One of our customers is experiencing massive performance issues (slow downs and sometimes freezes) while working with Autodesk AutoCAD (2022). The CAD files he's working on are stored on a network share and he usually has about 3-4 open at a time. …

Dear development team, A PUA has been detected, but the filename or hash does not provide details. I want to restore the file to check the details, but I cannot restore it unless I allow it from the event on the device management screen. It is dangerous…

We getting this alert few days ago. Can somebody help me to understand it legit or not? Thank you in advanced. Endpoint Type: Computer OS: Windows Device: HoKahMunNB Ransomware: uid: 0bcd57bb-ee99-4a28-b0d0-ec76291e25f4 family_id: 8f45804d…

We have a print driver that does PDF conversion of your document then uploads to our printshop. Every time someone on a Windows computer uses this driver it is opening an investigation. When I look at the investigation I can see that the print spooler…

Hi, guys Does anybody experience in file recovery that have been cleaned by sophos intercept X, actually I’m working on POC right now and one of my client’s application suspected as PUA, based on our intercept X behaviour, the file will be recover…

How to restore a threat file that has been cleaned up？ （The self-developed program was considered a threat file, so it was cleaned up during the copying process.） How can i restore the file?

Hi I have the same issue as the users in this thread. https://community.sophos.com/community-chat/f/discussions/108211/rop-exploit-prevented-in-microsoft Our users are trying to use a VoIP tool called VoIPOffice Communicator and Sophos is blocking…

There is one client that does nothing else than reporting WipeGuard preventions. Even for Sophos Processes. What's the use of that feature and log? Initial Detection: WIN-MITRE-Behavioral-TA0040-T1561.002

Real Time sanning is (or seems to be) causing major performance issues for our developers when they are creating a project using yarn to assemble the repositories, even if they have cached the files or have them in a local repository. Can the scans be…

We are rolling out Sophos on our servers. One server holds the software repository with company software installers and a lot of tooling for us sysadmins. As one can guess, Sophos detects several PUA's, like Nirsoft apps, TightVNC, a.s.o. We and…

I have a couple of computers that when downloading, it will stay at 100%. will not allow you to open the file/ will not open "Show in folder".... I can go to my downloads page and I can access it and run the download from there. So after so much troubleshooting…

Why would someone want to add the directory %programfiles(x86)%\Sophos\Sophos Anti-Virus\ as an exclusion from scanning for threats in the Threat Protection Policy?

Hello, I use an IPSecVPN / SSL VPN connection in conjunction with Sophos Endpoint Protection on the end devices in a company with around 200 employees. Unfortunately, our laptops have an extremely poor / slow connection as soon as endpoint protection…

J’a

Is there anything special that needs to be done for Configuration Manager to work with Intercept-X? Some (not all and it changes A LOT) computers aren't seeing deployments in Software Center. Some computers will see 5 one day then all the next. Some will…

we have a desktop users which is installed the intercept x endpoint. now for these user are facing an issue that when they open a specific link the chrome or edge is getting error pages un responsive. when try with another user from the desktop which…

Hi, We have had 2 of these notifications over the past week on two computers days apart. Can somebody please help me to understand this. Many thanks in advance. Endpoint Type : Computer OS : Windows Device : …

Does sophos protect mapped drives on endpoints?

Good afternoon I use SyncBackFree, it creates a temporary file. It is detecting it as a virus I've been looking for documentation on Troj/DrodZp-CB and I can't find any documentation. Has something similar happened to you?

Hi I would like to know about SoPhos process information. Please tell us in detail what function the two processes below perform. 1. SoPhosFilesScanner.exe 2. SSPService.exe

Anyone aware of a Sophos central managed Endpoint setting where we can restrict an On Demand scan to a particular time. let's say after 24 hours, it should stop.

I wanted to understand the Difference between Sophosfilescanner.exe and SophosFS.exe process, are they same in functionality ? Is SophosFileScanner.exe have the role of SAVservice.exe which has been removed recently after Core agent update 2.20.11 …

We recently had a false positive from CryptoGuard and were unsure whether to exclude it via Detection ID or filename+filepath. What details actually make up a Detection ID? We installed two versions of the software and although the exe file that caused…

Could anyone let me know the main features which is available in Sophos intercept X, ( this is for presentation purpose, it would be great if anyone explains me briefly if you know) thanks in advance Have a great day ahead

Hello experts, I have a question about machine learning for malware detection. How does "machine learning" work at Sophos? How can you imagine that? I see many analyzes in the reports from Sophos labs intelix that draw on an enormous database. How is…