Endpoint Protection

 View Only

How to Uninstall Symantec Endpoint Client If Uninstall Password is in place 

Nov 09, 2010 07:30 AM


Sometimes its hard to uninstall SEP client if uninstall password is lost or SEPM is down.
In such cases you may follow these steps
Start - Run
type smc -stop ( If it prompts for password; navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC, delete the smcexit key and then type smc -stop)
Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC
look for smcinstdata key; delete it
go to add/remove program and uninstall the client..
I know its simple procedure; but sure will help few :) 

0 Favorited
0 Files

Tags and Keywords


Jul 17, 2017 07:14 AM

Password protected client (!)

Download Process Explorer 

Kill process tree C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1\Bin\ccSvcHst.exe

rename file ccSvcHst.exe to ccSvcHst.exe.OLD 

Check in Services that Symantec Endpoint Protection service is down 

Run CleanWipe tool , can download from https://support.symantec.com/en_US/article.HOWTO74877.html

Reboot and you clear to Reinstall SEP

Good luck 


Jun 07, 2017 04:21 PM

Team,Thanks for the valuable information

Apr 09, 2013 08:05 PM

VERY good point.  We sometimes assume that people in this forum all all SEP administrators.  However, there can be plain old end users in here looking for ways to circumvent their company's SEP policies.  Where I am here, the users cannot modify the SEP 12.1 registry even if they are a system administrator and they can't do anything to remove or disable SEP as we have Tamper Protection on.


I caught an executive that has administrator capabilities trying to disable SEP but he failed and it was logged.  The correct answer should be to tell them to contact the SEP administrator or to use cleanwipe if they are allowed to receive it.  For temporary disable, the administrator should be able to move them into a group with tamper protection turned off.  Very RARELY does this need to be done.

Apr 08, 2013 12:34 PM

This looks like a configuration vulnerabilty. This can be preveneted by using the default Application and Device control policy >> Protect client files and regisry keys. With this any access / modifcation to Symantec's registry can be prevented.

Dec 04, 2012 06:02 PM

I beleive I have a trail version that was left on my machines that I need to remove.

I tried to go into hkey path you showed, only to find a SMC_exit_test

instead of removing, I added xxx to the front of the two key names to devalue them. went to uninstall programs and it is still asking for a password..?

any other ideas?





Apr 22, 2012 07:34 AM

you can use Cleanwipe removal tool to uninstall SEP.

Please call Tech support to get Cleanwipe tool

Regional Support Telephone Numbers:

United States: https://support.broadcom.com (407-357-7600 from outside the United States)
Australia: 1300 365510 (+61 2 8220 7111 from outside Australia)
United Kingdom: +44 (0) 870 606 6000
Additional contact numbers: http://www.symantec.com/business/support/contact_techsupp_static.jsp

Oct 12, 2011 06:42 AM

Does this apply to SEP 12.1 too?

Oct 12, 2011 06:42 AM

try the default one it should be symantec

Oct 07, 2011 02:45 PM

I deleted symantec antivirus a while ago, but now I can't install another antivirus program because it asks me to remove symantec. When I try to remove it in "add/remove programs" a message prompts: "The installation source for this product is not available. Verify that the source exist and that you can access it."

In "search" option I can't find symantec on my computer, but still can't install another antivirus becouse of it.

I tried smc-stop in run I saw abowe, but it say "windows cannot find "smc-stop".

Wat is wrong with it?

Mar 10, 2011 05:08 PM

can you please give give the uninstall password

Jan 26, 2011 04:14 PM

Thank you.  I will script this out and add this...

msiexec.exe /norestart /x{insert product code here} REMOVE=ALL /qn

... and move on with my day.

Dec 29, 2010 02:19 AM

No, symantec endpoint encryption and sep can work together.

Dec 29, 2010 01:33 AM

Do I need uninstall the SEP client older version before upgrade the SEE to latest version?

Dec 28, 2010 07:20 PM

Nice Finding.

Excellent Work...

Dec 28, 2010 01:30 AM

Hello Rafeeq,


What we can do If the password in place and also we have removed SEPM and donno the password?

How could we stop the service of SMC without deleting smcexist entry?

Dec 15, 2010 06:26 PM

thanks for the info!

Nov 22, 2010 08:03 AM

from your script

you first need to delete the key smcexist 

then try the smc -stop

that wil do 

Nov 22, 2010 07:41 AM

Nice finding

Nov 21, 2010 12:55 PM

I dont want to uninstall i need to just disable  without prompting password , is that possible 

Related Entries and Links

No Related Resource entered.