This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable to remove endpoint 2.20.11 without tamper password

We took over for another MSP and prior to cutting ties the old MSP left us a spreadsheet with the Sophos tamper protection passwords, but our issue is that they didn’t work on all the machines. I have five that still need the endpoint removed from.

I came across the following articles but even when logged in via local admin (safe mode) I can’t kill the Sophos AV service or rename the following file “SophosED.sys SophosED.sys.old” as I get access denied. Do I need to wipe these machines or is there some other way I haven’t found?

Sophos Endpoint Defense: How to recover a tamper protected system

Uninstall Sophos Central Endpoint with tamper protection enabled (Windows) - Avanet



This thread was automatically locked due to age.
Parents Reply Children
No Data