Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
cd /Library/Preferences
sudo rm com.sophos.sav.plist

cd /Library/Application\ Support/Sophos/cloud/Installer.app/Contents/MacOS/tools/
sudo ./InstallationDeployer —force_remove
@robertwatts
Copy link

robertwatts commented Nov 1, 2016

Thanks for this - there's a typo in —force_remove instead it should be --force_remove

@CzechJiri
Copy link

CzechJiri commented May 14, 2017

for me the Installer.app was in /Applications/Remove Sophos Endpoint.app/Contents/MacOS/tools/ otherwise did the trick!

@AndyDangerous
Copy link

AndyDangerous commented May 18, 2017

Thanks from me as well! With my version of Sophos (9.5.5), the tool was in

/Library/Application\ Support/Sophos/opm/Installer.app/Contents/MacOS/tools/

@kamikazeePilot
Copy link

kamikazeePilot commented May 22, 2017

You are a saint. Worked perfectly.

@scottgai
Copy link

scottgai commented May 29, 2017

Worked perfectly for me as well! Thanks a lot!
cd /Applications/Remove Sophos Endpoint.app/Contents/MacOS/tools
sudo ./InstallationDeployer --force_remove

@GarethOates
Copy link

GarethOates commented May 31, 2017

Worked a treat! Thanks a lot!

@nirco123
Copy link

nirco123 commented Jun 14, 2017

worked. thanks

@chogarcia
Copy link

chogarcia commented Jun 17, 2017

thank you very much you all

@sbokorna
Copy link

sbokorna commented Oct 11, 2017

You are the real MVP, perfect

@giezi
Copy link

giezi commented Nov 6, 2017

Sophos Cloud, force removal:

  1. cd /Library/Preferences
    sudo rm com.sophos.sav.plist

  2. sudo /Library/Application\ Support/Sophos/saas/Installer.app/Contents/MacOS/tools/InstallationDeployer --force_remove

@fernandezVijay
Copy link

fernandezVijay commented Apr 23, 2018

Can we delete Sophos cloud without users typing the credentials?

@varera65
Copy link

varera65 commented May 12, 2018

This technique does not work for Sophos 9.7.4 on Mac. Even after deleting plist, the removal fails. Any workaround?

@danforstinger-youi
Copy link

danforstinger-youi commented May 17, 2018

also looking for a work around, I get tamper protection check failed.

@Astaroth808
Copy link

Astaroth808 commented May 22, 2018

I was able to do it, information was provided by Aditya Patel from Sophos:
"Workaround: you can completely remove the Sophos Anti-Virus software from a Mac endpoint by removing the following files and directories. Obviously it will require admin / sudo permissions, and obviously, you should be quite careful as to not remove other things. here is the list:
/Library/Sophos Anti-Virus/
/Library/Application Support/Sophos/
/Library/Preferences/com.sophos.*
/Library/LaunchDaemons/com.sophos.*
/Library/LaunchAgents/com.sophos.*
/Library/Extensions/Sophos*
/Library/Caches/com.sophos.*
"
the syntax I used was sudo rm -R /Library/see above list

@savi317
Copy link

savi317 commented May 31, 2018

@Astaroth808 i tried what you mention but i keep getting:
rm: illegal option -- /
usage: rm [-f | -i] [-dPRrvW] file ...
unlink file

Any other ideas? Sophos might possibly be the most annoying freaking program out there.
Thanks.

@Terekness
Copy link

Terekness commented Jun 12, 2018

@Astaroth808 Perfect, worked for me, thanks a lot!

@averageba
Copy link

averageba commented Jun 17, 2018

After trying all of these suggestions, I realized that the tamper protection password is automatically set for everyone. If you find the email you registered with then you can log on at https://central.sophos.com/manage/login via a reset password if needed. The tamper protection password is found in the device information on the dashboard. (I made an account on GitHub just to comment this. That's how frustrated this program made me.)

@bobbycooke
Copy link

bobbycooke commented Jul 3, 2018

  1. Open terminal
    'command + spacebar' search for "terminal"
  2. vi kill_sophos
  3. Copy text below, right-click on terminal window and select 'Paste':
    #!/bin/bash
    sudo rm -R /Library/Sophos\ Anti-Virus/
    sudo rm -R /Library/Application\ Support/Sophos/
    sudo rm -R /Library/Preferences/com.sophos.*
    sudo rm /Library/LaunchDaemons/com.sophos.*
    sudo rm /Library/LaunchAgents/com.sophos.*
    sudo rm -R /Library/Extensions/Sophos*
    sudo rm -R /Library/Caches/com.sophos.*
  4. Press 'Esc' on your keyboard
  5. Enter ' :wq' and press return
    ( Colon W Q Enter)
  6. sudo chmod +x kill_sophos
  7. Enter local mac password
  8. run script by entering below on terminal
    ./kill_sophos
  9. enter password and watch everything die
  10. Open Finder and go to 'Applications'
  11. click Remove Sophos Endpoint
  12. It will now let you remove Sophos Endpoint without the tamper protection password
  13. Rejoice
  • Thank you for all the help. It's been rough lol.

@billflu
Copy link

billflu commented Jul 11, 2018

Here's the latest Sophos Cloud removal:
cd /Library/Preferences
sudo rm -r com.sophos.*
sudo /Library/Application\ Support/Sophos/saas/Installer.app/Contents/MacOS/tools/InstallationDeployer --force_remove

@marcorieser
Copy link

marcorieser commented Jul 12, 2018

Thanks to @bobbycooke, this worked for me like a charm.

@nnnikolay
Copy link

nnnikolay commented Aug 29, 2018

Thanks @bobbycooke it really works! you saved my day 👍

@PaulC2018
Copy link

PaulC2018 commented Sep 7, 2018

Thanks @boobycooke. That the last time I test software deployments outside of a VM

@markkauffman2000
Copy link

markkauffman2000 commented Oct 5, 2018

Perfect work @bobbycooke! Works as of 2018.10.05 to remove the Sophos virus.

@alexwald
Copy link

alexwald commented Oct 17, 2018

Tamper protection check failed. Exiting.
The removal failed.

any suggestions?

@speedoholic
Copy link

speedoholic commented Oct 21, 2018

  1. Open terminal
    'command + spacebar' search for "terminal"
  2. vi kill_sophos
  3. Copy text below, right-click on terminal window and select 'Paste':
    #!/bin/bash
    sudo rm -R /Library/Sophos\ Anti-Virus/
    sudo rm -R /Library/Application\ Support/Sophos/
    sudo rm -R /Library/Preferences/com.sophos.*
    sudo rm /Library/LaunchDaemons/com.sophos.*
    sudo rm /Library/LaunchAgents/com.sophos.*
    sudo rm -R /Library/Extensions/Sophos*
    sudo rm -R /Library/Caches/com.sophos.*
  4. Press 'Esc' on your keyboard
  5. Enter ' :wq' and press return
    ( Colon W Q Enter)
  6. sudo chmod +x kill_sophos
  7. Enter local mac password
  8. run script by entering below on terminal
    ./kill_sophos
  9. enter password and watch everything die
  10. Open Finder and go to 'Applications'
  11. click Remove Sophos Endpoint
  12. It will now let you remove Sophos Endpoint without the tamper protection password
  13. Rejoice
  • Thank you for all the help. It's been rough lol.

@alexwald: The above steps shared by @boobycooke worked for me just now. You can first go to your documents folder or desktop to create the mentioned kill_sophos file via terminal.

@jauling
Copy link

jauling commented Dec 24, 2018

@speedoholic, you can add /Library/Sophos\ SafeGuard\ DE/ to your list too

@dfrankel1
Copy link

dfrankel1 commented Dec 28, 2018

Can someone walk me through the steps on how to access the cd/Library preferences

@jadsp
Copy link

jadsp commented Jan 23, 2019

just go to finder on Go Menu, Go to folder, or type shift+command+G. On this option you just type the /Library. Additionally, to completely erase the software, I had to manually remove some files on /Library/Sophos.. and /Library/Application Support

@jungleerohan
Copy link

jungleerohan commented Mar 9, 2019

6. chmod +x kill_sophos

WORKED. Thanks !!

@borel
Copy link

borel commented Apr 24, 2019

tPerfect work @bobbycooke!

@LexJackson
Copy link

LexJackson commented May 15, 2019

The @bobbycooke solution worked perfectly as of 5/15. In my case the install did not include InstallationDeployer and thus the --force_remove option wasn't viable. Super satisfying to click the Remove Sophos Endpoint App and see it complete. THANK YOU!

@Zack-Weinstein
Copy link

Zack-Weinstein commented Jun 11, 2019

My installer was at the following location:
/Library/Application\ Support/Sophos/saas/Installer.app/Contents/MacOS/tools/

@ifrantar
Copy link

ifrantar commented Jul 4, 2019

Thank you @bobbycooke!

@sagarbaver
Copy link

sagarbaver commented Jul 21, 2019

I can verify that the solution provided by @bobbycooke works as of 21st July 2019.

@sebecjeanluc
Copy link

sebecjeanluc commented Aug 16, 2019

Thanks @bobbycooke ! it worked! just now!

@diegofrabasa
Copy link

diegofrabasa commented Aug 17, 2019

Thanks @bobbycooke!!!!!! awesome!

@TonyTromp
Copy link

TonyTromp commented Nov 8, 2019

you guys saved my day !! Thanks!

@mejiagarcia
Copy link

mejiagarcia commented Nov 20, 2019

thank you @bobbycooke!!!

@steve-estes
Copy link

steve-estes commented Dec 9, 2019

Early christmas present! Worked like a charm, especially after the --force_remove option didn't force squat.

@gtoroap
Copy link

gtoroap commented Dec 12, 2019

Thank you @bobbycooke. It worked like a charm

@stoltenhoff
Copy link

stoltenhoff commented Dec 30, 2019

thank you! it worked today :-)

@red17electro
Copy link

red17electro commented Jan 10, 2020

  1. Open terminal
    'command + spacebar' search for "terminal"
  2. vi kill_sophos
  3. Copy text below, right-click on terminal window and select 'Paste':
    #!/bin/bash
    sudo rm -R /Library/Sophos\ Anti-Virus/
    sudo rm -R /Library/Application\ Support/Sophos/
    sudo rm -R /Library/Preferences/com.sophos.*
    sudo rm /Library/LaunchDaemons/com.sophos.*
    sudo rm /Library/LaunchAgents/com.sophos.*
    sudo rm -R /Library/Extensions/Sophos*
    sudo rm -R /Library/Caches/com.sophos.*
  4. Press 'Esc' on your keyboard
  5. Enter ' :wq' and press return
    ( Colon W Q Enter)
  6. sudo chmod +x kill_sophos
  7. Enter local mac password
  8. run script by entering below on terminal
    ./kill_sophos
  9. enter password and watch everything die
  10. Open Finder and go to 'Applications'
  11. click Remove Sophos Endpoint
  12. It will now let you remove Sophos Endpoint without the tamper protection password
  13. Rejoice
  • Thank you for all the help. It's been rough lol.

thank you !! :)

@Kinanswer
Copy link

Kinanswer commented Jan 31, 2020

  1. Open terminal
    'command + spacebar' search for "terminal"
  2. vi kill_sophos
  3. Copy text below, right-click on terminal window and select 'Paste':
    #!/bin/bash
    sudo rm -R /Library/Sophos\ Anti-Virus/
    sudo rm -R /Library/Application\ Support/Sophos/
    sudo rm -R /Library/Preferences/com.sophos.*
    sudo rm /Library/LaunchDaemons/com.sophos.*
    sudo rm /Library/LaunchAgents/com.sophos.*
    sudo rm -R /Library/Extensions/Sophos*
    sudo rm -R /Library/Caches/com.sophos.*
  4. Press 'Esc' on your keyboard
  5. Enter ' :wq' and press return
    ( Colon W Q Enter)
  6. sudo chmod +x kill_sophos
  7. Enter local mac password
  8. run script by entering below on terminal
    ./kill_sophos
  9. enter password and watch everything die
  10. Open Finder and go to 'Applications'
  11. click Remove Sophos Endpoint
  12. It will now let you remove Sophos Endpoint without the tamper protection password
  13. Rejoice
  • Thank you for all the help. It's been rough lol.

Worked for me! Thanks for your help.

@proc0
Copy link

proc0 commented Feb 15, 2020

Amazing, literally none of app cleaner/removers for mac work with Sophos but this command does (so far, praying Sophos doesn't revive). Here it is in one command:

\cd /Library/Preferences && ls -la | grep sophos | awk '{print $9}' | xargs sudo rm && cd ../Application\ Support/Sophos/opm/Installer.app/Contents/MacOS/tools/ && sudo ./InstallationDeployer --force_remove

NOTE: InstallationDeployer was in a folder called "opm" not "cloud", double check this path in your machine.

@iahmedbacha
Copy link

iahmedbacha commented Mar 1, 2020

Thank you @bobbycooke !

@adallaserra
Copy link

adallaserra commented Mar 31, 2020

I'm on step 13 of @bobbycooke's instructions and MAN am I happy right now. Took me months to finally get this done! Bobby, you are the MAN!

@Mark-Em
Copy link

Mark-Em commented Mar 31, 2020

I signed up for GitHub just so that I could thank @bobbycooke.
Only change I made was to call it die_sophos_die, which was more cathartic.

@ammriver
Copy link

ammriver commented Apr 9, 2020

I signed up for GitHub just so that I could thank @bobbycooke.
Only change I made was to call it die_sophos_die, which was more cathartic.

Me too @bobbycooke you're the man

@patimages
Copy link

patimages commented Apr 9, 2020

fantastic !!!

@dncaowei
Copy link

dncaowei commented May 18, 2020

Thanks @bobbycooke ,You are the right way

@angela-lynn
Copy link

angela-lynn commented May 26, 2020

@bobbycooke today you have made my world just that much brighter. THANK YOU

@toonsend
Copy link

toonsend commented Jun 15, 2020

@bobbycooke, I declare the 3rd of July Bobby Cooke day!

@piyushst
Copy link

piyushst commented Jun 29, 2020

@Astaroth808 i tried what you mention but i keep getting:
rm: illegal option -- /
usage: rm [-f | -i] [-dPRrvW] file ...
unlink file

Any other ideas? Sophos might possibly be the most annoying freaking program out there.
Thanks.

rm -rf

@vinod827
Copy link

vinod827 commented Jul 7, 2020

Open terminal
'command + spacebar' search for "terminal"
vi kill_sophos
Copy text below, right-click on terminal window and select 'Paste':
#!/bin/bash
sudo rm -R /Library/Sophos\ Anti-Virus/
sudo rm -R /Library/Application\ Support/Sophos/
sudo rm -R /Library/Preferences/com.sophos.*
sudo rm /Library/LaunchDaemons/com.sophos.*
sudo rm /Library/LaunchAgents/com.sophos.*
sudo rm -R /Library/Extensions/Sophos*
sudo rm -R /Library/Caches/com.sophos.*
Press 'Esc' on your keyboard
Enter ' :wq' and press return
( Colon W Q Enter)
sudo chmod +x kill_sophos
Enter local mac password
run script by entering below on terminal
./kill_sophos
enter password and watch everything die
Open Finder and go to 'Applications'
click Remove Sophos Endpoint
It will now let you remove Sophos Endpoint without the tamper protection password
Rejoice
Thank you for all the help. It's been rough lol

It worked like a charm, thanks

@fuze-mlambert
Copy link

fuze-mlambert commented Jul 14, 2020

Open terminal

enter the following 3 commands (one at a time) -- enter password where prompted.
sudo rm -R /Library/Sophos\ Anti-Virus/
sudo rm -R /Library/Preferences/com.sophos.*
sudo /Library/Application\ Support/Sophos/saas/Installer.app/Contents/MacOS/tools/InstallationDeployer --remove

Sophos will uninstall.

NOTE: Some for some installations replace /saas/ with /cloud/ or /opm/

@thomaslachowsky
Copy link

thomaslachowsky commented Aug 23, 2020

Note: For clarity, I put my comments in parentheses () and my Terminal commands in quotation marks ""

Open terminal
'command + spacebar' search for "terminal"
vi kill_sophos
(Hit Enter/Return after typing the above line. This creates a VI and names it "kill_sophos".)
Copy text below (Starting with "#!/bin/bash" and ending with "sudo rm -R /Library/Caches/com.sophos.*"), right-click on terminal window and select 'Paste': (It doesn't matter where in the window you paste it, it will end up in the same place. Make sure the text you pasted appears exactly as it looks below.)

#!/bin/bash
sudo rm -R /Library/Sophos\ Anti-Virus/
sudo rm -R /Library/Application\ Support/Sophos/
sudo rm -R /Library/Preferences/com.sophos.*
sudo rm /Library/LaunchDaemons/com.sophos.*
sudo rm /Library/LaunchAgents/com.sophos.*
sudo rm -R /Library/Extensions/Sophos*
sudo rm -R /Library/Caches/com.sophos.*

Press 'Esc' on your keyboard
Enter ' :wq' and press return
( Colon W Q Enter)
sudo chmod +x kill_sophos
Enter local mac password
run script by entering below on terminal
./kill_sophos
enter password and watch everything die (I found this extremely satisfying)
Open Finder and go to 'Applications'
click Remove Sophos Endpoint
It will now let you remove Sophos Endpoint without the tamper protection password
Rejoice
Thank you for all the help. It's been rough lol

It worked like a charm, thanks

Thank you, the "VI" method successfully removed the accursed anti-virus software that was preventing me from using Boot Camp, and at last I am looking at a Windows logo on my mac thanks to you!

For those desperate souls at their wits' end stumbling across this thread in the year 2020 who have no idea what a "VI" is or how to use it (like me), the University of Washington has this short and very helpful guide:

https://www.washington.edu/computing/unix/vi.html

@saxonomy
Copy link

saxonomy commented Oct 17, 2020

After too much time searching the web for a solution...
thomaslachowsky's version of vinod827's solution worked like a CHARM for me!
Thanks a lot to you both!

@lucyharlow
Copy link

lucyharlow commented Feb 2, 2021

Open terminal

enter the following 3 commands (one at a time) -- enter password where prompted.
sudo rm -R /Library/Sophos\ Anti-Virus/
sudo rm -R /Library/Preferences/com.sophos.*
sudo /Library/Application\ Support/Sophos/saas/Installer.app/Contents/MacOS/tools/InstallationDeployer --remove

Sophos will uninstall.

NOTE: Some for some installations replace /saas/ with /cloud/ or /opm/

@fuze-mlambert this worked great for me. Thank you so much!

@zed-0xff
Copy link

zed-0xff commented Feb 4, 2021

👆 worked for me too, thanks!

@DBerke
Copy link

DBerke commented Feb 11, 2021

Thanks @bobbycooke! A real life-saver. Below you can see the exact moment where I was finally able to rid my machine of this pest.
image

@IAmKio
Copy link

IAmKio commented Feb 15, 2021

@bobbycooke i owe you a beer!

@petestanley
Copy link

petestanley commented Mar 29, 2021

Cheers folks. Through the following into our MDM platform and managed to remove Sophos Endpoint 9.6 & 9.8 across ~35 devices that had lost contact with Sophos Central and fell out of management:

#!/bin/bashrm /Library/Sophos\ Anti-Virus/ rm /Library/Preferences/com.sophos.* /Library/Application\ Support/Sophos/saas/Installer.app/Contents/MacOS/tools/InstallationDeployer --remove

@abhaya-kudo
Copy link

abhaya-kudo commented Mar 31, 2021

Cheers folks. Through the following into our MDM platform and managed to remove Sophos Endpoint 9.6 & 9.8 across ~35 devices that had lost contact with Sophos Central and fell out of management:

#!/bin/bashrm /Library/Sophos\ Anti-Virus/ rm /Library/Preferences/com.sophos.* /Library/Application\ Support/Sophos/saas/Installer.app/Contents/MacOS/tools/InstallationDeployer --remove

👍

@Hermsi1337
Copy link

Hermsi1337 commented Apr 7, 2021

Open terminal
enter the following 3 commands (one at a time) -- enter password where prompted.
sudo rm -R /Library/Sophos\ Anti-Virus/
sudo rm -R /Library/Preferences/com.sophos.*
sudo /Library/Application\ Support/Sophos/saas/Installer.app/Contents/MacOS/tools/InstallationDeployer --remove
Sophos will uninstall.
NOTE: Some for some installations replace /saas/ with /cloud/ or /opm/

@fuze-mlambert this worked great for me. Thank you so much!

Worked for me with Sophos Endpoint 10.x

@NeutralKaon
Copy link

NeutralKaon commented Apr 14, 2021

Open terminal
enter the following 3 commands (one at a time) -- enter password where prompted.
sudo rm -R /Library/Sophos\ Anti-Virus/
sudo rm -R /Library/Preferences/com.sophos.*
sudo /Library/Application\ Support/Sophos/saas/Installer.app/Contents/MacOS/tools/InstallationDeployer --remove
Sophos will uninstall.
NOTE: Some for some installations replace /saas/ with /cloud/ or /opm/

@fuze-mlambert this worked great for me. Thank you so much!

Worked for me with Sophos Endpoint 10.x

Indeed – still good. Thanks!

@velatgms
Copy link

velatgms commented Apr 20, 2021

Open terminal

enter the following 3 commands (one at a time) -- enter password where prompted.
sudo rm -R /Library/Sophos\ Anti-Virus/
sudo rm -R /Library/Preferences/com.sophos.*
sudo /Library/Application\ Support/Sophos/saas/Installer.app/Contents/MacOS/tools/InstallationDeployer --remove

Sophos will uninstall.

NOTE: Some for some installations replace /saas/ with /cloud/ or /opm/

Many thanks!!!

@stoltenhoff
Copy link

stoltenhoff commented Apr 22, 2021

Thanks a lot, you saved me!
By the way: How can i protect myself from the it crowd installing Sophos remotely over and over again?
(We don't talk to each other that much ;-)

@mogoola
Copy link

mogoola commented May 26, 2021

All hail @bobbycooke!!!
Thank you for taking the time to write this out. Your detailed instructions worked for me.

@rjelbert
Copy link

rjelbert commented Jun 1, 2021

Worked for me too, nothing else would work. Thanks!

@VHett
Copy link

VHett commented Jun 13, 2021

@stoltenhoff have a look at profile in system preferences :D

@adil-waqar
Copy link

adil-waqar commented Jun 21, 2021

Any such thing for Windows users?

@VanPaitin
Copy link

VanPaitin commented Jun 28, 2021

I was able to do it, information was provided by Aditya Patel from Sophos:
"Workaround: you can completely remove the Sophos Anti-Virus software from a Mac endpoint by removing the following files and directories. Obviously it will require admin / sudo permissions, and obviously, you should be quite careful as to not remove other things. here is the list:
/Library/Sophos Anti-Virus/
/Library/Application Support/Sophos/
/Library/Preferences/com.sophos.*
/Library/LaunchDaemons/com.sophos.*
/Library/LaunchAgents/com.sophos.*
/Library/Extensions/Sophos*
/Library/Caches/com.sophos.*
"
the syntax I used was sudo rm -R /Library/see above list

Thanks for this Workaround. it saved the day. Don't forget to run the final sudo ./InstallationDeployer --force_remove

@VanPaitin
Copy link

VanPaitin commented Jun 28, 2021

for me the Installer.app was in /Applications/Remove Sophos Endpoint.app/Contents/MacOS/tools/ otherwise did the trick!

This didn't work for me, as the Remove Sophos Endpoint.app directory is now nested under a Sophos directory. So here is what did the trick for me:

/Applications/Sophos/Remove Sophos Endpoint.app/Contents/MacOS/tools/

@jasonseed
Copy link

jasonseed commented Aug 17, 2021

Open terminal
enter the following 3 commands (one at a time) -- enter password where prompted.
sudo rm -R /Library/Sophos\ Anti-Virus/
sudo rm -R /Library/Preferences/com.sophos.*
sudo /Library/Application\ Support/Sophos/saas/Installer.app/Contents/MacOS/tools/InstallationDeployer --remove
Sophos will uninstall.
NOTE: Some for some installations replace /saas/ with /cloud/ or /opm/

@fuze-mlambert this worked great for me. Thank you so much!

Worked for me with Sophos Endpoint 10.x

Indeed – still good. Thanks!

Worked perfectly for me. Thank you! (anyone got a solution for windows machines?)

@feelfree82
Copy link

feelfree82 commented Sep 10, 2021

Thank you @bobbycooke that worked for me!

@merttuncbilek
Copy link

merttuncbilek commented Sep 23, 2021

Thanks sop much!!!

cd /Library/Preferences
sudo rm com.sophos.sav.plist
then open Remove Sophos Endpoint just work for me without tamper protection password.

@chadiso
Copy link

chadiso commented Oct 15, 2021

Open terminal
enter the following 3 commands (one at a time) -- enter password where prompted.
sudo rm -R /Library/Sophos\ Anti-Virus/
sudo rm -R /Library/Preferences/com.sophos.*
sudo /Library/Application\ Support/Sophos/saas/Installer.app/Contents/MacOS/tools/InstallationDeployer --remove
Sophos will uninstall.
NOTE: Some for some installations replace /saas/ with /cloud/ or /opm/

@fuze-mlambert this worked great for me. Thank you so much!

Worked for me with Sophos Endpoint 10.x

Indeed – still good. Thanks!

Worked perfectly for me. Thank you! (anyone got a solution for windows machines?)

Indeed! Works like a charm! Thanks guys! 🙌

@samuaz
Copy link

samuaz commented Oct 21, 2021

The IT guys get a notification o something like that if you do this?

@petestanley
Copy link

petestanley commented Oct 22, 2021

The IT guys get a notification o something like that if you do this?

@samuaz If your IT are any good they will know you've removed it. If you're on a work/school computer, I wouldn't mess around - It's there for a reason. If it's blocking you from working/studying have a discussion with your IT department and go from there. In short, don't remove it unless you're authorized.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment