To uninstall Sophos Endpoint Protection, or install a new copy if you are not
able to disable the tamper protection, follow the directions below
1. If BitLocker is enabled, suspend it. You will need to
boot into safe mode and BitLocker will trigger if it’s not suspended
2. Create a .reg file with the info below, and save it to the desktop
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Sophos\SavService\TamperProtection]
"Enabled"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sophos Endpoint Defense\TamperProtection\Config]
"SAVEnabled"=dword:00000000
"SEDEnabled"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sophos MCS Agent]
"Start"=dword:00000004
3. Restart the computer in Safe Mode
Start>Settings>Update & Security>Recovery>Restart Now (Under the Advanced Startup Section).
Then when the blue screen pops up, click on Troubleshoot>Advanced Options>Startup Settings> Restart
Press number 5 for Safe Mode with Networking
5. Reboot into Windows normally, and then you are able to
uninstall or install over the current Sophos installation.