We'd love to hear about it! Click here to go to the product suggestion community
Hi, in my sophos central i find a pc with STATUS - Security Health - Running malware in quarantine or cleanup failure but in the event log are present only this warning/error entry:
Nov 20, 2018 12:13 PM Running malware locally cleared: 'HPmal/Crusher-N' at 'C:\Windows\SysWOW64\cmd.exe' Nov 20, 2018 12:13 PM Running malware detected: 'HPmal/Crusher-N' at 'C:\Windows\SysWOW64\cmd.exe'
There aren't other warning.
What should I do to solve the problem?
Hi Fonderia Corra
This event says that the malware is detected and cleared. Hence I would consider that the endpoint is safe right now. I would still suggest running a full scan on the endpoint just to be sure.
In reply to Adithyan Thangaraj:
Hi Adithyan Thangaraj,
the computer status in sophos central still be critical. How reset or resolve this status?
In reply to Fonderia Corra:
Thank you for your kind response. First, we have to identify whether this is a reporting issue or the endpoint still has a running malware in quarantine. To determine that, Please DM me with screenshot of its status in Central and also a screenshot of the endpoint status from the computer itself. Based on the result, we can proceed further with different steps towards resolution.