Sophos Central Endpoint: Remotely fixing "Failed to Protect Computer" or "Missing Services"

Does anyone have any experience in remotely fixing computers that are reporting to Sophos Central with an alert of "Failed to Protect Computer" or showing a bad status with "Services Missing or not Running"? When I say remotely, these are computers spread across many customer sites (schools), and in most cases they are domain based computers, and we do have admin access to on-site servers, so i am hoping that it might be possible to do something with scripting and group policy. I'm thinking that I might be able to script the steps in this article Sophos Central: Sophos Endpoint Self Help - Services for the missing services, and script a "re-install" for computers where absolutely no services are listed following an initial attempt at installation. The product we are installing is Intercept X Advanced. By the way, does anyone know where there is an official list of the services that should be present and running for the Sophos Intercept X Advanced product for Windows endpoints? 

Anyway, any practical advice from the community will be greatly appreciated.

Services that I think are the ones we should see for Sophos Intercept X Example of what we see for some computers - lots of "old" services?

Edited TAGs
[edited by: Gladys at 4:23 AM (GMT -8) on 19 Dec 2022]