I am aware on this thread community.sophos.com/.../running-malware-in-quarantine-or-cleanup-failure
I have tried to follow the instructions, but d. Go to C:\ProgramData\Sophos\Health\Event Store\Database and rename the file events.db to events.orig. is proving problematic.
There is no Program Data file on C:\.
There is Program Files which contains a Sophos folder but no Health or Event Store folder.
There is Program Filse x64 which contains a Sophos folder and a Health folder but no Event Store, only Events, Events does not contain Database or and events.db file.
Any advice? I have about 15 PCs with this issue and without clearing the alerts I can't monitor them for new problems effectively.
Hi Lilly Hill
Please check under the hidden items( Under View>Check on hidden items) for the program data folder. Before that, would you please provide more details about the detection on the endpoint…
Please check under the hidden items( Under View>Check on hidden items) for the program data folder. Before that, would you please provide more details about the detection on the endpoint?
Shweta
I just wanted to follow up with you on this thread, if you are still facing this issue?
Thanks Shweta - that got me in and fixes it at least for a while. It is a really repetitive bug though.
Thank you for the update. In case you receive the detection again, I would suggest you provide a screenshot of the same, that would be helpful.