Go Premium for a chance to win a PS4. Enter to Win


How can I create a GPO to have a application removed?

Posted on 2016-07-19
Medium Priority
1 Endorsement
Last Modified: 2016-08-04
The application "D5000 Wireless Dock" reside in the following location for all our corp laptop users.

It is shown in Add/Remove programs as such
Our corp laptops are Win 7 OS. Should I create GPO as a user or computer setting? How should the GPO be configured?
Question by:joukiejouk
  • 3
  • 3
  • 3
  • +2
LVL 13

Expert Comment

by:Bryant Schaper
ID: 41719911
you may have to test whether a computer setting works, but you could probably run the uninstall from a command line or task

Expert Comment

by:Senior IT System Engineer
ID: 41720020
Hi Jukie,

Try this GPO trick: https://technet.microsoft.com/en-us/library/cc728016%28v=ws.10%29.aspx

  1. On the Windows Taskbar, click Start > All Programs > Administrative Tools > Group Policy Management.
  2. The version of Windows that you use may display Programs instead of All Programs in the Start menu.
  3. In the Group Policy Management window, in the console tree, expand the domain, expand Computer Configuration, expand Software Settings, right-click Software Installation, and then click Properties.
  4. On the Advanced tab, check Uninstall this application when it falls out of the scope of management, and then click OK.
  5. In the right pane, right-click the software package, and then click Remove.
  6. In the Remove Software dialog box, check Immediately uninstall the software from users and computers, and then click OK.
  7. Close the Group Policy Object Editor window, and then close the Group Policy Management window.
  8. The software uninstalls when the client computers are restarted.
LVL 13

Expert Comment

by:Bryant Schaper
ID: 41720030
may be wrong, but that only works if it was deployed with group policy
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments


Expert Comment

by:Senior IT System Engineer
ID: 41720035
Hm.. yes, that does make sense.

If that's the case then there is no other way than using GPO Startup Script with this line below:

MSI command line:
msiexec /x {the GUID of the software} REBOOT=REALLYSUPRESS /qn

Open in new window


WMI command line:
wmic product where "Vendor like '%name of your Software%' " call uninstall

Open in new window

LVL 13

Assisted Solution

by:Bryant Schaper
Bryant Schaper earned 1000 total points
ID: 41720037

I will throw this link out as well, basically you are using the uninstall string from the registry and can schedule a task to run the command

Accepted Solution

Senior IT System Engineer earned 1000 total points
ID: 41720041
Try this one via Powershell:

@PowerShell.exe -ExecutionPolicy RemoteSigned -Command "Invoke-Expression -Command ((Get-Content -Path '%~f0' | Select-Object -Skip 2) -join [environment]::NewLine)"
@exit /b %Errorlevel%

Get-wmiobject  win32_product | ?{$_.name -match "name of the softwdare"} | %{$_.uninstall()}

Open in new window


Author Comment

ID: 41720155
I would like to stick with using the GPO method. With the MSI command line or WMI command line method, how can I incorporate that through GPO? Can you please detail the steps? I would appreciate it much. Thank you.

Author Comment

ID: 41722003
I was not able to identify the app anywhere in registry. Here is the path I was viewing in the registry. I clicked through all the GUID but could not find one for the app.
All I know is that the .exe for the app we want removed reside in the following directory for all our user's laptop.
I'm not much of a Powershell person. But based on the screenshots I've provided, can you tell me how I can accomplish this via PSEXEC, Powershell, GPO, or whatever?  Maybe step-by-step? I would appreciate it much.

When I run wmic product get name, here is what appeared for the app.
I hope this information and screenshots help. I hope you can help me as well. Thank you.
LVL 44

Expert Comment

by:Davis McCarn
ID: 41725924
Do the PC's have a DW1601 wireless card?
If they do, you're going to uninstall their drivers if you manage to do this!
LVL 25

Expert Comment

ID: 41726118
What you will do is go into the Uninstall key as mentioned above (be sure to check the x64 & x86 versions of that same key.
Go through each of the GUID keys underneath the Uninstall key, and look for the title you have highlighted above in each one until you find the correct key.  Inside that key, there *should* be a value for UninstallString which will likely be msiexec /x <GUID>.  The key thing is that correct GUID.

Now.. when you create a script, you want to be sure to include some sort of flag that lets you know that the script has run.. you don't want to it to continuously run trying to uninstall something that is gone.

You can run the msiexec command as the system with PSEXEC like you mentioned:
psexec -s -i \\machinename msiexec /x <guid>

Open in new window

But, as you originally mentioned, I would deploy this is a startup script by GPO.. a simple batch file is all you need.

@echo off
if exist "%Systemroot%\DriverRemoved.txt" goto QUIT

msiexec /x <guid> /noreboot
if %errorlevel% == 0 GOTO SUCCESS
if %errorlevel% == 1614 GOTO SUCCESS
if %errorlevel% == 1641 GOTO REBOOT
if %errorlevel% == 1642 GOTO REBOOT
if %errorlevel% == 3010 GOTO REBOOT

if %errorlevel% gtr 0 (goto FAILED) else (goto QUIT)

echo Driver may not have been removed; ERROR CODE %ERRORLEVEL% >> "%systemroot%\DriverRemoved.txt"


shutdown /r /t 0

echo Driver successfully removed! >> "%systemroot%\DriverRemoved.txt" 


Open in new window

The error levels come from this article:


Author Closing Comment

ID: 41743145
By the time I got around to researching this option with GPO, I learned that our Support Tech dept already handled it by using the Sneaker Net method.

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question