I've referenced the following KB on removing SEC from endpoints using MsiExec.exe after running a Reg Query. When using the syntax in the KB (only the GUID between curly braces), it only results in a Windows Installer popup (i.e. it doesn't do anything). If I include the full Reg Key path returned from the Reg Query, I am able to get an uninstall prompt, however, it results in the following error "This installation package could not be opened. Verify that the package exists and that you can access it, or contact the application vendor to verify that this is a valid Windows Installer package". SophosZap was successful in removing all products, however, I need to be able to run these commands to perform a silent/remote mass uninstall from 300+ endpoints.
I have run all commands with domain admin privilege, and have run all commands after running as administrator.
I have stopped all services using the below commands:
net stop "Sophos Agent" net stop "Sophos Anti-Virus" net stop "Sophos Anti-Virus status reporter" net stop "Sophos AutoUpdate Service" net stop "Sophos Client Firewall" net stop "Sophos Client Firewall Manager" net stop "Sophos Device Control Service" net stop "Sophos Endpoint Defense Service" net stop "Sophos Message Router" net stop "Sophos Network Threat Protection" net stop "Sophos Patch Agent" net stop "Sophos System Protection Service" net stop "Sophos Web Control Service" net stop "Sophos Web Filter" net stop "Sophos Web Intelligence Service"
Reg Query example:
MsiExec command using full path:
Error after selecting "OK" via the uninstall window:
This thread was automatically locked due to age.
