Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 7 subscribers
  • Views 11058 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos flagging process as Randsomware

Jon Airey

We have several applications (console/web/service) that share some code to encrypt/decrypt files. Sophos intermittently flags this as Randsomeware whether it be form the host running the application or the file server. We have tried whitelisting the process names but still do see blocking issues. 

 

Wonding if there is some way to embed some meta data into the processes that Sophos can read and we can whitelist this on our end. Does anyone who if something like this is possible?



This thread was automatically locked due to age.
Parents
  • +1

    Hi Jon Airey,

    For the reported false positive detections Open a support ticket and provide the following information:

    1. Information on the application triggering the detection.
    2. A copy of the following folder or gather all folders if multiple folders exist: C:\Windows\CryptoGuard\reverted_xxx.
    3. The output of the Sophos Diagnostic Utility (SDU).
Reply
  • +1

    Hi Jon Airey,

    For the reported false positive detections Open a support ticket and provide the following information:

    1. Information on the application triggering the detection.
    2. A copy of the following folder or gather all folders if multiple folders exist: C:\Windows\CryptoGuard\reverted_xxx.
    3. The output of the Sophos Diagnostic Utility (SDU).
Children
No Data