One of our customer wanted to deactivate the Sophos Scheduled Scan on the client devices. I changed the settings in the Threat Protection Base-Policy. But the clients still do a weekly scheduled scan. Is there any other option in the policy settings…

Dear All, im facing CrytoGuard detected on sophoscleanup.exe CryptoGuard detected ransomware in C:\Program Files\Sophos\Endpoint Defense\SophosCleanup.exe anyone encountered this issue before?

Will it be repaired?

Evening, I recently came across an issue I can't figure out how to resolve. We have an add-in for Excel that causes Sophos Endpoint to kill the program with a "StackExec" (MemProt) exploit prevented in Excel. Up until now we've just added the detection…

I have followed the steps for a Global Exclusion to allow downloading the file Tron v12.0.5 (2023-02-02).exe. However, when I try to add it as a PUA, it won't allow me with the error message "PUA name is not valid". I've tried wildcards but that doesn…

Hello everyone, i am looking for a option to restrict the download of compressed files via Sophos Intercept X Advanced. In our XG 230 we set the filetyp "Compressed Files" to "warn" and it works as desired. But we also have a few notebooks that leave…

Recently we noticed that we are receiving over five detections on a given day for Stack Exec . The threat graph for all detections are identical with the root cause been Microsoft Office 2016. The reputation for Microsoft Office is good and the file is…

Hola a todos Tengo un servidor windows 2019, con el agente de sophos intercep X Advance instalado, los usuarios reportan lentitud a la hora de navegar, realizando diferentes pruebas con medidores de velocidad de internet instalados en el servidor…

Hello everyone, I have a question. Some of your users needs to run a Python script (through VBA, command prompt or Python prompt). At the moment it gets blocked by Sophos. What's the best way to tackle this problem and allow this script to be run? …

We want to use a comment function in a "normal" Policie. If we click on "Add Exclusion" there is no field to comment something.

We have been getting some "Policy non-compliance: Exploit Detection" alerts from some of our devices. These then return to compliance once the device was next powered on. This is great that they return to compliance, but there doesn't appear to be any…

Hi Team, We have some systems where Sophos clients are running and considering below path suspicious. PathC:\Program Files (x86)\Avantium Technologies\Crystal16.exe I have created global exclusion in two ways:- 1) Based on File or folder (Windows…

Most of the customer has Performance issue while in complete scan. is there any option to set priority or performance control in Sophos agent option for complete scan.

We are in the process of rolling out Central Intercept X Advanced with XDR and MTR. Developers have complained that Sophos makes their Windows machines sluggish. Same behaviour does not exist or is not as bad on Mac machines. We have been able to reduce…

Hello, I have been asked by a customer if there is a document which thouroughly explains how 'Protect critical functions in web browsers (Safe browsing) works but cannot seem to find anything. Does such a document exist? Thanks, Lee.

Hi, I work in an organisation environment where we have a variety of user laptops and are running Sophos Endpoint. Products Core Agent 2022.4.1.1 Sophos Intercept X 2022.1.3.3 We have been experiencing an issue with one device , a Lenovo…

Does the Sophos File scanner scan files in a WSL1 installation? Those files are available to Windows at \\wsl.localhost\ Thank you, Carlton

We've recently updated to Endpoint and have an unusual issue with one of our users recently migrated to Win10 and Endpoint. Whenever they attempt to launch Volunteer Reporter by Volsoft it is blocked by Sophos. I am awaiting a local screenshot from our…

I am only able to access a Hyper-V server from the Hyper-V Manager on the physical host. When the connection is established, I can use MSTSC from my local Windows 11 machine to connect to the server and take control of the session. However , if I attempt…

Sophos Endpoint is detecting a CryptoGuard detected ransomware in C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2302.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe I am unsure of the reason behind this detection and would appreciate your help in resolving…

We are hit with potential ransomware but it shows strange originating IP address. How can i figure out where it originated. CryptoGuard detected a ransomware attack from fe80::6d67:8f89:d7d5:be80

Good morning, We have Sophos at work and we discovered recently that Quick Assist is being blocked by Web Control. Seems to be a new thing because there were no changes in the systems. Can you please help and/or provide a solution? Thanks & Regards, …

Hello Sophos Community, I manage the Sophos Endpoint Antivirus Solution + Sophos Centrale. We are currently using the Sophos File Scanner Version 1.10.7.73. The CPU Usage spikes drastically to 40% in a ten minunte interval. Do you know any tricks to…

When I made a scan using virustotal for the site haagtech.se I get a few red flags. Sophos is one of them. The scan looks different if use my phone compared to a computer. On the phone Sophos has its own line, but on the computer it shares line with…

Now this mode only has observation mode, I hope to add interception mode in the future, for example, if the high risk level exceeds a certain score, automatic interception will be triggered and threat chart will be automatically built