0

I'm trying to uninstall all Symantec Endpoint Protection from the computers I manage through GPO. I've created a batch file that should uninstall the program and run when computers start up. However, I have some issues.

  1. UAC problem: "Access Denied"

If I try to do it in silent mode nothing happens, the batch file does not run. I found out that UAC is blocking the uninstall. A window appears with the UAC asking for permission. I've tried to create a batch file that disables UAC but it needs to run in Admin mode because instead I receive a message saying "Access denied". The same to enable UAC back.

Here is the UAC batch file code to disable it:

C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f

Is there any way to bypass UAC? Any way to run the batch file as "Run as Administrator"?

  1. Uninstall SEP versions

I've found out that if the version does not match the registry key (which changes with every version) it won't uninstall the program. In my batch file I put two different versions. Is there any better way to uninstall SEP any version?

Here is the batch file I created to uninstall SEP:

  • I needed to check if Outlook is open because if not it does not allow me to uninstall it. It needs to be closed.

    @Echo off

tasklist /fi "imagename eq outlook.exe" | find /i "outlook.exe" > nul
if not errorlevel 1 (taskkill /f /im "outlook.exe") 

else (

  MsiExec.exe /x {B53661DC-CD94-4B14-B15F-D9DDCFF72558}  /qb

  MsiExec.exe /x {3C83F385-BC3A-4086-A335-B14E5C50958A} /qb

)

Exit

I'm pretty new doing batch files and working with GPO. So the way I found out to do the work is creating batch files. But I'm finding the above issues. Maybe there is a better way to do what I need to do. And that's why I'm asking you guys since there is many experienced people out here.

I will appreciate any help. With my batch file and or to find a better way to do it.

The final goal should be to Uninstall all Symantec Endpoint Protection through GPO hopefully silently. I don't really want to go computer to computer doing this... I'm currently managing 150+ computers so will be a pain in the **** doing it one by one.

Thanks in advance.

Dennis van Gils
  • 3,487
  • 2
  • 14
  • 35
TheOne
  • 21
  • 6

1 Answers1

0

I've solved my issue with UAC creating a GPO Policy to disable it. I guess I will have to disable it temporarily and then re-enable it later after I'm done with the uninstalling.

These are the steps I followed -> https://www.youtube.com/watch?v=ldtJOExrGSI

Any idea/suggestion on what to do to uninstall all SEP from those computers through GPO even if they have a different version? Or do I need to include every single Uninstall string key for each version? (If this is the case, is there any list with those uninstall string keys?)

Thanks!

TheOne
  • 21
  • 6