Sophos Access Point Stuck on Updating Firmware
i. Goal of the commodity
As you know to remove Sophos Endpoint software we need to have Tamper Protection password or disable Tamper Protection on Sophos Central for that estimator.
So what if we accidentally delete that device on Sophos Primal, at this indicate we will not be able to get the Tamper Protection password or turn it off.
Through this article, techbast will guide you how to uninstall Sophos Endpoint when encountering the above cases.
two. Configuration scenarios
We will fix 2 computers running Windows 10 with Sophos Endpoint installed, DESKTOP-6C2AIT6 and PC01.
We then delete the device from Sophos Central as well. And perform uninstall Sophos Endpoint on those 2 computers.
We will take 2 ways to remove, the start is to remove with Recover Tamper Protection password and the 2nd way is to enter Safe Mode to remove.
Method 1 will be done on PC01 and method 2 will be washed on computer DESKTOP-6C2AIT6.
3. Configuration
3.1 Remove Sophos Endpoint by Recover Tamper Protection password
Recover Tamper Protection password is a very user-friendly piddling feature of Sophos that will save Tamper Protection passwords of deleted devices or we accidentally delete them.
Also note that Recover Tamper Protection password will but relieve passwords for 60 days from the date of deletion.
To perform the kickoff step we need to remove PC01 from Sophos Central.
To delete login to Sophos Key with admin account> Device> select PC01> printing Delete twice.
After deleting the device, the deleted device will be saved in the Recover Tamper Protection password.
Become to Logs & Reports > Report > Endpoint & Server Protection > Recover Tamper Protection passwords.
Afterward entering we will see the PC01 device that nosotros just deleted, to get dorsum Tamper Protection for this device we click on View password details it will display we merely need to copy this password.
Side by side, log on to PC01, double click on the Sophos icon on the clock side of the computer.
Sophos panel appears, click on Admin sign-in.
Enter the countersign you simply copied into the box and click Admin sign-in.
Later on logging in, click on Settings> bank check Override Sophos Central Policy for up to iv hours to troubleshoot> left click on the switch next to Tamper Protection to disable this feature.
In one case turned off, go to Command Panel> Programs> Programs and Features> correct click on Sophos Endpoint Amanuensis> select Uninstall to uninstall.
Side by side select Uninstall to uninstall Sophos Endpoint Agent.
Await most five minutes for the uninstallation to complete.
Later successful uninstallation, click Close and the calculator will automatically restart.
3.2 Uninstall using Condom Mode on Windows.
This uninstall method is only used when yous accidentally erase the device on Sophos Cardinal and information technology is no longer saved on the Recover Tamper Protection password because you take left it for more 60 days from the date of deletion.
To exercise this you demand to access Safe Manner on Windows.
I will do this on the DESKTOP-6C2AIT6 reckoner
You lot can perform into Rubber Mode by Restart your computer and press F8 or Shift + F8.
At that place is also a way for you lot to enter Safe Mode as follows.
In the Windows search box, blazon System Configuration and turn it on.
Switch to the Boot tab in the Boot Choice section, select Safe Mode Minimal and click OK to save and click Restart to kicking into Rubber fashion.
This is the screen for Safe Manner.
Next in the Windows search box blazon services.msc and open it up.
Observe the Sophos Anti-Virus service and select Properties.
Select Disable at Startup type and click OK
Next, nosotros type in the search box regedit.exe and turn information technology on.
Go to the path
HKEY_LOCAL_MACHINE \ Arrangement \ CurrentControlSet \ Services \ Sophos MCS Agent
and set the value of Commencement to 0x00000004
Adjacent go to
HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Services \ Sophos Endpoint Defense \ TamperProtection \ Config
and set
SAVEnabled
and
SEDEnabled
to 0.
Next nosotros demand to set the value of
Enable
to 0 according to the post-obit path:
32 bit : HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\SAVService\TamperProtection
64 bit : HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Sophos\SAVService\TamperProtection
Here we will configure the 64 fleck path used by Windows ten is 64 chip.
After the configuration is consummate, Tamper Protection will be turned off after nosotros restart the computer in normal mode.
For machines using the F8 or Shift + F8 central combination we only need to Restart the machine while for machines entering Safety Mode using System Configuration like techbast just to a higher place we will type System Configuration in the search box.
On the Boot tab, we will uncheck Condom Mode under Boot options.
Click OK and Restart to restart the computer.
Later restarting the estimator in normal mode we can remove Sophos Endpoint because Tamper Protection is disabled.
To uninstall go to Control Panel> Programs> Programs and Features> right click on Sophos Endpoint Agent> select Uninstall to uninstall.
Next select Uninstall to uninstall Sophos Endpoint Amanuensis.
Look about 5 minutes for the uninstallation to complete.
Afterward successful uninstallation, click Close and the calculator volition automatically restart.
