Security Health - Running malware in quarantine or cleanup failure

Hi, in my sophos central i find a pc with STATUS - Security Health - Running malware in quarantine or cleanup failure but in the event log are present only this warning/error entry:

Nov 20, 2018 12:13 PM Running malware locally cleared: 'HPmal/Crusher-N' at 'C:\Windows\SysWOW64\cmd.exe'
Nov 20, 2018 12:13 PM Running malware detected: 'HPmal/Crusher-N' at 'C:\Windows\SysWOW64\cmd.exe'

There aren't other warning. 

What should I do to solve the problem?

  • Hi  

    This event says that the malware is detected and cleared. Hence I would consider that the endpoint is safe right now. I would still suggest running a full scan on the endpoint just to be sure.

  • In reply to Adithyan Thangaraj:

    Hi Adithyan Thangaraj,

    the computer status in sophos central still be critical. How reset or resolve this status?

  • In reply to Fonderia Corra:


    Thank you for your kind response. First, we have to identify whether this is a reporting issue or the endpoint still has a running malware in quarantine. To determine that, Please DM me with screenshot of its status in Central and also a screenshot of the endpoint status from the computer itself. Based on the result, we can proceed further with different steps towards resolution.