AutoUpdate and Endpoint…

Hi all, I running into problem trying to run the SophosEndpoint.exe created by Sophos Deployment Packager (1.2) on a Windows 2012 server virtual machine. When I run as administrator on Windows 2012 server virtual machine, nothing happens. If I run…

I am an IT service provider and I've just picked up a group of laptops from which the client would like Sophos Endpoint Agent removed. I'm brand-new to Sophos. Programs & Features control panel says it's version 11.5.0. I've been able to disable tamper…

According to my UTM I have a workstation infected with C2/Zbot-A . Sophos Endpoint is detecting nothing on this machine. I'm installing Malwarebytes to see if it'll catch anything. I'm finding no trace of this infection. My main issue/concern is why the…

I am unable on two computers to disable tamper protection. I log onto the Sophos Endpoint Protection using the tamper protection password. I switch the tamper slider to off and then try to go uninstall the software and it tells me to disable tamper protection…

Hi I have problem that on some Computers in Event viewer are many Errors that sounds like: "A fatal alert was received from the remote endpoint. the TLS protocol defined fatal alert code is 40." Source Schannel Event ID 36887. I have read this community…

Hi all I'm new to Sophos, so my apologies if the solution is blatantly obvious! I have a technician who is required to connect to a Checkpoint extender client to remotely access clients. The process he follows is: Connects to a website which checks…

Sophos Endpoint won't install even after I've ran the removal program. new to sophos so what do i do?

Die Deinstallation ist nicht möglich: "Deinstallation fehlgeschlagen. Sophos Anti-Virus MSI nicht auffindbar." Auch eine erneute Installation (überschreiben) verändert die Ausgangssituation auch nicht. Uninstall impossible: "Uninstall failed. Sophos…

Hi all, Hoping that someone has seen this before and may be in a position to assist. I have a case open with Sophos Support, but they appear to have gone into hiding on me .. I have a test environment, which has been setup in on isolated network.…

Hello, Iv'e a problem with a Sophos endpoint, I've 1 pc with windows 7 and from two days I've these events: Event User Device When Failed to install savxp: OS component missing or too old. STZ-OB\Admin STZ-OB 12/7/16 8:15 AM Failed to install…

All, Is it possible to "Exclude" a volume(s) on a Netapp, from On-Access Scanning? If it is, what would be the settings and proper format? For example, for "Item Type", would it be a "Folder", with the "Item Name" being "\vol\volume_name\"? Thank…

Hi to all. It's impossible to install SOPHOS ENDPOINT PROTECTION. It sets up SOPHOS MANAGEMENT COMMUNICATIONS SYSTEM and SOPHOS AUTOUPDATE XG, but doesn't ANVIVIRUS. The installations always finish showing this message: "Sophos Endpoint Security…

Hello Everyone... I am using the license version of Sophos Endpoint Security & Control. I am trying to scan the file via Command Line Tool " Sav32Cli.exe " but for some reason I am not getting the output code in the console window. I am getting the…

I have recently installed Sophos UTM 9.4 Home. I have not set about doing mu, except installing Sophos endpoint AV on a few systems. It would seem that the end point installed machines are not able to D/L any file and some (not all) are getting a notification…

Hi, I have events triggered to a known CnC server. I see the events triggered on my NIDS from my internal sources (running Endpoint Advanced) and looking at the Sophos Firewall logs I see that swi_fc.exe connected to the IP address of the CnC server…

I would like to have advise on this strange issue. When I started my laptop, Sophos reported 78 (later 71) new Virus/spyware threats, all with the name GFP/Emds-A. See screenshot below. I searched for this threat on the Sophos site, finding out that…

Hi I wonder if anyone can give me any advice? I've enabled Sophos Application Control and Applications themselves seem to be being blocoked without issue. I've noticed however that Browser Plugins which I have chosen to be blocked by Application…

Hi Guys, Have an issue with an endpoint now showing up in Sophos, tried running an update but the machine is not showing up. I cannot re-install the agent as tamper protection has gone through already to the device, but because I cannot see it in…

When I try to run EnabelDebugging as disctrbed in How to enable verbose logging... the SAVService stops and I get this error: - C:\>EnableDebugging.exe Stopping service 'SAVService' Error: Unable to create DOM document instance COM error: -2147221164…

Hi, I saw on other topics that we can exclude process for the realtime scan (many like https://community.sophos.com/products/endpoint-security-control/f/3/p/4011/9339 ) . I tried to do the same, with 2 basics process : notepad.exe and savtst32.exe…

We have just installed Sophos end point protection. During a scan of an old Tar file of an archived project, we received a notification that this trojan was part of the tar. There is nothing in the Sophos page regarding this, the page that catalogues…

Hi everyone, Just want to find out if there a way to set the said advanced scanning options from SEC or via Windows registry or any config files? Thank you in advance.