there are many Articles about this problem but none is working....
I tried this
ren SophosED.sys SophosED.sys.old
0x00000004. This works
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sophos AutoUpdate Service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sophos Endpoint Defense\TamperProtection\Services
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sophos Endpoint Defense\TamperProtection\Services\SAVService
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sophos Endpoint Defense\TamperProtection\Config
HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\SAVService\TamperProtection Also access denied, cannot be changed
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Sophos\SAVService\TamperProtection Also access denied, cannot be changed
So all thes Articles are not working as described, any ideas how to overcome these problems ?
Hello Fred Lind,
that you get an Access denied when trying the ren SophosED.sys suggests you aren't in Troubleshoot mode (previously called Safe mode). Endpoint Defence and TP are active and consequently these commands fail.Which Windows version, BTW?
Hello Christian , it was in troubleshoot mode (previously called Safe mode). ! Dis everything as discribed, Windows Version is 8.1
I don't have 8.1 so I can't check how it behaves. The commandDriverquery.exe /fo csv /v |findstr SophosEDshould show you whether Endpoint Defence is running"Sophos Endpoint Defense",[...],"File System ","Boot","Running","OK",...and if it is this would explain the Access denied. The question would then be why you're not in troubleshooting mode.
Thank you Christian,
you are right, I have been in the wrong troubleshooting mode, now it works
Sometimes it is difficult when you are in another language