Windows Agent Uninstall Protection

When the Windows Monitoring Agent is uninstalled from a device, either programmatically or by using Add/Remove Programs, the device is no longer monitored and activated features are uninstalled. For example, if there are security features activated on the device, such as Managed Antivirus, Endpoint Detection & Response, and  Patch Management for Windows, when the Agent is uninstalled that security protection is removed. Also, if you use Take Control or Remote Background to connect to the device, those features are also no longer available.

You can use Windows Agent Uninstall Protection to prevent unauthorized uninstalls of the Agent. If you enable Agent Uninstall Protection, an Agent uninstall code is required to uninstall the Agent.

Agent Uninstall Protection process

After you enable uninstall protection, the next time there is an attempt to remove an Agent directly from a device, a message requests the Agent uninstall code to continue with the Agent uninstall.

When Agent uninstall begins on a device, the Windows Agent communicates to the All Devices view to check if uninstall protection is active. If the device is offline, the Agent cannot determine the uninstall protection status and, as a security precaution, defaults to the uninstall code requirement.

The Agent uninstall code is emailed to designated recipients or it can be retrieved from the All Devices view. When you have the uninstall code, you can manually uninstall the Agent from the device by pasting or uploading the uninstall code when you are prompted for it during the Agent uninstall.

For information about Manually Uninstalling the Agent, see Uninstall the Windows Agent.

Do not delete the device from the All Devices view until the Agent is successfully removed from the device (especially when the device cannot communicate with the All Devices view).

If you delete the device from the All Devices view, and the Agent is not uninstalled within the 12-hour time frame of the uninstall code, you cannot generate a new uninstall code because the device is no longer on the All Devices view and the Agent uninstall key is only available from the there.