Please Symantec, go out of buisiness.

Im removing Symantec Endpoint from a clients office and this is the most absurd removal process for an antivirus ive ever seen.

Luckily I think i found a copy of cleanwipe (you have to call symantec to get it and give them all sorts of info bc they are afraid someone will take the software and turn it into malware that disables endpoint, lame.)

But look at the manual removal steps for endpoint. It makes me want to stab myself in the eye.

How to manually uninstall Symantec Endpoint Protection client from Windows 2000, XP and 2003, 32-bit Editions

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

mikedisd2

Hyper-Me wrote: »

Way to be entirely inept in taking a joke.

Then that makes 2 of us. Maybe you suck at telling jokes.

Plantwiz

msteinhilber wrote: »

I haven't dealt with Symantec in a long time but I see they haven't changed their removal process any.

I'm actually replacing TrendMicro Worry-Free Business Security with Vipre Enterprise at the moment. Trend didn't seem to be doing much for us with preventing malware whereas Vipre in our testing seemed to do fairly well. That along with great pricing for 3 years and personal licenses for our users at home for free as long as we keep renewing made it a pretty solid deal.

I still like Trend, but Sunbelt's product is pretty solid in the field and thus far has been doing exactly what it needs to do.

Toss up for me still, so I'll offer both to my clients, but I think Vipre is catching on!

Hyper-Me

OfficeScan...whatever the latest version is.

They had one Windows 7 box and I left security essentials on it.

Stuppored

I've seen Symantec 8.x do the following:

remove the V from the tray icon

force you to manually remove .wdf files and files in a folder so it allows the engine to work

force uninstallation and re-installation to get the product back and working

The new SEP 11 - what are the common issues you come across? Please list what you know as common issues... deployed in a test environment, I have only seen it disable the client until you manually click the fix button.... not sure why this happens, this is after the PC has fully booted.

This Vipre Endpoint sounds interesting: Endpoint Protection, Antivirus Software, Email & Anti-Malware Protection - Sunbelt Software

Any ideas off the top of anyones head the cost / seat.... yes in volume I'm sure they offer discount, but in general, what kind of cost/seat do they go for?
Any common program issues?

It would be nice to walk away from Symantec <they offer free upgrade to the latest SEP - which makes it that much more difficult to walk away> , but I've seen Mcaffee and Trend Micro allow their AV software ramp up CPU usage to 100% for minutes on end in the past. I like Kaspersky for personal use, but their remote deployment and management software for enterprise I am not a big fan of.

crrussell3

Hyper-Me wrote: »

Im removing Symantec Endpoint from a clients office and this is the most absurd removal process for an antivirus ive ever seen.

Luckily I think i found a copy of cleanwipe (you have to call symantec to get it and give them all sorts of info bc they are afraid someone will take the software and turn it into malware that disables endpoint, lame.)

But look at the manual removal steps for endpoint. It makes me want to stab myself in the eye.

How to manually uninstall Symantec Endpoint Protection client from Windows 2000, XP and 2003, 32-bit Editions

I just got done this morning writing a very crude batch file that will automatically stop the services, kill the processes, remove the reg keys/values, delete the files, etc. Took way too long to make, but I figured it would be worth while if I ever have to manually uninstall another one again. I cringed when I found out we had already purchased SEP x11 when I started there almost four months ago. When it is time to upgrade again, I am dumping Symantec without hesitation.

I was actually digging around their forums, and found a post by a SEP employee that stated something pretty close word for word "The removal tool does such a good job at removing our product we don't want to make it freely available for download".

HeroPsycho

snadam wrote: »

Its actually a nutri-grain commercial that I really enjoy, but I am also not sure where it falls in here either. Funny nonetheless. (and for the record, he is getting punched in the stomach).

At least someone got the reference. And it was Pash jabbing Hyper-Me, so I was playfully pointing out the "punch", jokingly, hopefully to avoid a flame war.

Oh well, most people don't get my sense of humor....

arwes

Stuppored wrote: »

The new SEP 11 - what are the common issues you come across? Please list what you know as common issues... deployed in a test environment, I have only seen it disable the client until you manually click the fix button.... not sure why this happens, this is after the PC has fully booted.

I've got about 7-8 workstations (out of 80) that take 2-4 hours to complete a scan. Symantec has no idea why. I've got one workstation that starts my scheduled administrator scan at noon, then promptly starts another one as soon as it finishes. And be careful in deployment if you use the TruScan Proactive Threat Scanning. The install apparently borked on my HR lady's laptop, and Symantec's removal tool doesn't take care of everything. You'll know it's screwed up if it keeps the ancient updates (and no green dot on the tray icon). After running the removal program you have to uninstall the TruScan driver from Add/Remove Programs (I can't recall the name of it, but I think it was hidden).

I'm about to start testing out Forefront in a test network at the office. I've heard great things about Vipre's performance, but I've also heard it's not well suited for central management of branch offices. That was last year, and they may have improved in that respect but I haven't heard anything.

snadam

HeroPsycho wrote: »

At least someone got the reference. And it was Pash jabbing Hyper-Me, so I was playfully pointing out the "punch", jokingly, hopefully to avoid a flame war.

Oh well, most people don't get my sense of humor....

heh, I was totally overthinking it then

babies everywheeeere!!!!

HeroPsycho

snadam wrote: »

heh, I was totally overthinking it then

babies everywheeeere!!!!

MentholMoose

crrussell3 wrote: »

I was actually digging around their forums, and found a post by a SEP employee that stated something pretty close word for word "The removal tool does such a good job at removing our product we don't want to make it freely available for download".

Even though one employee said this, I don't think if it's really true. At least for SAV, the removal tool was easily obtainable. However, I would expect that they don't want to give the tool out on their forum to random people, and instead would prefer to provide it directly to paying customers going through standard support channels.

Symantec is one of the bigger AV vendors, and as such malware writers are likely to target their products. If a user has local admin rights, then any malware they run can disable an AV product. It wouldn't look good if the first stage of a malware infection ran Symantec's own removal tool.

Hyper-Me

MentholMoose wrote: »

It wouldn't look good if the first stage of a malware infection ran Symantec's own removal tool.

Since when does malware do you a favor?

crrussell3

MentholMoose wrote: »

Even though one employee said this, I don't think if it's really true. At least for SAV, the removal tool was easily obtainable. However, I would expect that they don't want to give the tool out on their forum to random people, and instead would prefer to provide it directly to paying customers going through standard support channels.

Symantec is one of the bigger AV vendors, and as such malware writers are likely to target their products. If a user has local admin rights, then any malware they run can disable an AV product. It wouldn't look good if the first stage of a malware infection ran Symantec's own removal tool.

But how hard would it be for someone with unethical intentions to obtain the tool? Not hard at all. Heck, you can google and find places to download the tool, so its not like its hard to get. Most of the Symantec threads themselves are littered with posters asking to have it emailed to them by another user.

Hyper-Me

Yeah i googled it and found it in less than a minute. So they should just release it.

MosGuy

This thread reminds me of when I was the I.T manager for a small architect firm. They had bought Norton AV for all the workstations. Eventually I noticed trouble with my e-mail. After trouble shooting I narrowed the cause down to Norton. I decided to contact support about the issue. Their response was: it was a known issue.. solution: disable e-mail scanning/monitoring

. My thinking... huh. It's a known issue & instead of working to provide a fix. They advise people to hide the problem & open the system up to further risk

I felt like replying back and asking what the point of running their AV was. Not to mention the large cost the company spent on AV licenses. In the end at least on my machine I uninstalled it & installed my trusty Ez-AV from CA (at the time). Not only did it solve the e-mail trouble, it made the system run quicker & had far more regular DB updates. When I left the company I re-installed Norton for them.

Hyper-Me

phoeneous wrote: »

You might want to talk to a rep at TM, we had Client/Server Security Suite and I had no idea it was discontinued. WorryFree is their latest product that is taking the place of several others.

We just bought this brand new, surely they wouldnt sell us a discontinued product?

WorryFree wasnt even on the available downloads.

captobvious

Hyper-Me wrote: »

We just bought this brand new, surely they wouldnt sell us a discontinued product?

WorryFree wasnt even on the available downloads.

Yes they would. And quit calling me shirley.

rsutton

We also had client security suite and was informed it was no longer supported so we upgraded to Worry free about three months ago.

Plantwiz

Hyper-Me wrote: »

We just bought this brand new, surely they wouldnt sell us a discontinued product?

WorryFree wasnt even on the available downloads.

It shouldn't have been sold. How did you acquire it? Through a VAR who uses a distributor? I believe...(and I look again tomorrow) but the renewal is available on C/S but new purchases are only through Worry-Free...and I seem to recall that ending mid-2009 (to only having WF products available).

So, depending on who you purchased through, they may have spec'd the incorrect version and you should be able to return it to them and have them issue the correct version (there may be some cost difference).

As a VAR, I can only order what appears in the drop-down list...so if its not there...I cannot make the purchase and generally EOL items are pulled promptly so that the rare times I have a client wanting the EOL I simply need to phone those orders in.

Hyper-Me

My company is a reseller so we got it straight from Trend.

Hyper-Me

phoeneous wrote: »

Worry-Free Business Security<br>Advanced and Standard 6.0 - Trend Micro USA

I see you that and raise you

OfficeScan - Trend Micro USA

From what I can tell, OfficeScan 8 is EOL but 10 isnt.

RobertKaucher

Hyper-Me wrote: »

I see you that and raise you

OfficeScan - Trend Micro USA

From what I can tell, OfficeScan 8 is EOL but 10 isnt.

We have been using the WFBS Advanced for about six months and I have really liked it. However a few spam items have gotten through recently, which is kind of odd.

On a side note... Hyper-Me you are getting far to many rep points. I think I will have to neg rep you just to keep balance in the force.

And, do you guys really have cookies?

Paul Boz

Anti-virus software is over rated.

Hyper-Me

RobertKaucher wrote: »

We have been using the WFBS Advanced for about six months and I have really liked it. However a few spam items have gotten through recently, which is kind of odd.

On a side note... Hyper-Me you are getting far to many rep points. I think I will have to neg rep you just to keep balance in the force.

And, do you guys really have cookies?

I know! I need to start another Hyper-V/ESXi battle to bring everything back into alignment.

HeroPsycho

Hyper-Me wrote: »

I know! I need to start another Hyper-V/ESXi battle to bring everything back into alignment.

What battle?

Hyper-Me

HeroPsycho wrote: »

What battle?

There one were I say something ignorant and 14 people send me reeling into the negative rep zone.

HeroPsycho

Hyper-Me wrote: »

There one were I say something ignorant and 14 people send me reeling into the negative rep zone.

It's a lot easier now to discuss things with you.

Me? Well, I'll always be a PITA.

Hyper-Me

I did a BackupExec 12.5 to 2010 install today. Seamless

Oh and bite me to whoever neg repped me for this thread and said "lighten up".

Pash

Hyper-Me wrote: »

I did a BackupExec 12.5 to 2010 install today. Seamless

Oh and bite me to whoever neg repped me for this thread and said "lighten up".

It wasn't me old boy. Although I did find your use of captain jean luc picard facepalming as a riposte a little below the belt.

veritas_libertas

Paul Boz wrote: »

Anti-virus software is over rated.

I have to agree with this statement. Those companies make way to much off of fear.

earweed

veritas_libertas wrote: »

I have to agree with this statement. Those companies make way to much off of fear.

Agreed. Since the AV industry has been established it is probably more of their job now to propogate the fear than it is to protect clients.