Link to home
Start Free TrialLog in
Avatar of cookd47
cookd47

asked on

Symantec AntiVirus Corporate Edition Password

I have a customer who does not know the password to open his Server Console for Symantec AntiVirus Corporate Edition.
How an I get access to the console utilities
Avatar of SheharyaarSaahil
SheharyaarSaahil
Flag of United Arab Emirates image

the password should be known..... otherwise there is no other way to access the console utilities =\
Otherwise an uninstall and reinstall should be necessary to get back the control!
ASKER CERTIFIED SOLUTION
Avatar of blue_zee
blue_zee
Flag of Portugal image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of bakerj64
bakerj64

have you tried using symantec as password
symantec should work, that is the default password to uninstall...
Avatar of cookd47

ASKER

The Accepted Answer is close. If the default password has been changed you can contact Symantec. They have a utility that will reset the password for licensed, registered copies.

Thank you.

Glad I could help, to some extent.

Zee
there is a tool in symantec directories called iforgot.exe
 you can use that to run on the primary server to get a encrypted password to send to Symantec. It takes 1-2 business days but they will decrypt it and send you back the decrypted password to the server group. Recommended to change asap after you get it back though email that is NOT encrypted :-)
Avatar of cookd47

ASKER

That is the utility, and process that I was referring to in my acceptance comment.
if you are talking about the password to the console of symantec you can reset it in the registry by change this key


[HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion]

change the console password key to 20A6C921DDF2F93599E8D6A39EC13A23ECD436B723F

and then the password will set to  just the letter "a"
you may need to restart the symantec discovery service first

Actually the iforgot.exe method mentioned does NOT require contacting Symantec and is now immediate.  However, this method does assume you know the correct user ID. Otherwise it works like a charm!
Avatar of cookd47

ASKER

Thanks to all for your comments.
This is why Experts-Exchange is such a valuable resource
I had a client that got a virus, the administrator deleted the client in the server console. I entered the word, "symantec", without the quotes, and was able to successfully remove Symantec Corporate Antivirus.
Actually, we are discussing the Symantec System Center console and server, not the client. "symantec" has always been the default uninstall password for the clients.
To remove Symantec Antivirus without using a password:

1) Use Regedit

2) HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion\Administrator Only\Security\

3) Change the value for this key from 1 to 0
       
     useVPuninstallpassword

4) Close the registry and retry the uninstall
dear ssgbuck
i try your way it's work great thanks
I would like to see this discussion updated as the link in the accepted answer are now broken, but can be found by searching the Symanted KB for the article titles.  For my specific situation the password I was missing was to an old orphaned client and the default password of symantec was not working.  The suggestion by ssgbuck worked perfectly for being able to uninstall so I can then reinstall the updated version.
ssqbuck's procedure on the last post worked perfectly for me to be able to uninstall Symantec AV on a computer where nobody knew the password. Thanks!
I'll chime in as well and say that doing work on a system that had changed hands a few times makes knowing the passwords impossible.  I too used ssqbuck's procedure and it came right off!

Thanks much

Matt
I had this same issue because I was upgrading to a new version of the antivirus software using a different managed Symantec server, so i had to uninstall the old version.  The fix i figured out was to continue on with the install, and then the upgrade removes the old uninstall password and then i reinstalled the new version again.  Took about 10 minutes total and a restart of the computer, plus i've only done this on the client machines and not on the server side because our new server never had a version of it installed.  I've actually updated about 30 clients using this method but im gonna try that regedit thing now.
Highlanderit comment worked for me but the password ended up being symantec after I changed the reg key not "a".
thanks anyways
I tried resetting the reg key to the one provided above and many other posts on forums also give the same instructions with positive results. Unfortunately this did not work for my case, because every time I set the reg key to the one provided above 1. It wouldn't accept the password 2. I would reset the discovery service and it would somehow reset to the original value (it must of been stored somewhere else). This however did work for me.

Open Regedit and navigate to the following location

HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion

Look for a value named "ConsolePassword" (Type RegSZ). Delete this value (do not set the value to an empty string but delete the value "ConsolePassword").You might need to delete this under "" \ CurrentVersion\AddressCache\"Server Name" as well.

Now open SSC and try to unlock the the server group with the default password 'symantec' (without the quotes).
I found an easy to follow guide here:

http://cyberst0rm.blogspot.com/2007/05/how-to-uninstall-symantec-anti-virus.html

(Step by step)
Easy to follow and use.