• A lot of WMV files deleted since last weeks for unknow reason

    Sophos User3113
    Sophos User3113
    Hello, since last week, for unknown reason our Sophos Endpoint delete all WMV files on computers. This is the event : Malware detected: 'W32/GetCodec-A' at 'XXX\Intro discours.wmv' Any idea why it's happen now?? I already created a ticket to…
    • Answered
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Random RDP Dropouts

    acs
    acs
    Hello All Have a client that has a mix of full fat and thin clients, the full fat clients being W10 Pro are connecting into a RDS server. What am noticing is that one computer is randomly experiencing RDP dropouts. Initially thought it was the NIC and…
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Attack Surface Reduction mitigation re: LSASS Memory credential dump attack

    Matthew Smith3
    Matthew Smith3
    This article https://attack.mitre.org/techniques/T1003/001/ lists several mitigations against an LSASS memory credential dump attack, one of which is ASR (Attack Surface Reduction). The mitigation is described as Behavior Prevention on Endpoint and links…
    • Answered
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Windows Update Query

    Sophos User5832
    Sophos User5832
    Hello - Does anyone have a query they have used to see if Windows Update is running on an endpoint?
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Sophos MTR

    FormerMember
    FormerMember
    Hello All. So more and more cyber insurance questionnaires are asking for SIEM SOC and 24x7 monitoring. We have been using Sophos Advanced Intercept-X for years and have been relatively happy with it. We considered the XDR option but that means we need…
    • Answered
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Sophos Intercept X

    tam siryu
    tam siryu
    Could anyone let me know the main features which is available in Sophos intercept X, ( this is for presentation purpose, it would be great if anyone explains me briefly if you know) https://192168ll.link/ https://routerlogin.uno/ thanks in advance …
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Sophos ML Engine (64-bit) failed to install

    JC12X
    JC12X
    Hello, I am new to Sophos and System Administration in general. Over the weekend, I got several notifications that some of my servers had failed to update Sophos. Below are some error snippets I've identified from the installation log: %ProgramData…
    • Answered
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Sophos Central - SSPService.exe - hoher RAM Verbrauch

    Thomas Gothe
    Thomas Gothe
    Hallo zusammen, folgende Grundinformationen: HP 449G3 238 AiO System Windows 10 20H2 Intel Core i57500T 2,7GHz 8 GB RAM Sophos Core Agent 2.20.11 Sophos Endpoint Advanced 10.8.11.4 Sophos Intercept X 2.04.24 Wir haben unsere gesamten Rechner auf…
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Sophos Central Endpoint: Wonder how to perform initial troubleshooting for connection issues with Live Response

    BenedictSiu
    BenedictSiu
    Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. ______________________________________________________________________________________________________________________________…
    • over 2 years ago
    • Sophos Endpoint
    • Recommended Reads
  • Detections: MS Store App with Defense Evasion Asynchronous Procedure Call

    pfeffex
    pfeffex
    Hi, maybe somebody can help me to identify what's going on. I have one workstation with a official MS store app "Your Phone". Sophos detect a RISK 7 level on this command: "C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22012.160.0_x64__8wekyb3d8bbwe…
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Sophos interfering with NodeJS processes on Mac OSX Big Sur

    FormerMember
    FormerMember
    Ever since I upgraded to Big Sur, I've noticed that Sophos has begun to interfere dramatically whenever I run Jest tests. CPU usage for Sophos spikes to around 400% when running even a modest Jest test program, with 71 tests currently taking 98.6 seconds…
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Some clients fail to update livequery64 when connected via Cisco Anyconnect (Error 1053)

    Patrick_S
    Patrick_S
    Hello there, we got three Laptops where the error message "Failed to install livequery64: general error" is displayed. The affected clients are connected via Cisco Anyconnect (VPN). One client which reported the error on monday was directly connected…
    • Answered
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • how to check if policies / exceptions are applied to endpoints?

    chaosweb2
    chaosweb2
    Hi guys, having a (performance) problem with an application. I built a new policy / enhanced the Base Policy and added some (file and process) exceptions. How can I check on one particular client if these exceptions are working as they should? Using…
    • Answered
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Unable to uninstall Sophos from RDS

    Boon Hong Wong
    Boon Hong Wong
    Why is Sophos asking for Malwarebytes file when I attempt to uninstall it?
    • Answered
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Unable to disable Tamper Protection

    Boon Hong Wong
    Boon Hong Wong
    Unable to disable Tamper Protection on a Server, despite it is already disabled in Sophos Central Admin. Even when override Sophos Central Policy for 4 hours to troubleshoot is checked, none of the sliders (including Tamper Protection) can be activated…
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Toast Notification

    acs
    acs
    Hello I can see this has been requested many years ago but can we not have a toast alert popping up to remind users to reboot their machines when the AV engine needs a full system reboot? Yes I can see this within the Sophos Endpoint control panel…
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • limit disk usage? high usage when scanning files (> 95%)

    Alex Merli
    Alex Merli
    There's a way to limit the disk usage during sophos antivirus scan? We have machines with always active background programs that open and close communications with other machines, but if they have saturated resources, sometimes errors occur and operators…
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Sophos AV

    shini uzumi
    shini uzumi
    Has anyone experienced the Network Threat Protection service seemingly will stop and restart at will across multiple machines? There are a couple devices that it doesn't restart automatically on https://100001.onl/ https://1921681254.mx/ but the alerts…
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Web control - endpoint or firewall?

    Jakub Kavka
    Jakub Kavka
    Hello, which product will be better to use in case of Web control? With the new agent rolling out by the end of a month there should be option to use Web control right on endpoint. Does this means, i should use only one Web control or filtering, combine…
    • Answered
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • A quick fix when Sophos endpoint blocks LAN and WAN connections due to service failure

    Sarbrinder Gill
    Sarbrinder Gill
    Hello All, What is a quick fix when Sophos Endpoint service fails to start and the endpoint is blocked on LAN and WAN due to security heartbeat? This happens on random PCs especially when the software is updated. How to start the service. …
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Intercept X Endpoint Sysprep

    Kaan Demirsah
    Kaan Demirsah
    Hello, I am trying to generate a windows 10 image by sysprep, I install the sophos antivirus with the respective step by step to generate the golden image ( https://support.sophos.com/support/s/article/KB-000035040?language=en_US ) and after this I…
    • Answered
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Remove Global Exclusion

    Andrew Thompson5
    Andrew Thompson5
    Hi, We have a Global Exclusion set for an executable file. We now no longer want this exclusion to take effect. I can't seem to find a way to delete the exclusion. Can anyone help with this? Many thanks.
    • Answered
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Mal/Polazert-A Removal?

    MJ_P1
    MJ_P1
    I have two endpoints at two totally unrelated clients where Sophos detected Mal/Polazert-A. Sophos is good at telling me about it, but it doesn't give me any options to remove it. Every time the client reboots their computer, they get a popup from Sophos…
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • Sophos Endpoint Protection - Windows 2016 R2 Auto restating

    Senith Iddagoda
    Senith Iddagoda
    In sophos endpoint protection, there was an issue regarding restarting when using the services in windows server 2016. sophos agent in machine shows an error massage. It's shows "some sophos services are not running please contact it"
    • Answered
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • vcredist_x86.exe 2008 installation fails on Server with Intercept-X

    LHerzog
    LHerzog
    When installing this old, legitimate Microsoft file on two different Server 2022 machines: Microsoft Visual C++ 2008 Redistributable Setup v 9.0.30729.5677 https://download.microsoft.com/download/5/D/8/5D8C65CB-C849-4025-8E95-C3966CAFD8AE/vcredist_x86…
    • over 2 years ago
    • Sophos Endpoint
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
<>