luni, 5 iulie 2010

Silent Uninstalling/Removing AVG 8.xx over the network

For six years I have used in my company computer network product offered by Symnatec, AntiVirus Corporate version 7.5, 8.0, 9.0, 10.0 and finally 11.0 Enpoint Protection.
Since late last year more than 200 stations in the network were infected with Brontok virus whose signature was not recognized at all Symantec product although it was a version dated 2005, creating big problems on infected computers, we decided not to prolong acquisition Symantec product which for us was a big disappointment and purchase another more efficient AntiVirus suite.
So we decided to install the freeware version of AVG 8.xx product on all affected stations until the new AntiVirus suite was to be acquired
All well and good until we purchase the new product which could not uninstall AVG product on network stations.
About a week searching the Internet and on various forums to a solution, I created an own method for automatic silent removal by all stations AVG product that requires no user interaction.
Since AVG does not offer support for freeware versions, we found the tool AVG8_Kleaner produced by Kaspersky Lab as automatic removal of the product succeeded only problem is that network users don't have permissions to install and uninstall software on workstations.
Because Microsoft created runas command but without the possibility writing password on the command line, I found a product file called Runasspc free developed by Robotronic that allow to specify the password, even it's encryption.
Next I present the steps to be followed:

1. Download AVG8_Kleaner produced by Kaspersky Lab from the following location:
http://download857.mediafire.com/dt1yve1munqg/yjjvjjmorxo/AVG8_Kleaner.exe
or archived version:
http://support.kaspersky.com/downloads/products2009/avg8.zip

2.Download package Runasspc produced by Robotronic Runasspc from the following location:
http://robotronic.de/runasspc/runasspcEn.zip

3.On a network station or a network server create a shared location for Everyone called AVGREM
In a subfolder of AVGREM called PROG will copy the files unpacked
- AVG8_Kleaner.exe
- Runasspc.exe
and in another subfolderof AVGREM called TXT we place a text file AVGREM.txt with the following message:
"AVG product was successfully uninstalled! "

4. Create a batch file called AVGREM.bat that contain the following lines:
@ECHO OFF
IF NOT EXIST C:\AVGREM (
C:
CD \
MD AVGREM
copy \\"shared location"\avgrem\prog\*.* C:\avgrem
C:\AVGREM\runasspc /program:"C:\AVGREM\avgrem.exe" /domain:"localhost" /user:"Administrator" /password:"local Administrator password-between quotas" /quiet
CLS
) ELSE (
C:
CD AVGREM
DEL C:\AVGREM\avgrem.exe
DEL C:\AVGREM\runasspc.exe
copy \\"shared location"\avgrem\txt\avgrem.txt C:\avgrem
CD \
RD /S /Q C:\$AVG
RD /S /Q C:\$AVG8.VAULT$
RD /S /Q C:\Program Files\AVG
CD \
CLS
)

5. On the domain controller create a new policy called AVG Remover that contain:
a. Computer Configuration / Policies / Windows Settings / Security Settings / File System and we will add the following folders:
-% ProgramFiles%\AVG
-% SystemDrive%\$ AVG
-% SystemDrive%\$AVG8.VAULT$
-% SystemDrive%\AVGREM
and give Users full control
b. User Configuration / Policies / Windows Settings / Scripsts / Logon
where we copy the batch file created earlier AVGREM.bat

6. Enable policy in the domain or group of computers on which you wish to uninstall.
At first user logon will be uninstalled AVG product, the user is prompted by the need to restart your computer after uninstallation.

At the next user logon will be erased files and folders used for removal left sterile after uninstall.
The program Runasspc can encrypt the password too! (you can read how to make that in program documentation)

0 comentarii:

Trimiteți un comentariu