Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/esg/endpoint-windows-embedded/help/en-us/index.html?contextId=test

Test threat detection

  1. Download the eicar string from http://www.eicar.org/.
  2. Copy the string into a Notepad file and save it as eicar.txt.
  3. Rename the file to eicar.com and double click it.

You should see a detection then a cleanup.

In the Sophos Endpoint UI, the Status tab will show Threat detected.

The Events tab will show threat detected and then threat cleaned up.

Clear the alert from Sophos Central:

  1. Sign in to Sophos Central Admin.
  2. Go to Endpoint Protection > Computers .
  3. Find the workstation you did the test on and double-click to open details.
  4. On the Status tab, you see an alert. Select the alert and click Acknowledge to dismiss it.