Solved

Remotely uninstall application

Posted on 2010-11-15
9
1,081 Views
Last Modified: 2013-12-09
I'm trying to use the psexec.exe command to remotely uninstall SEPM (Symantec Endpoint Protection Manager) client.

I use different variations with different results and none work.

1. >psexec.exe \\computername -u domain\admin -p password msiexec {3C1AE512-3C37-44FA-BA42-ABB721EC5B1D}
This one just hangs......

2. >psexec.exe \\192.168.1.50 -u domain\admin -p password {3C1AE512-3C37-44FA-BA42-ABB721EC5B1D}
psexec could not start {3C1AE512-3C37-44FA-BA42-ABB721EC5B1D} on 192.468.1.50: The system cannot find the file specified.

Seems like a great tool if I can get it ot uninstall the symantec client.
0
Comment
Question by:tolinrome
  • 3
  • 3
  • 2
  • +1
9 Comments
 
LVL 13

Expert Comment

by:markusdamenous
Comment Utility
msiexec needs an additional switch, -x to tell it to work in uninstall mode.
0
 
LVL 13

Expert Comment

by:markusdamenous
Comment Utility
enclose the whole command in quotes like so

psexec.exe \\computername -u domain\admin -p password "msiexec -x {3C1AE512-3C37-44FA-BA42-ABB721EC5B1D}"
0
 
LVL 7

Author Comment

by:tolinrome
Comment Utility
I wasnt even sure what the msiexec meant, just saw it on a blog, not sure if it's applicable to SEPM client - Im thinking it means too uninstall a MSI extension file (program).
What if the program isnt MSI - what would I use?
0
 
LVL 13

Expert Comment

by:markusdamenous
Comment Utility
I have used this method to uninstall other Symantec products, so it will likely work.  The string here   {3C1AE512-3C37-44FA-BA42-ABB721EC5B1D} needs to be the correct install string for SEPM.  Have you checked this, or did it come from the same blog?

Other things to note:  Before using this method on Symantec AV Corporate client, I had to roll out 2 registry settings to change and then disable the uninstall password.  Otherwise the psexec command would hang up half way through, with no way of providing the install password.

0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 24

Expert Comment

by:Awinish
Comment Utility
0
 
LVL 7

Author Comment

by:tolinrome
Comment Utility
I used the quotes just as you mentioned still no go. The string is from the client.
psexec.exe \\IPaddress -u domain\admin -p password "msiexec -x {3C1AE512-3C37-44FA-BA42-ABB721EC5B1D}"

The error message I get is: PsExec could not start msiexec -x {3C1AE512-3C37-44FA-BA42-ABB721EC5B1D} on 192.168.1.50: the system cannot find the file specified.

So I figure it's not using an msi file?

Also, do you have or know of a script to uninstall\disable the password since we do have it on clients.

Unbelieveable how Symantec cant just have an uninstall remote utility within SEPM.
0
 
LVL 24

Expert Comment

by:Awinish
Comment Utility
0
 
LVL 7

Author Comment

by:tolinrome
Comment Utility
The problem is that I'm not even getting to the poin twhere it asks for a password. Apparantly PsExec.exe cannot find the file or whatever it's looking for to uninstall the program.
0
 
LVL 29

Accepted Solution

by:
Sudeep Sharma earned 500 total points
Comment Utility
You could also use the an application designed by Sunbelt software to uninstall the Symantec Products. This program could uninstall version between 8 through 12 including network agent and live update. Since the MIS uninstaller would only uninstall the SEP but not live update.

http://www.sunbeltsoftware.com/Business/Agent-Uninstallers/

I hope that would help

Sudeep
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now