Have loved using Sophos for 2 years now on my MAC but it went sideways about a month ago. Sophos now does not start (stays grey) when I wake my computer. Have updated and restarted several times. Went to preferences and Sophos says the on access scanner is off even though it shows it is on. Changed settings and locked computer but did not help. Tried to uninstall and reinstall but won't let me use the Remove Sophos Endpoint but it tells me uninstall failed.
Really frustrated with a product that has worked so well. Anyone have an idea to help? Thanks!
short answer: SEC does not provide the means for uninstalling.
Longer answer: In theory if you can use Protect Computers you could create an Initial Install Source containing a setup.exe that executes an uninstall script. But then, if you can use Protect you likely can also execute an uninstall script remotely without the help from SEC.
as said, if you can use Protect on (all) your endpoints you likely can use something like psexec.exe or a GPO to run the script. I haven't done it, didn't have the requirement to uninstall. Just once ran an arbitrary program as POC so there's no guarantee it will work. SEC will give you feedback whether it could create and start the task, IIRC you'll eventually get an error anyway as the endpoint is not communicating via Sophos' RMS as SEC expects.
SEC (or rather the endpoint) expects a setup.exe (please note it has to be an .exe) in <Initial Install Source>\CIDs\Snnn\SAVSCFXP\, where Initial Install Source is a share that is accessible like your SophosUpdate share (it could be a subdirectory) and Snnn is the subdirectory associated with the subscription in the updating policy (default is S000). E.g. you specify the Initial Install Source as \\server\SophosUpdate\Uninstall and put the setup.exe in \\server\SophosUpdate\Uninstall\CIDs\S000\SAVSCFXP.
as said, if you can use Protect on (all) your endpoints you likely can use something like psexec.exe or a GPO to run the script. I haven't done it, didn't have the requirement to uninstall. Just once ran an arbitrary program as POC so there's no guarantee it will work. SEC will give you feedback whether it could create and start the task, IIRC you'll eventually get an error anyway as the endpoint is not communicating via Sophos' RMS as SEC expects.
SEC (or rather the endpoint) expects a setup.exe (please note it has to be an .exe) in <Initial Install Source>\CIDs\Snnn\SAVSCFXP\, where Initial Install Source is a share that is accessible like your SophosUpdate share (it could be a subdirectory) and Snnn is the subdirectory associated with the subscription in the updating policy (default is S000). E.g. you specify the Initial Install Source as \\server\SophosUpdate\Uninstall and put the setup.exe in \\server\SophosUpdate\Uninstall\CIDs\S000\SAVSCFXP.
