The Eicar files were not detected on download, unzipping, or opening. The following is the output from the terminal commands--doesn't look right. I don't have JAMF access to try that workaround. And ideas?
% sw_vers
ProductName: macOS
ProductVersion: 11.0.1
BuildVersion: 20B50
% sudo sqlite3 /Library/Application\ Support/com.apple.TCC/TCC.db "select client,auth_value from access" | grep -i sophos | sort
Password:
/Library/Sophos Managed Detection and Response/SophosMDR|2
com.sophos.SDU4OSX|2
com.sophos.SophosScanAgent|2
com.sophos.SophosScanD|2
com.sophos.autoupdate|2
com.sophos.enc.SophosEncryptionD|0
com.sophos.endpoint.scanextension|2
com.sophos.endpoint.scan|2
com.sophos.endpoint.uiserver|2
com.sophos.liveresponse|2
com.sophos.macendpoint.CleanD|2
com.sophos.macendpoint.SophosServiceManager|2
com.sophos.scan|2
% systemextensionsctl list | grep -i sophos
2020-12-04 10:27:46.297 systemextensionsctl[56699:2312108] Completely failed to resolve bundle info
zsh: abort systemextensionsctl list |
zsh: exit 1 grep -i sophos
% gzcat /Library/Logs/SophosDiagnostics.* | grep -e 'ESServer.*Cache Stat'
gzcat: /Library/Logs/SophosDiagnostics.gz: unexpected end of file
gzcat: /Library/Logs/SophosDiagnostics.gz: uncompress failed
added %
[edited by: Brian Bresnan at 3:45 PM (GMT -8) on 4 Dec 2020]
