Keep showing "Action Required" when nothing can be done

Hi,

 

I'm using iMac (27-inch, Late 2013, macOS High Sierra), and my Sophos Home Premium started to signal me "Action Required" today at the top right corner of my desktop. When click "show", it took me to "Open Security & Privacy", and once I click to open this window, it showed nothing related to Sophos. I had no choice but closing it. Soon after the signal appearred again. Very annoying. Please advise. Thanks.

drive.google.com/open

  • And I just found in the tab "General", there is an option related to Sophos. So I hit "Allow", as the followings. However, nothing happened, and the message still keeps popping up.

  • In reply to Ying Shen:

    Hi Ying,

    Could you please reboot your machine and check if the issue persist? Also, please run the command in terminal and share with us the output.

  • In reply to Aditya Patel:

    It still persists after reboot. How can I "run the command in terminal"? Can you tell me which application should I launch first?

    Thanks, 

    y

  • In reply to Ying Shen:

    Hi, I typed in the path you pasted and it didn't work. Not sure if there were space missed due to the way your image looks. Could you type the path instead, so I can do it more accurately? Thanks.

     

    Ying

  • In reply to Aditya Patel:

    Hi, I typed in the path you pasted and it didn't work. Not sure if there were space missed due to the way your image looks. It's been so frustrated. Could you type the path instead, so I can do it more accurately? Thanks.

     

    Ying

  • In reply to Ying Shen:

    Hello Ying,

    Pasted command

    >cd /

    >sqlite3 /var/db/SystemPolicyConfiguration/KextPolicy "SELECT * from kext_policy”

  • In reply to Aditya Patel:

    I did it but nothing happened. This is what I do:

    - opened Terminal

    - typed: >cd /

    - hit enter

    - typed: >sqlite3 /var/db/SystemPolicyConfiguration/KextPolicy "SELECT * from kext_policy”

    - hit enter again

     

    Did I do it right?

     

    Ying-Fang

  • In reply to Ying Shen:

    This is wrong. The author of these commands is creating unnecessary confusion. Should have explained not to enter the character > only the characters following. Do not include the character >

     

    For example, for the first entry just enter cd/ without the >

     

    And be careful to only copy and paste, as an extra or missing space will invalidate a command.

  • In reply to brvx:

    Thanks for the clarification. I typed as instructed, and still didn't any happened. Here is the screen capture:

    Is there still something wrong?

     

    Ying

  • In reply to Ying Shen:

    Sorry, can't help much more than this. Looks like you typed the commands correctly, but this is foreign to me ("SKEL" Secure Kernel Extension Loading), since I'm still running 10.12, not 10.13 High Sierra, where it was first introduced.

     

    You might want to have a look at the following article, although a bit technical:

     

    https://developer.apple.com/library/archive/technotes/tn2459/_index.html

     

    And it would be nice if the Sophos staff, , were a bit more helpful, instead of making suggestions and then leaving this thread alone for days on end.

  • In reply to brvx:

    On further research looks like you will have to do this manually:

    First, boot into recovery mode: restart while holding down CMD and R keys. This can take a little while.

    Next, when booted into recovery mode, open Terminal from menubar at top.

    Next, in Terminal, run the following command  :

     

    /usr/sbin/spctl kext-consent add 2H5GFH3774

     

    (Note, IMPORTANT, in recovery mode you won't be able to copy/paste, so first write down the command EXACTLY as it appears above, paying attention to spaces and case (everything is in lower case except for the number 2H5GFH3774 at end)

     

    Hit enter after typing in the command, wait for a new cursor prompt, quit Terminal, then select restart from Apple menu.

     

    Sophos article on this here

     

    community.sophos.com/.../132813

     

     

  • In reply to brvx:

    This fixed the issue for me! Thanks!!

  • In reply to Ying Shen:

    For future visitors,

     

    type: cd /

    hit enter

    type: sudo sqlite3 /var/db/SystemPolicyConfiguration/KextPolicy "SELECT * from kext_policy"

    hit enter

    type in your admin password (in terminal it will not indicate on the screen that you have entered anything)

    hit enter, even if you don't see anything next to password prompt.

    You will then see a list of xxxxxxx|com.softwaremanufacturename.kext.xxxxx|number|manufacturename|number

    ie 2H5GXXXXXX|com.sophos.kext.oas|1|Sophos|1