Team,Thanks for the valuable information
VERY good point. We sometimes assume that people in this forum all all SEP administrators. However, there can be plain old end users in here looking for ways to circumvent their company's SEP policies. Where I am here, the users cannot modify the SEP 12.1 registry even if they are a system administrator and they can't do anything to remove or disable SEP as we have Tamper Protection on.
I caught an executive that has administrator capabilities trying to disable SEP but he failed and it was logged. The correct answer should be to tell them to contact the SEP administrator or to use cleanwipe if they are allowed to receive it. For temporary disable, the administrator should be able to move them into a group with tamper protection turned off. Very RARELY does this need to be done.
This looks like a configuration vulnerabilty. This can be preveneted by using the default Application and Device control policy >> Protect client files and regisry keys. With this any access / modifcation to Symantec's registry can be prevented.
I beleive I have a trail version that was left on my machines that I need to remove.
I tried to go into hkey path you showed, only to find a SMC_exit_test
instead of removing, I added xxx to the front of the two key names to devalue them. went to uninstall programs and it is still asking for a password..?
any other ideas?
you can use Cleanwipe removal tool to uninstall SEP.
Please call Tech support to get Cleanwipe tool
Regional Support Telephone Numbers:
United States: https://support.broadcom.com (407-357-7600 from outside the United States) Australia: 1300 365510 (+61 2 8220 7111 from outside Australia) United Kingdom: +44 (0) 870 606 6000 Additional contact numbers: http://www.symantec.com/business/support/contact_techsupp_static.jsp
Does this apply to SEP 12.1 too?
try the default one it should be symantec
I deleted symantec antivirus a while ago, but now I can't install another antivirus program because it asks me to remove symantec. When I try to remove it in "add/remove programs" a message prompts: "The installation source for this product is not available. Verify that the source exist and that you can access it."
In "search" option I can't find symantec on my computer, but still can't install another antivirus becouse of it.
I tried smc-stop in run I saw abowe, but it say "windows cannot find "smc-stop".
Wat is wrong with it?
can you please give give the uninstall password
Thank you. I will script this out and add this...
msiexec.exe /norestart /x{insert product code here} REMOVE=ALL /qn
... and move on with my day.
No, symantec endpoint encryption and sep can work together.
Do I need uninstall the SEP client older version before upgrade the SEE to latest version?
Nice Finding.
Excellent Work...
Hello Rafeeq,
What we can do If the password in place and also we have removed SEPM and donno the password?
How could we stop the service of SMC without deleting smcexist entry?
thanks for the info!
from your script
you first need to delete the key smcexist
then try the smc -stop
that wil do
Nice finding
I dont want to uninstall i need to just disable without prompting password , is that possible