[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5069
  • Last Modified:

how uninstall by command line Symantec Corporate 10.0.0.359?

Hello,

I've a site with 30 computers on which I've updated the symantec corp server to 10.0.2.2000 but the deployment installation doesnt work and I've to manually uninstall first the actual version to install the new one. Is it a way to lunch an uninstallation script to clear my old version without doing a manual uninstallation on each computer???

many thanks for your help.

Kindly Regards.

David
0
David_Pazos
Asked:
David_Pazos
  • 4
  • 3
  • 2
  • +1
1 Solution
 
zephyr_hex (Megan)DeveloperCommented:
would it be helpful to fix the deployment issue?
if your computers are all on the same network, then deployment should work.
i've found the following issues to be the main reason why deployment fails:
windows firewall is enabled (must be disabled)
simple file sharing is enabled (must be disabled)
the local Admin account on the computer does not have a password (you must have at least 1 local admin account with a password).

it helps to have service pack 2 because then it's easy to disable windows firewall.

as far as uninstalling symantec corp AV without fixing your deployment issues, there is an application symantec puts out called NoNAV that will uninstall it.  your issue is going to be that NoNav requires user interaction.

also, you should be aware that 10.0.2.2000 is suseptible to the vulnerability that was identified a few months ago.  you will need to run the patch which fixes the vulnerability after your installs are done.  if you fix your deployment issue, you can do the patch via client install.

this page shows which versions need to be patched, and provides the patches + instructions:
http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2006052609181248?OpenDocument&seg=hm
(note:  your current version also has the vulnerability)
0
 
zephyr_hex (Megan)DeveloperCommented:
oh... one more note ... is there a reason why you're upgrading to 10.0 when 10.1 is the latest version?
0
 
SymShadyCommented:
pull the uninstall string from the registry and launch it from the run line

if you open the registry...
click start -->run type regedit then hit enter
in the registry browse to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\
find the key for Symantec Antivirus then look for the value uninstall
copy the data section into the run line and hit enter

the data section will look something like this but not exactly as my machine as sav9 so the uninstall string is different
MsiExec.exe /I{848AC794-8B81-440A-81AE-6474337DB527}

as a side note you may need to change the /I to a /U
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
David_PazosAuthor Commented:
In fact, the AV server crashed due to a RAID error. The SAV has been reinstalled and now the clients can't be found when I do a search and so they aren't added to the AV group.

That's why I need an uninstall command easy to deploy on a netlogon script or via GPO followed by the silent SAV install.

I've already tried the nonav on the version 10 but it doesn't work very fine.

Your version SymShady seems to be really nice.

I will try it if there is no other option.

Many thanks for help
0
 
SymShadyCommented:
sorry find the value UninstallString...my bad

this will rip it right outta there for ya its the same thing that add and remove programs does behind the sceens
0
 
SymShadyCommented:
also look for the removal tool called scscleanwipe it is a little better for version 10
0
 
David_PazosAuthor Commented:
scscleanwipe doesn't work....

I will try your solution with the uninstallstring... it should work better...

keep in touch ;)

thanks for help
0
 
David_PazosAuthor Commented:
Hi,

I've finally tested the command and this one is the correct one...

there is only one last problem, the uninstallation ask me for the password and I can't deactivate it through the Symantec Console... Do you have any idea how can I add it to the uninstallation command???

there is :  

msiexec /passive /x{46B63F23-2B4A-4525-A827-688026BE5E40}  ( to see the password dialog box )
or
msiexec /quiet /x{46B63F23-2B4A-4525-A827-688026BE5E40}

many thanks in advance for your support.

David
0
 
David_PazosAuthor Commented:
Hi,

I've finally uninstalled manually the AV because I havent found a way to add the network uninstallation password.

Thanks for your help anyway

Credits given

++
0
 
xodusinteractiveCommented:
To disable the uninstall PW:

http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/db850b7a896c99c088256c3d0052d20f?OpenDocument

To disable the password for uninstalling Symantec AV though Symantec System Center

1.  In Symantec System Center, right-click the Parent Server or Client Group that manages the client you want to uninstall.

2.  Click All Tasks > Symantec AntiVirus > Client Administrator Only Options.

3.  On the Security tab, uncheck "Ask for a password to allow uninstall of Symantec AntiVirus client."
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

  • 4
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now