Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 3 subscribers
  • Views 2778 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Endpoint keeps re-enabling UAC

Jeff x
Is there a way to keep Endpoint from re-enabling UAC and changing other settings? Whenever Endpoint has a false positive, it turns UAC on even though I have it turned off.
 
From the log:
...
[SIZE=2]20140505 161719 Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System[U]EnableLUA[/U]" belongs to virus/spyware 'Mal/Generic-L'.
20140505 161719 Registry value "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin" belongs to virus/spyware 'Mal/Generic-L'.
...[/SIZE]


This thread was automatically locked due to age.
  • 0
    Is this UTM Endpoint, or the standalone (Managed with Sophos Enterprise Console) Endpoint?  If the latter, you are in the wrong site, please go to SophosTalk community - SophosTalk community 

    Also, I highly recommend that you just start a support case directly with Sophos Support, they are your best bet in solving this issue.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to BrucekConvergent
    It's UTM Endpoint.

    --------------------------------------------------------------------
    Sophos UTM 9.714-4 - Home User
    Currently testing VM on i3-9100 @ 3.60 GHz
    16 GB RAM
    Dell Optiplex XE
    Intel Core 2 Duo CPU E8600 @ 3.33GHz
    8GB RAM
    --------------------------------------------------------------------

  • 0 in reply to Jeff x
    Given the nature of your issue (I've not seen it before, and have quite a few customers running UTM Endpoint) I would recommend starting a support case with Sophos if you have a commercial license (appliance or software license) -- while Sophos staff members do parse this forum on occasion, it's not the best place to get support, as they don't officially start support cases via postings from this forum.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0
    I'm using the "home" version and the issue I posted is by design. I just need to know how to exclude the the registry entries that are created when UCA is turned off.

    --------------------------------------------------------------------
    Sophos UTM 9.714-4 - Home User
    Currently testing VM on i3-9100 @ 3.60 GHz
    16 GB RAM
    Dell Optiplex XE
    Intel Core 2 Duo CPU E8600 @ 3.33GHz
    8GB RAM
    --------------------------------------------------------------------

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?