CleanWipe fails to fully remove Endpoint Protection 12.1 with error "Could not obtain SeDebugPrivilege"
Last Updated October 25, 2018
CleanWipe fails to fully remove Symantec Endpoint Protection (SEP) 12.1. Some files, folders, and Registry keys may be left behind.
You may also see the error, "Could not obtain SeDebugPrivilege. Please ensure current user/group is listed in Local Security Policy/User Rights Assignment/Debug programs Policy".
CleanWipe requires the administrative priviledge "Debug programs" (SeDebugPriviledge) in order to successfully remove SEP 12.1.
Please confirm that the account which is running CleanWipe has the "Debug programs" priviledge.
This setting can be viewed within the local machines Domain or Local Group Policy at Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment > Debug programs.
Note: After changing the windows local policy , logoff/logon, gpupdate or restarting the machine may be required for the changes to take effect.
Engineering team confirmed that this privilege is indispensable and CleanWipe will not be changed. CleanWipe needs this privilege in order to find which processes may have SEP DLLs loaded. The Windows API required to perform this operation need this privilege to run. CleanWipe performs the check in order to prevent stopping in the middle of the removal process.
Imported Document ID: TECH196734
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe