Disable Symantec Endpoint Protection Chrome Extension Access

Downside: SEP often re-enables the extension on reboot or after a policy update from the management server. This method works for a single session but is not permanent.

Symantec Endpoint Protection (now part of Broadcom) is an enterprise antivirus and intrusion prevention system. When installed on Windows or Mac, it injects a plugin into Chrome and Edge called "Symantec Endpoint Protection Web Protection."

What it does:

Why users want to disable it:

  • GPO/ADMX or MDM equivalents to set ExtensionSettings or remove the extension from ExtensionInstallForcelist.
  • For SEP-specific options: if SEP offers a setting to disable browser plugin via its client policy, use that to avoid unsupported states.

    • If you want, I can:

    To disable the Symantec Endpoint Protection (SEP) Chrome extension, you must address the administrative policies that often "force-install" and lock it in your browser. Direct Methods to Disable the Extension For Individual Users (If Unmanaged): Open Chrome and navigate to chrome://extensions Locate the Symantec Endpoint Protection extension. Toggle the switch to

    . Note: If the extension is managed by your organization, these options may be "grayed out" or locked by policy. For Administrators (Policy Unloading):

    Starting with version 14.3 RU5, you can unload the extension globally by disabling the Browser Intrusion Prevention (BIPS) option within the Intrusion Prevention Symantec Endpoint Protection Manager (SEPM)

    , unchecking "Enable Browser Intrusion Prevention" will trigger the client to uninstall the extension from Chrome. Registry Modification (Advanced):

    Administrators can remove the extension by deleting the force-install registry key located at

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist After deletion, click Reload policies chrome://policy page to see the change take effect. Why the Extension is Often Locked The extension is typically locked because it is part of a Force-install List

    managed via Active Directory GPO or Google Admin. This ensures that critical security features, like blocking malicious URLs and preventing browser-based intrusions, remain active regardless of user preference. Troubleshooting "Aw Snap" Crashes

    If you are trying to disable the extension because of the common "Aw Snap!"

    crash error in Chrome (versions 78+), this is often due to an incompatibility between Symantec’s code integrity and Microsoft’s Renderer Code Integrity. Disable symantec endpoint protection chrome extension

    Disable symantec endpoint protection chrome extension. Step 6: If the add-on can be deleted, you'll see the Remove option. Step 5: Ameba Ownd Old Symantec Google Chrome Error disable symantec endpoint protection chrome extension

    To disable the Symantec Endpoint Protection (SEP) extension in Google Chrome, the method depends on whether your computer is managed by an IT department (using policies) or if you have direct control over the client. For Managed Users (IT Administrators) If the extension was installed via the Symantec Endpoint Protection Manager (SEPM)

    , it is often "forced" and cannot be disabled within Chrome's settings. You must use a policy to remove it: Broadcom support portal Disable via Intrusion Prevention Policy : Open your SEPM console, go to Policies > Intrusion Prevention , and edit your policy. Uncheck the option for Enable Browser Intrusion Prevention Version Note : For clients on version 14.3 RU4 or newer

    , disabling this policy will automatically unload or uninstall the extension from Chrome. Third-Party Management : Starting with

    , you can enable "third-party management" in the IPS policy settings to manage the extension through Active Directory GPOs Google Admin instead of SEP. Broadcom support portal For Individual Users (Unmanaged Clients)

    If you have administrative rights on your local machine and the extension is not locked by a central policy: Standard Extension Toggle Open Chrome and go to chrome://extensions/ Symantec Browser Protection toggle switch

    Note: If the toggle is grayed out and says "Managed by your organization," you cannot disable it here. Stop the SEP Service (Troubleshooting Only) dialog (Win + R).

    and hit Enter. This will stop all SEP services, which may automatically disable the extension's functionality, though it might not remove the icon from Chrome. Broadcom support portal Known Workaround for Chrome Errors

    If you are trying to disable the extension because Chrome is not loading pages or crashing, some users fix this by modifying the Chrome shortcut: Right-click your Chrome shortcut > Properties field, add --disable-features=RendererCodeIntegrity to the end of the text string. Registry keys

    to manually remove the forced installation entries for the extension?

    Whether you're an IT admin or a home user, managing the Symantec Endpoint Protection (SEP) extension in Chrome often feels like a tug-of-war between security and performance. The Conflict: Why Disable It?

    While the extension is designed to block malicious scripts and data leaks, users often find themselves looking for a way to turn it off for a few common reasons:

    Performance Drag: Users have reported significant internet bandwidth slowdowns, sometimes dropping speeds from 95 Mbps to under 20 Mbps when combined with other security layers.

    Browser Crashes: Incompatibility between certain Chrome versions (like 78 and 79) and SEP can trigger the infamous "Aw, Snap!" error, rendering the browser unusable.

    Troubleshooting: Developers and IT staff often need to disable protection temporarily to test internal applications or identify conflicts. How to Disable the Extension 1. Standard Method (For Home Users) Downside: SEP often re-enables the extension on reboot

    If your settings aren't locked by an administrator, you can manage it directly in Chrome: Open Google Chrome.

    Click the three dots (top right) > Extensions > Manage extensions.

    Find the Symantec extension and toggle the switch to gray (Off).

    Alternatively, right-click the extension icon and select "Remove from Chrome". 2. Administrative Method (For Managed Computers)

    In corporate environments, the extension is often re-added automatically by group policies. Administrators can manage this through the Symantec Endpoint Protection Manager (SEPM): Chrome 78 Update & Symantec Endpoint Protection Issue!

    How to Disable the Symantec Endpoint Protection Chrome Extension

    If you've noticed the Symantec Endpoint Protection (SEP) extension in your Chrome browser and found it impossible to remove or turn off, you aren't alone. Because SEP is enterprise-grade security software, its browser extensions are often "forced" by your IT administrator to ensure Browser Intrusion Prevention stays active.

    Depending on whether you have administrative access or are just troubleshooting a personal machine, here are the three main ways to handle it. 1. The Official Way (Administrator/SEPM)

    If you manage the Symantec Endpoint Protection Manager (SEPM) console, you can disable the extension via policy. This is the only way to ensure it doesn't automatically reinstall.

    Access Policies: Open your SEPM console and navigate to the Policies tab.

    Intrusion Prevention: Select your Intrusion Prevention Policy.

    Disable Browser Protection: Look for the option labeled Enable Browser Intrusion Prevention for Chrome (or Edge) and uncheck it.

    Lock the Setting: Click the padlock icon next to the setting to "lock" it in a disabled state. This prevents the client UI from showing a "malfunctioning" error and instructs the SEP agent to unload the extension from all client browsers. 2. The Troubleshooting Way (Local Client)

    If you just need the extension gone temporarily to test if it's breaking a specific website, you can stop the entire SEP service locally. Note that this requires local administrative rights and may be password-protected by your IT department. Symantec Endpoint Protection (now part of Broadcom) is

    Stop the Service: Press Win + R, type smc -stop, and hit Enter. This kills the SEP agent and its hooks into Chrome.

    Restart the Service: Once you're done troubleshooting, use smc -start to bring protection back online. 3. The "Forceful" Way (Registry & Files)

    If the extension is stuck and the "Remove" button in Chrome is greyed out, it's likely being forced via the Windows Registry. Use this method only if you are comfortable editing registry keys.

    Check the Extension ID: The SEP extension folder is typically named pamolibmfebkknkdmfabpjebifbffbec.

    Modify Registry: Navigate to:HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist

    Remove the Entry: Find the string value containing the SEP extension ID and delete it.

    Delete the Folder: Navigate to %localappdata%\Google\Chrome\User Data\Default\Extensions\ and delete the folder matching the ID above.

    Warning: Manually deleting these files may cause the SEP client to report a "Browser Intrusion Prevention is malfunctioning" error in your system tray.

    Need to completely start over? Use the official Broadcom CleanWipe tool to remove all traces of SEP, including persistent browser extensions, from your system.

    Are you attempting this on a corporate-managed device or a personal computer?

    Based on your request, this feature falls under the domain of IT Security Management and Endpoint Configuration. Since Symantec Endpoint Protection (SEP) is enterprise security software, standard users often cannot remove extensions without administrative privileges.

    Here is a feature specification for an administrative tool or workflow designed to disable the Symantec Endpoint Protection Chrome extension.

    | User Type | Best Method | Permanence | | :--- | :--- | :--- | | Non-admin employee | Switch to Firefox browser | 100% (on Chrome, 0%) | | Power user (local admin) | Registry override (HKCU) | Until policy refresh | | IT admin | Disable via SEPM policy | Permanent | | Mac user | Remove configuration profile | Permanent (until re-enrolled) | | Anyone in a hurry | Hide icon from toolbar | Temporary (visual only) |

    This method prevents the extension from loading in Chrome entirely.

    Provide administrators the ability to disable the Symantec Endpoint Protection (SEP) Chrome extension across managed endpoints from a centralized admin console, with options for temporary disable, scheduled disable, per-group targeting, audit logging, and user opt/override controls. This feature is designed for enterprise environments where extension conflicts, troubleshooting, or staged rollouts require controlled disabling of the browser extension.