Joe Lusk 1 Posted April 2 Has anyone had any luck with this since the updates to Cloud Protection Agent. I had a script that ran SEPPrep.exe with the RemoveSymantec=Y option, but that no longer seems to work. None of the msexec methods or wmi methods seem to work either. Any ideas? Share this post Link to post Share on other sites
SteveYates 2 Posted April 9 Do you mean SEPC (Endpoint Protection Cloud), vs. Symantec.cloud aka Small Business? Per support one has to run the uninstaller manually, on the PC, and the help doc that says one can do it from the portal is incorrect. Would really like a way to remotely uninstall, because of: https://www.symantec.com/connect/forums/no-alerts-invalid-licensesdisabled-antivirus Share this post Link to post Share on other sites
Joe Lusk 1 Posted April 9 You are correct, that is the version and we have found the same things. Looks like manual is the only way by design. Share this post Link to post Share on other sites
HickBoy 3 Posted April 21 I've hacked one together that works fairly well (albeit not an officially supported uninstall method from Symantec). We use this as a last resort when the official ways to remove does not work... This uses CEDAR from Symantec to clean the agent from the system. I do some other stuff such as pre-removing the registry values that usually stop Symantec from uninstalling when it complains about pending actions. I do this via an embeded batch file called from the LabTech Script: :: 04/02/2019 :: Clears PendingFileRenameOperations Registry Key to allow Symantec AntiVirus to Uninstall :: Delete Key REG Delete "HKEY_LOCAL_MACHINE\System\currentcontrolset\control\session manager" /v PendingFileRenameOperations /f 2> nul Here's the two important parts of the script (NOTE: The -silent is case sensitive and undocumented). Let me know if you want the full thing and I will clean it up and export it. 1 Share this post Link to post Share on other sites
Joe Lusk 1 Posted April 22 (edited) @HickBoy I would love an export. I managed to get something working using AutoIT, but it is less than perfect and requires a user to be logged on. This looks much better. Thanks in advance. I am actually most curious about the pre-removal operations. Are you doing more than you identified there? Edited April 22 by Joe Lusk Share this post Link to post Share on other sites
