Main Menu

Articles

NOD32 Uninstall Batch Script

Written by Andy P. Friday, 28 December 2007 06:04

Attention: open in a new window. PDFPrintE-mail

( 4 Votes )

A while ago I wrote an uninstall script for a version of NOD32 to be used in a domain setting. It may have been 2.7, it may have been 2.5. Either way, the one that I needed recently was for their new ESET “NOD32 Antivirus version 3.0″. This is a batch script that worked for me by using the current Active Directory login script to point to this batch file:

::uninstall nod32
::create a registry file that prohibits the kernel as well as the gui from loading
echo Windows Registry Editor Version 5.00>removenod32.reg
echo.>>removenod32.reg
echo [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ekrn]>>removenod32.reg
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]>>removenod32.reg
echo "egui"=->>removenod32.reg
regedit.exe /s removenod32.reg
taskkill /im egui.exe
::SHUTDOWN -r -t 01
DEL removenod32.reg

Keep in mind that I use the term ”uninstall” loosely and that it doesn’t remove
the links in the start menu (which wouldn’t be hard to add), the files, or the remaining registry keys.  This just prevents it from
running when you start your computer and enables you to install another
antivirus of choice without conflicts.

 If you are using version 2.5 or 2.7, I think you can get away with merely changing ”egui.exe” to “nod32kui.exe” and changing
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ekrn]
to
[-HKEY_LOCAL_MACHINE\ system \ CurrentControlSet \ NOD32krn]
or whatever it happens to be.

Either way, I spent 10 minutes or so completely disabling their security software
which is cool for the sake of administration, but not too promising for the software
since they seem to be adhering to the ”security by obscurity”
concept in that, while their definitions seem to be pretty
up-to-date, if anyone maliciously targeted their AV software, you might be in trouble.
That makes me wonder how hard it would be to make a script for Norton or McAfee to
do the same thing (not that I really care to since I had no practical use for such a script
previously).

If anyone happens to modify this script to make a cleaner uninstall, let me know and I’ll post it here while giving credit where it’s due.

I used this on ESET NOD32 Antivirus 3.0.563.0 with the signature database 2658 on Windows XP.
Click here to download the file remove.txt then make sure to change the extension from .txt to .bat.


UPDATE: Someone told me (in a previous blog, before we migrated the posts) they were receiving the error "(114) Setup.xml file is damaged or missing" and used the batch uninstall to remedy the problem.

Also note that ESET says you can use the NOD32 Remote Administrator to remove the install as well,  though I haven't personally ever tried it.


Add this page to your favorite Social Bookmarking websites
Reddit! Del.icio.us! Mixx! Free and Open Source Software News Google! Live! Facebook! StumbleUpon! Yahoo! Joomla Free PHP
Comments
Add New Search RSS
Write comment
Name:
Email:
 
Website:
Title:
UBBCode:
[b] [i] [u] [url] [quote] [code] [img] 
 
 
:angry::0:confused::cheer:B):evil::silly::dry::lol::kiss::D:pinch:
:(:shock::X:side::):P:unsure::woohoo::huh::whistle:;):s
:!::?::idea::arrow:
 
Please input the anti-spam code that you can read in the image.

!joomlacomment 4.0 Copyright (C) 2009 Compojoom.com . All rights reserved."

< Prev
SEO by Artio