How to recover a sophos tamper protected system

This tip applies to Sophos Security admins or anyone managing a Sophos security service or feature such as Sophos Antivirus available at Sophos home or Central. Sophos Home is a business grade cybersecurity and is available to every Zambian home users for free.

If you do not have access to Sophos Central the following steps can be used. To recover a tamper protected system, you must disable Enhanced Tamper Protection.

The following procedure will work:

  1. Boot the system into Safe Mode.
    Click Start > Run > type services.msc > right-click Sophos Anti-Virus service > Properties > set the Startup type to Disabled > then click OK.
    Click Start > Run > type regedit and then click OK.
  2. Go to the following location in the registry editor:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sophos MCS Agent and set the REG_DWORD Start to 0x00000004.
  3. Go to the following location in the registry editor:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sophos Endpoint Defense\TamperProtection\Config and set the following REG_DWORD values SAVEnabled and SEDEnabled to 0 .
  4. Go to the following location in the registry editor:
    HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Sophos\SAVService\TamperProtection and set the REG_DWORD Enabled to 0.
  5. Reboot the system in normal mode.

 

Enhanced Tamper Protection is now disabled and you should now be able to access the system and make the necessary changes desired.

 

Feedback

If you have tips and suggestions don’t hesitate to contact me

9

Design

9.0/10

Feel and Look

9.0/10

Performance

9.0/10

Ease of Use

9.0/10

Relevancy

9.0/10

Post Author: Funashi Mwamba

Funashi Mwamba is a Blogger and Founder at Lensesview. Other blogging activities include the profiled https://zedsoccer.com and askzambiajobs.com Mainly the social media presence is @funashi on twitter and https://www.facebook.com/funashi.mwamba. Am interested in Internet Security, Mobile gadgets and hobbies include photography and football. Online presence and achievements include been a mentor at Coursera and been a Utester

Invitation to Zambians. Do you have a contribution to make for your Zambian audience? Kindly leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.