Uninstall Cisco AnyConnect

What the Cisco AnyConnect uninstallation Worklet does

This Automox Worklet™ removes the Cisco AnyConnect Secure Mobility Client from Windows endpoints and deletes orphaned configuration files that remain after uninstall. The Worklet targets both 32-bit and 64-bit registry hives to guarantee complete removal regardless of your system architecture.

The Worklet searches the Windows registry for any Cisco AnyConnect installations using MSI package detection. When found, it executes the MSI uninstall process and removes related folders in ProgramData and user AppData directories. This prevents leftover configuration files from interfering with alternative VPN clients or creating orphaned registry entries.

This PowerShell-based Worklet runs on Windows 7 and later, including Windows Server systems. It works both in scheduled evaluations and on-demand through RunNow, giving you flexibility in how you deploy VPN client changes across your infrastructure.

Why uninstall Cisco AnyConnect across endpoints

VPN client transitions create operational challenges. Whether you are standardizing on a different platform, addressing software conflicts, or remediating security issues, the manual uninstall process is time-consuming and inconsistent across your endpoints. Automating uninstallation eliminates these challenges.

Orphaned configuration files and registry entries from incomplete uninstalls can cause licensing conflicts, slow endpoint performance, and complicate future software deployments. Automatic removal of these artifacts creates clean systems. You reduce support tickets from users experiencing VPN connection problems and avoid the security risk of outdated client software lingering on endpoints.

With the Worklet's RunNow compatibility, your team can respond to urgent transitions quickly. If a critical vulnerability affects Cisco AnyConnect or your organization switches providers, you deploy this Worklet and complete removal in minutes rather than coordinating with individual users or managing scheduled maintenance windows.

How Cisco AnyConnect removal works

1. Evaluation phase: The Worklet searches both 32-bit and 64-bit registry hives in HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall for entries with DisplayName containing "cisco anyconnect" and an UninstallString referencing msiexec.exe. If any matching installations are found, the Worklet returns a non-compliant status requiring remediation.

2. Remediation phase: The Worklet executes msiexec.exe with the /x flag to uninstall each detected AnyConnect installation silently (/qn) without restarting (/norestart). It logs output to Temp\un_AnyConnect32.log or Temp\un_AnyConnect64.log. Once MSI uninstall completes, the Worklet recursively removes ProgramData\Cisco and AppData\Local\Cisco folders for all user profiles to eliminate orphaned files.

Cisco AnyConnect uninstall requirements

• Windows 7 or later (including Windows Server 2008 R2 and newer)

• PowerShell 2.0 or later

• Administrator privileges to access registry hives and execute msiexec.exe

• No parameters required; the Worklet detects and removes all Cisco AnyConnect installations automatically

Expected VPN client state after AnyConnect removal

After the Worklet completes successfully, the Cisco AnyConnect Secure Mobility Client is completely removed from the endpoint. All registry entries matching the application are deleted from both 32-bit and 64-bit hives, and no Cisco AnyConnect executable files remain in Program Files or Program Files (x86). User-profile-specific configuration files in AppData\Local\Cisco are deleted, verifying clean user experiences if AnyConnect is reinstalled.

You can verify successful removal by checking that no Cisco AnyConnect entry appears in Control Panel under "Installed Programs" and that the registry path HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall contains no entries with DisplayName matching "cisco anyconnect". The endpoint is ready for alternative VPN client installation or deployment of a different VPN solution without legacy AnyConnect conflicts.

How to validate uninstall cisco anyconnect changes

1. Run this Worklet on a pilot Windows endpoint and review evaluation output for uninstall cisco anyconnect.

2. Confirm Automox activity logs show successful completion and exit code 0.

3. Verify endpoint state using checks aligned to evaluation script logic, such as Get-ChildItem, Get-ItemProperty, Where-Object.

4. Validate remediation effects from script operations such as Write-Output, Get-ChildItem, Get-ItemProperty, then rerun evaluation for compliance.