Advisory: Sophos Endpoint "Your connection isn't private" after reboot. Policy settings can be returned to normal. See: KB-000045954 for the latest updates.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Manipulationspasswort vergessen

Manipulationspasswort  vergessen
Beschreibung:
Hallo, ich habe leider die Konsole deinstalliert, bevor ich die Clients deinstalliert habe. Jetzt habe ich ein riesiges Problem mit einem Kunden, ich kann interCeptX Adv nicht installieren. auf den Clients, weil dort noch Sophos Endpoint läuft. 
Ich habe jetzt mit SophosZap gearbeitet im Abgesichertenmodus, leider ohne Erfolg. 
Ich habe diverse Einträge in der Registry gemacht ohne Erfolg. Ich muss das Manipulationspasswort dringend deaktivieren! 
2023-02-14T11:31:32.956Z 1836 INFO : ==== Started C:\\Users\\Wana.Roehrig\\AppData\\Local\\Temp\\SophosZap-1259624102\\SophosZapHelper.exe ====
2023-02-14T11:31:32.956Z 1836 INFO : Running version 1.5.72.0
2023-02-14T11:31:32.956Z 1836 INFO : Parent process ID: 1804
2023-02-14T11:31:32.956Z 1836 INFO : Running SophosZap functionality on x64 bit architecture
2023-02-14T11:31:32.956Z 1836 INFO : Intialising COM subsystem.
2023-02-14T11:31:32.956Z 1836 INFO : Performing prerequisite checks.
2023-02-14T11:31:32.956Z 1836 INFO : Checking for presence of incompatible software: Sophos SafeGuard
2023-02-14T11:31:32.956Z 1836 INFO : Checking for presence of incompatible software: AD Sync
2023-02-14T11:31:32.956Z 1836 INFO : Checking for presence of incompatible software: SAV NetApp
2023-02-14T11:31:32.956Z 1836 INFO : Checking for presence of incompatible software: Sophos PureMessage for Exchange
2023-02-14T11:31:32.956Z 1836 INFO : Checking for presence of incompatible software: Sophos for Microsoft SharePoint
2023-02-14T11:31:32.956Z 1836 INFO : Checking for presence of incompatible software: SAVDI
2023-02-14T11:31:32.956Z 1836 INFO : Checking for presence of incompatible software: Sophos Enterprise Console
2023-02-14T11:31:32.956Z 1836 INFO : Checking for presence of incompatible software: Sophos Transparent Authentication Suite
2023-02-14T11:31:32.956Z 1836 INFO : Checking for presence of incompatible software: Sophos IPsec Client
2023-02-14T11:31:32.956Z 1836 INFO : Checking for presence of incompatible software: Sophos Connect
2023-02-14T11:31:32.956Z 1836 INFO : Checking for presence of incompatible software: Sophos Connect Admin
2023-02-14T11:31:32.956Z 1836 INFO : Checking for presence of incompatible software: Sophos Update Manager
2023-02-14T11:31:32.956Z 1836 INFO : Checking for presence of incompatible software: Invincea
2023-02-14T11:31:32.956Z 1836 INFO : Checking for presence of incompatible software: Sophos Network Access Control
2023-02-14T11:31:32.956Z 1836 INFO : Checking for presence of incompatible RMS Server
2023-02-14T11:31:32.956Z 1836 INFO : Sophos Endpoint Defense is installed.
2023-02-14T11:31:32.956Z 1836 INFO : Value 'SEDEnabled' under key 'SYSTEM\\CurrentControlSet\\services\\Sophos Endpoint Defense\\TamperProtection\\Config' is set to 1.
2023-02-14T11:31:32.956Z 1836 INFO : Value 'IgnoreSAV' under key 'SYSTEM\\CurrentControlSet\\services\\Sophos Endpoint Defense\\TamperProtection\\Config' is not set or set to 0.
2023-02-14T11:31:32.956Z 1836 INFO : Value 'SAVEnabled' under key 'SYSTEM\\CurrentControlSet\\services\\Sophos Endpoint Defense\\TamperProtection\\Config' is set to 1.
2023-02-14T11:31:32.956Z 1836 INFO : Tamper-protected by SED.
2023-02-14T11:31:32.956Z 1836 ERROR : SophosZap does not run with tamper protection on
2023-02-14T11:31:32.956Z 1836 INFO : Outcome error flag: 1
2023-02-14T11:31:32.956Z 1836 INFO : Outcome reboot required: 0
2023-02-14T11:31:32.956Z 1836 INFO : Summary of errors, see above for details:
2023-02-14T11:31:32.956Z 1836 INFO : Failure reason: SophosZap does not run with tamper protection on
2023-02-14T11:31:32.956Z 1836 ERROR : An error occurred. See log file for errors
2023-02-14T11:32:04.750Z 1560 INFO : ==== Started C:\\Users\\Wana.Roehrig\\AppData\\Local\\Temp\\SophosZap-848175170\\SophosZapHelper.exe ====
2023-02-14T11:32:04.750Z 1560 INFO : Running version 1.5.72.0
2023-02-14T11:32:04.750Z 1560 INFO : Parent process ID: 1588
2023-02-14T11:32:04.750Z 1560 INFO : Running SophosZap functionality on x64 bit architecture
2023-02-14T11:32:04.750Z 1560 INFO : Intialising COM subsystem.
2023-02-14T11:32:04.750Z 1560 INFO : Performing prerequisite checks.
2023-02-14T11:32:04.750Z 1560 INFO : Checking for presence of incompatible software: Sophos SafeGuard
2023-02-14T11:32:04.750Z 1560 INFO : Checking for presence of incompatible software: AD Sync
2023-02-14T11:32:04.750Z 1560 INFO : Checking for presence of incompatible software: SAV NetApp
2023-02-14T11:32:04.750Z 1560 INFO : Checking for presence of incompatible software: Sophos PureMessage for Exchange
2023-02-14T11:32:04.750Z 1560 INFO : Checking for presence of incompatible software: Sophos for Microsoft SharePoint
2023-02-14T11:32:04.750Z 1560 INFO : Checking for presence of incompatible software: SAVDI
2023-02-14T11:32:04.750Z 1560 INFO : Checking for presence of incompatible software: Sophos Enterprise Console
2023-02-14T11:32:04.750Z 1560 INFO : Checking for presence of incompatible software: Sophos Transparent Authentication Suite
2023-02-14T11:32:04.750Z 1560 INFO : Checking for presence of incompatible software: Sophos IPsec Client
2023-02-14T11:32:04.750Z 1560 INFO : Checking for presence of incompatible software: Sophos Connect
2023-02-14T11:32:04.750Z 1560 INFO : Checking for presence of incompatible software: Sophos Connect Admin
2023-02-14T11:32:04.750Z 1560 INFO : Checking for presence of incompatible software: Sophos Update Manager
2023-02-14T11:32:04.750Z 1560 INFO : Checking for presence of incompatible software: Invincea
2023-02-14T11:32:04.750Z 1560 INFO : Checking for presence of incompatible software: Sophos Network Access Control
2023-02-14T11:32:04.750Z 1560 INFO : Checking for presence of incompatible RMS Server
2023-02-14T11:32:04.750Z 1560 INFO : Sophos Endpoint Defense is installed.
2023-02-14T11:32:04.750Z 1560 INFO : Value 'SEDEnabled' under key 'SYSTEM\\CurrentControlSet\\services\\Sophos Endpoint Defense\\TamperProtection\\Config' is set to 1.
2023-02-14T11:32:04.750Z 1560 INFO : Value 'IgnoreSAV' under key 'SYSTEM\\CurrentControlSet\\services\\Sophos Endpoint Defense\\TamperProtection\\Config' is not set or set to 0.
2023-02-14T11:32:04.750Z 1560 INFO : Value 'SAVEnabled' under key 'SYSTEM\\CurrentControlSet\\services\\Sophos Endpoint Defense\\TamperProtection\\Config' is set to 1.
2023-02-14T11:32:04.750Z 1560 INFO : Tamper-protected by SED.
2023-02-14T11:32:04.750Z 1560 ERROR : SophosZap does not run with tamper protection on
2023-02-14T11:32:04.750Z 1560 INFO : Outcome error flag: 1
2023-02-14T11:32:04.750Z 1560 INFO : Outcome reboot required: 0
2023-02-14T11:32:04.750Z 1560 INFO : Summary of errors, see above for details:
2023-02-14T11:32:04.750Z 1560 INFO : Failure reason: SophosZap does not run with tamper protection on
2023-02-14T11:32:04.750Z 1560 ERROR : An error occurred. See log file for errors
2023-02-14T11:42:59.730Z 3996 INFO : ==== Started C:\\Users\\Wana.Roehrig\\AppData\\Local\\Temp\\SophosZap-1912253406\\SophosZapHelper.exe ====
2023-02-14T11:42:59.730Z 3996 INFO : Running version 1.5.72.0
2023-02-14T11:42:59.730Z 3996 INFO : Parent process ID: 3980
2023-02-14T11:42:59.730Z 3996 INFO : Running SophosZap functionality on x64 bit architecture
2023-02-14T11:42:59.730Z 3996 INFO : Intialising COM subsystem.
2023-02-14T11:42:59.730Z 3996 INFO : Performing prerequisite checks.
2023-02-14T11:42:59.730Z 3996 INFO : Checking for presence of incompatible software: Sophos SafeGuard
2023-02-14T11:42:59.730Z 3996 INFO : Checking for presence of incompatible software: AD Sync
2023-02-14T11:42:59.730Z 3996 INFO : Checking for presence of incompatible software: SAV NetApp
2023-02-14T11:42:59.730Z 3996 INFO : Checking for presence of incompatible software: Sophos PureMessage for Exchange
2023-02-14T11:42:59.730Z 3996 INFO : Checking for presence of incompatible software: Sophos for Microsoft SharePoint
2023-02-14T11:42:59.730Z 3996 INFO : Checking for presence of incompatible software: SAVDI
2023-02-14T11:42:59.730Z 3996 INFO : Checking for presence of incompatible software: Sophos Enterprise Console
2023-02-14T11:42:59.730Z 3996 INFO : Checking for presence of incompatible software: Sophos Transparent Authentication Suite
2023-02-14T11:42:59.730Z 3996 INFO : Checking for presence of incompatible software: Sophos IPsec Client
2023-02-14T11:42:59.730Z 3996 INFO : Checking for presence of incompatible software: Sophos Connect
2023-02-14T11:42:59.730Z 3996 INFO : Checking for presence of incompatible software: Sophos Connect Admin
2023-02-14T11:42:59.730Z 3996 INFO : Checking for presence of incompatible software: Sophos Update Manager
2023-02-14T11:42:59.730Z 3996 INFO : Checking for presence of incompatible software: Invincea
2023-02-14T11:42:59.730Z 3996 INFO : Checking for presence of incompatible software: Sophos Network Access Control
2023-02-14T11:42:59.730Z 3996 INFO : Checking for presence of incompatible RMS Server
2023-02-14T11:42:59.730Z 3996 INFO : Sophos Endpoint Defense is installed.
2023-02-14T11:42:59.730Z 3996 INFO : Value 'SEDEnabled' under key 'SYSTEM\\CurrentControlSet\\services\\Sophos Endpoint Defense\\TamperProtection\\Config' is not set or set to 0.
2023-02-14T11:42:59.730Z 3996 INFO : Not tamper-protected by SED.
2023-02-14T11:42:59.745Z 3996 INFO : Sophos Endpoint Defense is installed.
2023-02-14T11:42:59.745Z 3996 INFO : Value 'IgnoreSAV' under key 'SYSTEM\\CurrentControlSet\\services\\Sophos Endpoint Defense\\TamperProtection\\Config' is not set or set to 0.
2023-02-14T11:42:59.745Z 3996 INFO : Value 'Enabled' under key :'Software\\Sophos\\SavService\\TamperProtection' is set to 1.
2023-02-14T11:42:59.745Z 3996 INFO : SAV Tamper Protection is in effect.
2023-02-14T11:42:59.745Z 3996 ERROR : SophosZap does not run with tamper protection on
2023-02-14T11:42:59.745Z 3996 INFO : Outcome error flag: 1
2023-02-14T11:42:59.745Z 3996 INFO : Outcome reboot required: 0
2023-02-14T11:42:59.745Z 3996 INFO : Summary of errors, see above for details:
2023-02-14T11:42:59.745Z 3996 INFO : Failure reason: SophosZap does not run with tamper protection on
2023-02-14T11:42:59.745Z 3996 ERROR : An error occurred. See log file for errors
2023-02-14T11:45:07.128Z 1844 INFO : ==== Started C:\\Users\\Wana.Roehrig\\AppData\\Local\\Temp\\SophosZap-839256559\\SophosZapHelper.exe ====
2023-02-14T11:45:07.128Z 1844 INFO : Running version 1.5.72.0
2023-02-14T11:45:07.128Z 1844 INFO : Parent process ID: 1856
2023-02-14T11:45:07.128Z 1844 INFO : Running SophosZap functionality on x64 bit architecture
2023-02-14T11:45:07.128Z 1844 INFO : Intialising COM subsystem.
2023-02-14T11:45:07.128Z 1844 INFO : Performing prerequisite checks.
2023-02-14T11:45:07.128Z 1844 INFO : Checking for presence of incompatible software: Sophos SafeGuard
2023-02-14T11:45:07.128Z 1844 INFO : Checking for presence of incompatible software: AD Sync
2023-02-14T11:45:07.128Z 1844 INFO : Checking for presence of incompatible software: SAV NetApp
2023-02-14T11:45:07.128Z 1844 INFO : Checking for presence of incompatible software: Sophos PureMessage for Exchange
2023-02-14T11:45:07.128Z 1844 INFO : Checking for presence of incompatible software: Sophos for Microsoft SharePoint
2023-02-14T11:45:07.128Z 1844 INFO : Checking for presence of incompatible software: SAVDI
2023-02-14T11:45:07.128Z 1844 INFO : Checking for presence of incompatible software: Sophos Enterprise Console
2023-02-14T11:45:07.128Z 1844 INFO : Checking for presence of incompatible software: Sophos Transparent Authentication Suite
2023-02-14T11:45:07.128Z 1844 INFO : Checking for presence of incompatible software: Sophos IPsec Client
2023-02-14T11:45:07.128Z 1844 INFO : Checking for presence of incompatible software: Sophos Connect
2023-02-14T11:45:07.128Z 1844 INFO : Checking for presence of incompatible software: Sophos Connect Admin
2023-02-14T11:45:07.128Z 1844 INFO : Checking for presence of incompatible software: Sophos Update Manager
2023-02-14T11:45:07.128Z 1844 INFO : Checking for presence of incompatible software: Invincea
2023-02-14T11:45:07.128Z 1844 INFO : Checking for presence of incompatible software: Sophos Network Access Control
2023-02-14T11:45:07.128Z 1844 INFO : Checking for presence of incompatible RMS Server
2023-02-14T11:45:07.128Z 1844 INFO : Sophos Endpoint Defense is installed.
2023-02-14T11:45:07.128Z 1844 INFO : Value 'SEDEnabled' under key 'SYSTEM\\CurrentControlSet\\services\\Sophos Endpoint Defense\\TamperProtection\\Config' is not set or set to 0.
2023-02-14T11:45:07.128Z 1844 INFO : Not tamper-protected by SED.
2023-02-14T11:45:07.128Z 1844 INFO : Sophos Endpoint Defense is installed.
2023-02-14T11:45:07.128Z 1844 INFO : Value 'IgnoreSAV' under key 'SYSTEM\\CurrentControlSet\\services\\Sophos Endpoint Defense\\TamperProtection\\Config' is not set or set to 0.
2023-02-14T11:45:07.128Z 1844 INFO : Value 'Enabled' under key :'Software\\Sophos\\SavService\\TamperProtection' is set to 1.
2023-02-14T11:45:07.128Z 1844 INFO : SAV Tamper Protection is in effect.
2023-02-14T11:45:07.128Z 1844 ERROR : SophosZap does not run with tamper protection on
2023-02-14T11:45:07.128Z 1844 INFO : Outcome error flag: 1
2023-02-14T11:45:07.128Z 1844 INFO : Outcome reboot required: 0
2023-02-14T11:45:07.128Z 1844 INFO : Summary of errors, see above for details:
2023-02-14T11:45:07.128Z 1844 INFO : Failure reason: SophosZap does not run with tamper protection on
2023-02-14T11:45:07.128Z 1844 ERROR : An error occurred. See log file for errors


This thread was automatically locked due to age.
Parents
  • Entweder den Registry-Wert ändern:

    Value 'IgnoreSAV' under key 'SYSTEM\\CurrentControlSet\\services\\Sophos Endpoint Defense\\TamperProtection\\Config' is not set or set to 0.

    oder diesen hier:

    2023-02-14T11:45:07.128Z 1844 INFO : Value 'Enabled' under key :'Software\\Sophos\\SavService\\TamperProtection' is set to 1.

    Sollte im abgesicherten Modus funktionieren.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

Reply
  • Entweder den Registry-Wert ändern:

    Value 'IgnoreSAV' under key 'SYSTEM\\CurrentControlSet\\services\\Sophos Endpoint Defense\\TamperProtection\\Config' is not set or set to 0.

    oder diesen hier:

    2023-02-14T11:45:07.128Z 1844 INFO : Value 'Enabled' under key :'Software\\Sophos\\SavService\\TamperProtection' is set to 1.

    Sollte im abgesicherten Modus funktionieren.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

Children
No Data