This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Remove Sophos Central without tamper protection password

It would be extremely difficult to remove sophos central from within the operating system where it is installed,  However, by either plugging the affected drive into another computer -OR- working from recovery - command prompt,  the SOPHOS folders can be removed from program files and program files (x86) on the affected hard drive partition.  All hitmanpro files should all be removed.

Then on rebooting the OS - run iobit uninstaller, or delete remaining sophos files and folders to CLEAN UP.

               Have fun,    Steve K.



This thread was automatically locked due to age.
Parents Reply
  • Hi Glen,

           SophosZap is very helpful to clean up AFTER SOPHOS CENTRAL is disabled, but WILL NOT RUN as long as Sophos central is still alive.  (YES, I tried that too).

    SophosZap will sometimes not even run when there are left over remnants from sophos home.

    I DID reach out to your support team earlier (Karthikkeyan B) - DID NOT GET ME THERE...

    It is a REAL PLUS that sophos home can be uninstalled so much more easily.

    Lots of folks lost the admin passwords for central.      Steve

Children
  • That is right, since having tamper protection "Enabled" on the system will prevent the actions which ZAP will execute. 
    In the knowledge base article, multiple steps were introduced, and you can try each of them. The Idea you've shared is a good initiative, though this can only be applied when you have multiple systems in your environment. Most home users may not have the luxury of doing it. Also, on behalf of Sophos support, we apologize for not being able to meet the expectation. I do hope that your case has been solved by now. Sophos Home Users can always reach our dedicated support team through Sophos Home Support Portal 

    Glenn ArchieSeñas (GlennSen)
    Global Community Support Engineer

    The New Home of Sophos Support Videos!  Visit Sophos Techvids
  • Hi Glen,

             THANKS for responses to my concerns with sophos central.  I really appreciate the advice and feedback.  SophosZap is very helpful, but tamper protection has to be stopped first.  LOOKS LIKE renaming SophosED.sys followed by using system.msc to disable startup of as many Sophos services and hitmanr as you can may allow regedit edit to change the TamperProtection keys from 1 to 0.  When running SophosZap - look at the log files for more hints.  I will be interested to know what you find and CAN YOU use regedit on sophos keys with central present?  I can not.

    Best,   Steve K.