

Uninstall for a small group of clientsįor small numbers of clients, use the standard Windows uninstall method. Here are the recommended methods for uninstalling the Symantec Endpoint Protection client.

Select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System inner join SMS_G_System_ADD_REMOVE_PROGRAMS on SMS_G_System_ADD_REMOVE_PROGRAMS.ResourceID = SMS_R_System.ResourceId where SMS_G_System_ADD_REMOVE_PROGRAMS.DisplayName like "%Symantec Endpoint Protection%" and SMS_G_System_ADD_REMOVE_PROGRAMS.Version like "11. You need to have Asset Intelligence configured to gather all. Here is the WQL language for creating an SCCM 2012 Collection (probably will work in 2007, but not tested) for all systems with SEP 11 installed. Dropping the "/norestart" option from the msiexec line will cause the workstation or server to restart. A manual restart will be required to complete the removal.

REM - Remove the /norestart flag for the system to reboot when completeīasically this script adds a few keys required for the removal of the client, stops all the SEP services, removes the password, then removes the client. REG DELETE " HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\SMC" /v SmcInstData /f REG ADD "HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\AdministratorOnly\Security" /v UseVPUninstallPassword /d 0 /t REG_DWORD /f REG ADD "HKLM\SOFTWARE\Symantec\Symantec Endpoint Protection\AV\AdministratorOnly\Security" /v LockUnloadServices /d 0 /t REG_DWORD /f The out-of-the-box uninstall from Microsoft does not work when a password is specified, so I created this little script to do it for me.ĬD "C:\Program Files\Symantec\Symantec Endpoint Protection" I am currently using this with an SCCM deployment as we are migrating to SCEP. The following script will uninstall Symantec Endpoint Protection.
