Solved

remove eset silently and remotely and install system center endpoint silently and remotely

Posted on 2014-01-24
9
3,768 Views
Last Modified: 2014-02-07
i have a bunch of windows xp machines that i need to uninstall eset on remotely and then install system center endpoint protection.

is this even possible? i'm hoping to do something along these lines
@echo off
setlocal
for /f "usebackq" %%a in ("pc1.txt") do (
	net use \\%%a\IPC$ "password" /user:Administrator
	for %%f in (%FileList%) do (
		<insert code here to remove eset silently>
                                    display console message stating removal is done
                                   <insert code to install system center endpoint silently>
	)
	net use \\%%a\IPC$ /delete
) 

Open in new window


my first thought was to check the localmachine registry for an uninstall string but i do not see one.  
Some help on this would be greatly appreciated.
Thanks!
0
Comment
Question by:bbimis
  • 5
  • 3
9 Comments
 

Accepted Solution

by:
bbimis earned 0 total points
Comment Utility
i figured out how to uninstall eset silently and remotely
use the following:

cmd.exe /c psexec \\ipaddress -u username -p password msiexec nameofeset.msi /uninstall /quiet /norestart
only question now is how do you install system center endpoint protection silently?
thanks!

i'm thinking something along these lines but i'm not sure if this is correct
@echo off
setlocal
for /f "usebackq" %%a in ("pc.txt") do (

	REM Code to silently uninstall eset
                     cmd.exe /c psexec %%a -u administrator -p censoredpassword -c msiexec eset.msi /quiet /norestart
	echo "eset uinstalled"
                     
                    REM Code to silent install system center endpoint protection
                    cmd.exe /c psexec %%a -u administrator -p censoredpassword -c endpoint.exe /s /q
) 

Open in new window

0
 
LVL 82

Assisted Solution

by:leakim971
leakim971 earned 100 total points
Comment Utility
why don't you install it on the remote computers using the management console?
0
 
LVL 27

Expert Comment

by:serialband
Comment Utility
FYI.  You can also remove MSI installs with MsiExec.exe

NOD32 version 3.0.695.0
MsiExec.exe /qn /x{C10D6AB8-05BB-422D-AAE3-36D6E0381487}

ESET Smart Security 4.2.35
MsiExec.exe /qn /x{751CCF7A-CFF6-4A4B-9119-D4448D87B025}

ESET Endpoint Security 5
MsiExec.exe /qn /x{950B1859-7F95-4CCF-8674-0F843B58CCAB}

ESET Remote Administrator Console
MsiExec.exe /qn /x{6E5A47E7-4E1F-4507-95D0-59F9E8BC05BD}

/q mean quiet.
/n means norestart
/x means uninstall

You can find those class strings in the Registry when you search for the product.  The uninstaller section should have a link to the class string.  This method works if you no longer have the installer available.

You would run them with psexec -s as the system account.

You generally don't want to enter any passwords on the command line or in a script.  You should change your password very frequently if you do that.  If you use a Domain Admin Account with the local Administrators group access, psexec will use your logged in, cached credentials.  You won't need to enter your username or password when running psexec.

If your systems aren't in a Domain, you should set your local Administrator password to be the same on every system and put them in the same workgroup.  Since the Local Administrator account always has the same SID, the credentials passed by psexec will be the same.  If the local user needs admin access, put them in the group and reserve the Administrator account for the System Administrator to do work and write scripts.  

Only run psexec on a local trusted network.  Change your password frequently.
0
 

Author Closing Comment

by:bbimis
Comment Utility
i figured it out but thanks for the help the consol works most of the time but not all the time
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 

Author Comment

by:bbimis
Comment Utility
serialband:
what would be wrong with this code then? it basically just sets there and never uninstalls
I know the registry key is correct cause i took it directly from the registry to make sure as a test

@echo off
set code={D01521C5-ECC6-4A9E-A3E4-1B981D7B7504}

for /f "usebackq" %%a in ("clist.txt") do (
                   
                     echo " ">> newinstalllog.txt
                     echo "Computer information for " %%a >> newinstalllog.txt

                     REM CODE TO INSTALL PATCH IF WINDOWS XP SP2
                     cmd.exe /c psexec \\%%a -s c:\tony\patch.exe /quiet /norestart  >> newinstalllog.txt
                     
                     REM REMOVE ESET
                     echo key is %code% 
                    
                     REM cmd.exe /c psexec \\%%a -s "c:\Program Files\ESET\ESET NOD32 Antivirus\callmsi.exe" /x %code% /qn /norestart Password=eset  
                     cmd.exe /c psexec -s  \\%%a  MsiExec.exe /qn /x%code% Password=eset
                    
                     REM CODE TO INSTALL NEW VIRUS SOFTWARE
	
                      cmd.exe /c psexec \\%%a -s c:\tony\scepinstall1.exe /s /q 

Open in new window

0
 
LVL 27

Expert Comment

by:serialband
Comment Utility
I'm not sure why you've added cmd.exe /c to your code.  I've always run psexec directly.  It's one less layer of code to run.
0
 

Author Comment

by:bbimis
Comment Utility
cmd.exe /c allows you to use system commands like ipconfig and all unless i'm just adding the extra layer for no reason
0
 
LVL 27

Expert Comment

by:serialband
Comment Utility
You can run those with psexec on the other system.

psexec -s \\computer ipconfig
psexec -s \\computer MsiExec.exe /qn /x{C10D6AB8-05BB-422D-AAE3-36D6E0381487}

If you have a local executable that isn't on your remote system, you can have psexec copy it over to a tempory directory.
psexec -c \\computer LOCAL_Exec_File
0
 

Author Comment

by:bbimis
Comment Utility
okay but here is where my issue is.
i notice you have /qn /x{registry key here}
where does it get the password variable?  not for administrator but for the eset itself
we have eset configured to use a password. if i manually uninstall eset i have to type in a password for it to remove.

I think thats why i keep getting the error 1603.
Thanks!
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

In this tutorial I will show you how to provide a dynamic RTF document on your website generated with data from your database. For this tutorial you will need Microsoft Word or WordPad, WhizBase and Microsoft Access. In this tutorial I will show …
Like many organizations, your foray into cloud computing may have started with an ancillary or security service, like email spam and virus protection. For some, the first or second step into the cloud was moving email off-premise. For others, a clou…
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now