Endpoint Protection

Hi,
What should we do to uninstall SEP Client 11.0.6
when we do not have the "Uninstall Pass"?

Hello Shadi.A
you can try to cleanwipe program for uninstall without password.

Best Regards.
Fatih

Thank Fatih,
but cleanwipe needs password too...

Try in Safe mode.
stop all Symantec services and delete all Symantec registry.
in
HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection
then use Cleanwipe.

Ok there will a registry key for clear uninstall password. Now i am searching

Best Regards.
Fatih

It wont work on this version.....

Install an unmanaged version over the current managed version.
This will remove the present configuration thus the password will be removed.
Give a try and let us know the result.

For Cleanwipe password is symantec

Use the following to disable password and remove the product.

1. Open the registry
2. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC
3. Change the value for SmcGuiHasPassword from 1 to 0
4. Restart the SMC service

Then uninstall the product

Doesn't work

If that is not working , then try this

When removing Symantec anti virus you often need to supply a  for the uninstall to run. This can be a very big pain if you've forgotten the password or if the original  was done by an  that has long since left. As usual, there is a work around. Here's how to remove SAV without supplying a password:

-  Windows Key + R (This brings up the run dialog box)

- Type regedit and press Enter (This will  the Registry editor)

-  to: HKEY_LOCAL_MACHINE\SOFTWARE\Intel\LANDesk\VirusProtect6\CurrentVersion\AdministratorOnly\Security

- Look for a DWORD  called UseVPUninstallPassword. Once you find it, double  it.

- Change the value of UseVPUninstallPassword to 0 (zero) and click OK

- You may now close the registry.

- Windows Key +R

- Type appwiz.cpl then try to uninstall symantec.

- You may also try cleanwipe.

Dear Farzad,
When I want to install the Unmannaged version, we have three choices: remove,repair,modify
and agian for each action we do need password.

Dear Prachand,
the registry key is already 0, and when change it to 1
after restarting the SMC service the key becomes 0 again
and this will not help.

but I did "Mohammad Altaf Khan" advice:
"Try in Safe mode.
stop all Symantec services and delete all Symantec registry.
in
HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection
then use Cleanwipe."
it seems it does work, but I need to check it on another system and I will inform you..
Thanks all.

Hello,
We are waiting the result. :)

Best Regards.
Fatih

I doubt..

Shadi
Try to execute the Cleanwipe twice.
Maybe works.

It's not correct for all machines,
and we do not have such registry key in many systems!

I tried cleanwipe in safe mode,
and even when we enter pass incorrect we can Uninstall the sep client after two rebooting.
so cleanwipe is OK and it works anyway....

question.
What if the symantec entry in registry is protected? How it will remove?
In our company, we create a policy that protect client registry keys. As you can see the screen shot.

even its protected by SEP it will remove in safe mode.

note safe mode required local administrator account.
 

Meaning, thats the blind spot of SEP.
Thanks. To avoid bypassing the SEP, we should tighten the local administrator account so that no one such as unauthorize or non-IT personnel will do that.