Windows:

• At an Administrator command prompt, stop the Vontu services with the following sequence of commands:
• sc stop vontuupdate
• sc stop vontuincidentpersister
• sc stop vontumanager
• sc stop vontumonitorcontroller
• sc stop vontunotifier
• [Single Tier installations only]: sc stop vontumonitor
• Rename the Vontu directory (this allows custom configuration files such as the encryption keystore to be easily restored).
• If they exist (primarily on a Single Tier server), delete the following folders from the root of the drive where the Vontu folder was located:
  • \drop
  • \drop_discover
  • \drop_ep
  • \drop_epl
  • \drop_pcap
  • \drop_ttd
  • \classification_spool
  • \icap_spool
  • \packet_spool
• Delete the local users "protect" and "protect_update".
• From the Administrator command prompt, delete the Vontu services with the following commands:
• sc delete vontuupdate
• sc delete vontuincidentpersister
• sc delete vontumanager
• sc delete vontumonitorcontroller
• sc delete vontunotifier
• [Single Tier installations only]: sc delete vontumonitor

• Run the Registry Editor (regedit), and delete the following keys and everything under them:

  • HKEY_LOCAL_MACHINE\SOFTWARE\ej-technologies

  • HKEY_CURRENT_USER\SOFTWARE\ej-technologies

• Run the DLP uninstaller from Control Panel > Add/Remove Programs (or Programs and Features); select Yes when prompted to delete it from the list.

Linux:

• Log on as root and stop the Vontu services with the following commands:
• service VontuUpdate stop
• service VontuIncidentPersister stop
• service VontuManager stop
• service VontuMonitorController stop
• service VontuNotifier stop
• [Single Tier installations only]: service VontuMonitor stop
• Rename the Vontu directories "/opt/Vontu", "/var/Vontu", and "/var/log/Vontu".
• Delete the local users with the command "userdel protect && userdel protect_extract".
• Delete the local groups with the command "groupdel protect && groupdel protect_extract" (these are usually deleted in the previous step).
• Delete the Vontu services with the following commands:
• rm -f /etc/rc.d/init.d/VontuUpdate
• rm -f /etc/rc.d/init.d/VontuIncidentPersister
• rm -f /etc/rc.d/init.d/VontuManager
• rm -f /etc/rc.d/init.d/VontuMonitorController
• rm -f /etc/rc.d/init.d/VontuNotifier
• [Single Tier installations only]: rm -f /etc/rc.d/init.d/VontuMonitor

For Linux with 15.1 and above 

1. stop the symantec services 
   1. service stop SymantecDLPManager
   2. service stop SymantecDLPNotifier
   3. service stop SymantecDLPIncidentPersister
   4. service stop SymantecDLPDetectionServerController
2. create a list of rpms with the following commang "rpm -qa | grep symantec"                                                            
3. From the above list you can use yum remove or rpm -e to uninstall each package for example see below
   1. "rpm -ev symantec-dlp-server-jre-1-8-0-162-1.8.0.162-1.el6.x86_64" or
   2. "yum remove "symantec-dlp-server-jre-1-8-0-162-1.8.0.162-1.el6.x86_64"
4. Remove any directories left on the filesystem in /opt/Symantec/
5. Remove the startup scripts if they exist after removing RPMs
   1. rm -f /etc/init.d/SymantecDLPDetectionServerController
   2. rm -f /etc/init.d/SymantecDLPIncidentPersister
   3. rm -f /etc/init.d/SymantecDLPManager
   4. rm -f /etc/init.d/SymantecDLPNotifier

Note - above instructions will also apply to Detection servers, with obvious exceptions for services that are unavailable for removal.