Sophos Kba 119175

Posted on  by admin

This article will show you how to remove the Sophos Central Endpoint Client from your Windows system, even if the tamper protection prevents this.

Important: This method of uninstalling the Endpoint Client should only be used if there is no chance to disable tamper protection in the normal way. This may be because you forgot your password or deleted your computer from Sophos Central without uninstalling the Endpoint Client on your computer. How to disable tamper protection in the proper way is explained in this tutorial.

Sophos Kba 119175 Software

Tamper Protection must be disabled before changes are made to the local Sophos configuration or if there is a need to uninstall the existing Sophos product. Disabling the Tamper Protection requires that the logged in user knows the actual password that was set in the policy and that the user is a member of the local group SophosAdministrator.This knowledge base article describes the steps to disable Ta.

Sophos Kba 119175

Option 1

  1. Boot your Windows system into Safe Mode.
  2. Click Start, than Run and type services.msc and then confirm with Enter or click on OK
  3. Search for the Sophos Anti-Virus service and click on it with the right mouse button.
  4. From the context menu, select Properties and then deactivate the service.
  5. Now you can click on Start and type Run again. Enter regedit this time. Confirm with Enter or click OK.
  6. Go to the following location in the registry editor: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSophos MCS Agent and set REG_DWORD Start to 0x00000004
  7. Next, Go to the following location in the registry editor: HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSophos Endpoint DefenseTamperProtectionConfig set the following REG_DWORD-values SAVEnabled and SEDEnabled to 0.
  8. Finally, go to the following location in the registry editor: HKEY_LOCAL_MACHINESOFTWAREWOW6432NodeSophosSAVServiceTamperProtection and set the value at REG_DWORDto 0.
  9. Reboot the system in normal mode.

After clicking on uninstall, the dialogue box reads, 'You must diable Sophos Tamper Protection before you continue. Contact your administrator or see Sophos KBA 119175.' I have went into the program to disable it but the selection is grayed out. © 1997 - 2021 Sophos Ltd. All rights reserved. Legal Privacy Cookie Information Privacy Cookie Information. The Sophos Community is a platform for users to connect and engage on everything Sophos-related. Visit a Community group to start a discussion, ask/answer a question, subscribe to a blog, and interact with other Community members. Check out our getting started page to learn more!

Option 2

  1. Boot your Windows system into Safe Mode.
  2. Then open the command line (Shell) and execute the following commands:
  3. Reboot the system in normal mode.

Disable Sophos Tamper Protection

No matter which of the two options you choose, they should both result in the tamper protection being disabled and you can uninstall the Endpoint Client without any problems.