Uninstall of Symantec Antivirus enterprise edition

system · November 20, 2006, 1:42pm

(imported topic written by ckcheong)

All my BES Clients have installed with old Symantec Antivirus (SAV) clients. The SAV clients are managing by SAV Server. Recently, my company has brought a new antivirus software. The new antivirus software can deploy using BigFix Windows software deployment wizard. However, I have to uninstall the Symantec Antivirus first.

To uninstall the SAV client, I need to supply a password whereby the default password is ‘symantec’. By using Bigfix, How do I create a custom fixlet to include the password during uninstallation?

system · November 20, 2006, 4:43pm

(imported comment written by brolly3391)

Welcome to the forums ckcheong,

There are no Action Script commands to fill out an open dialog box and press the OK button. There are usually ways around this though. In your case I know of at least 3.

The

first

if your SAV clients are managed, is to set the clients to not require the password on uninstall using the console.

http://service1.symantec.com/SUPPORT/ent-security.nsf/529c2f9adcf33a1088256e22005026f1/46626512c9191f9088256a22002726fd?OpenDocument&src=bar_sch_nam

The

second

is a registry hack that essentially does the same thing:

regset “HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion\Administrator Only\Security” “useVPuninstallpassword”=“0”

This turns off the password during uninstall.

Once the password prompt is disabled then this becomes a standard software uninstall. Use your uninstall string which you can usually find in the registry. For example, my version is 10.0.1.394 and my uninstall string is located at

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall{A011A1DC-7F1D-4EA8-BD11-0C5F9718E428}

UninstallString = MsiExec.exe /I{A011A1DC-7F1D-4EA8-BD11-0C5F9718E428}

Since this is an MSI and I want it to be quiet I need to modify that uninstall string to uninstall (/X), do it quietly (/QN)

More on uninstalling MSI and the parameters here: http://support.microsoft.com/kb/227091

The

third

is to contact Symantec and get the NoNav tool which uninstalls all known versions of SAV and NAV without asking for a password. This is the method I used when I had to do a mass removal on a mixed version SAV environment. Then follow the directions for the command line method and use the software deployment wizard to deploy the NoNav tool and run it. I suggest suppressing the reboot.

I hope that points you in the right direction. If you need a bit more assistance then it would be helpful to know if you have more than one version of NAV/SAV to uninstall.

If you decide to take any of these suggestions, please test them thoroughly before deploying them to your production environment.

Cheers,

Brolly

system · November 28, 2006, 10:31pm

(imported comment written by mmurty)

Ckcheong,

Remove the uninstall password from the symantec console and apply this configuration to all the clients. Once that is done, you can use the script provided by Brolly. That is what i have done.

system · December 8, 2006, 11:18am

(imported comment written by ckcheong)

Brolly, mmurty,

Thank you.