Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 13 replies
  • Answers 1 answer
  • Subscribers 1 subscriber
  • Views 59281 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to uninstall Sophos AV from Sophos enterprise console

s0p40su53r

Hi all,

I need help in uninstalling the sophos av at the clients (approcimately 300 users plus). My question would be:

  1. Can I uninstall the sophos av from the sophos enterprise console?
  2. If yes, how can it be done?
  3. If not, does it means, I have to do it manually at 300 users pc?

Please help me in this issue. :smileysad:

:38941


This thread was automatically locked due to age.
  • 0

    Yeh, but the effort of uninstalling will be so much, that they may not lose customers........ ;)

    Good way to make it difficult to move vendors......

    :56654
  • 0

    Thinking creatively, 

    The following batch file:

    http://www.sophos.com/en-us/support/knowledgebase/122126.aspx

    has the GUIDs for at least the current Cloud endpoint.  It would be possible to add all known Sophos endpoint GUIDs in; if they don't exist on any given client it doesn't matter.  

    These can be grabbed from the uninstall registry key from a number of representitive clients.  You could try an automate the discovery scouring the registry at "run-time" looking for product guids where the name contains Sophos etc.. but as there aren't that many product GUIDs, and in most scenarios the GUIDs would all be the same as each client runs the same version combination.

    OK so armed with the killer batch file/script, you now need to run it on each computer, many ways to do that outside of SEC but if you want to use SEC: SEC will run setup.exe from the CID/distribution point when you deploy, the CID in question depends on the updating policy/subscription.  

    SEC makes no checks to see if setup.exe "is" setup.exe.  So you can write a simple exe wrapper for the script called setup.exe AutoIT would be a quick and simple tool to use and you're done.   The install task is scheduled to run as the admin account you specifiy so there should be no permission issues.  TBH, if you're going to write a exe you might as well have the exe do the work of the script but you get the idea.

    Can't say I've tried it but I see no reason it will not work.

    Jak

    :56656
  • 0

    I created a batch file that is deployed via GPO. It stops the update service, and then uninstalls the various components installed in our environment.  Info on finding the reg keys for your environment - https://community.sophos.com/kb/en-us/109668

    Also make sure you first disable tamper protection in your console - https://community.sophos.com/kb/en-us/119175

    The GPO is under Computer Configuration -> Policies -> Windows Settings -> Scripts -> Startup

    ----------------------------

    net stop "Sophos AutoUpdate Service"

    ::Sophos Remote Management System

    MsiExec.exe /X{FED1005D-CBC8-45D5-A288-FFC7BB304121} /qn REBOOT=SUPPRESS

    ::Sophos Network Threat Protection

    MsiExec.exe /X{604350BF-BE9A-4F79-B0EB-B1C22D889E2D} /qn REBOOT=SUPPRESS

    ::Sophos Endpoint Defense

    "C:\Program Files\Sophos\Endpoint Defense\uninstall.exe" /quiet

    ::Sophos Anti-Virus

    MsiExec.exe /X{01423865-551B-4C59-B44A-CC604BC21AF3} /qn REBOOT=SUPPRESS

    ::Sophos AutoUpdate

    MsiExec.exe /X{AFBCA1B9-496C-4AE6-98AE-3EA1CFF65C54} /qn REBOOT=SUPPRESS

    ----------------------------

Unfiltered HTML