How To Remove Sophos Tamper Protection

This post will guide you on How To Remove Sophos Tamper Protection from the Sophos Central Endpoint Software on your windows system.

Follow the magical steps below to obtain freedom from Sophos.

  1. Open up MSConfig.exe
  2. Click Boot tab 
  3. Select checkbox Safe boot with radio minimal selected
  4. Click apply and reboot
  5. Open the command line (Shell) and execute the following commands:

    REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SAVService" /t REG_DWORD /v Start /d 0x00000004 /f

    REG ADD
    "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sophos MCS Agent" /t REG_DWORD /v Start /d 0x00000004 /f

    REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sophos Endpoint Defense\TamperProtection\Config" /t REG_DWORD /v SAVEnabled /d 0 /f

    REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sophos Endpoint Defense\TamperProtection\Config" /t REG_DWORD /v SEDEnabled /d 0 /f

    REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Sophos\SAVService\TamperProtection" /t REG_DWORD /v Enabled /d 0 /f


  6. Open Services and disable all Sophos Services
  7. Open MSCONFIG.exe
  8. Select Boot tab
  9. Uncheck Safe boot apply and reboot into normal mode
  10. You can now uninstall Sophos.

Leave a Reply