ICT Consulting ICT Consulting helpdesk Knowledgebase PC VIRUS SPYWARE MALWARE
Script per dinsistallare clients Sophos
Articoli suggeriti della knowledgebase:

Script per dinsistallare clients Sophos

 

You need to collect all the required uninstall strings from a typical endpoint computer (so you get the correct commands), copy them into a new text file (one per line), save the file as a .bat extension (batch file) and fully test it works as desired.

Note: If enabled, the Sophos Tamper Protection policy must be disabled on the endpoints involved before attempting to uninstall any component of Sophos Endpoint Security and Control.  See article 119175 for more information.

Gather the uninstall commands

  1. On an endpoint computer open the registry editor (Start | Run | Type: regedit.exe | Press return).
  2. Expand the left hand tree to the following key:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\
    Note: On a 64-bit computer you will need to check both the key above and the following key:
    HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall
  3. Click through the list and locate the first Sophos component you need to uninstall.
  4. In the list of values find the 'UninstallString', right-click it and select 'Modify'.
  5. Copy the string into a text editor.
  6. Repeat steps three to five for all other component you need to remove.

Windows installer parameters

The uninstall strings copied from the registry may contain MSIEXEC.exe parameters or you may want to add your own parameters to control what the end user sees on screen and how the computer behaves.  For example the uninstall string for Sophos Anti-Virus v10 is:

MsiExec.exe /X {9ACB414D-9347-40B6-A453-5EFB2DB59DFA}

But can be modified so that the uninstall is silent:

MsiExec.exe /X {9ACB414D-9347-40B6-A453-5EFB2DB59DFA} /qn

Or to suppress a reboot (A restart is normally required for Sophos Client Firewall and Sophos Anti-Virus) so that you may perform it at a later time:

MsiExec.exe /X{9ACB414D-9347-40B6-A453-5EFB2DB59DFA} /qn REBOOT=SUPPRESS

It is advisable to create a log file (a separate file is needed for each component) as part of this process for each component being removed to help facilitate troubleshooting should an issue arise:

MsiExec.exe /X{9ACB414D-9347-40B6-A453-5EFB2DB59DFA} /qn REBOOT=SUPPRESS /L*v %windir%\Temp\Uninstall_SAV9-10_Log.txt

If you need further information on Windows Installer (MSIEXEC.exe) and associated parameters we recommend you consult up to date Microsoft documentation.

Create a batch file

Prior to uninstalling the endpoint components, you should stop the Sophos AutoUpdate Service to prevent a potential update of the endpoint software during the removal.  A command line such as the following can be used.

net stop "Sophos AutoUpdate Service"

The order in which the endpoint components are removed is important.  Therefore reorder your uninstall strings (that you extracted from the registry editor) as shown below.

  1. Sophos Patch Agent
  2. Sophos Compliance Agent
  3. Sophos Remote Management System
  4. Sophos Client Firewall
  5. Sophos Anti-Virus
  6. Sophos AutoUpdate

Then save the file and change the file extension from .txt to .bat

Questo articolo è stato d'aiuto? | No

Dettagli articolo

Codice articolo:
122
Categoria:
VIRUS SPYWARE MALWARE
Data di inserimento:
23-Ott-2013 10:52am
Visualizzazioni:
1.060
Valutazione (Voti):
(61)

Articoli correlati