Endpoint removal

Rosco

Rosco

Well-Known Member
Reaction score
352
Location
USA
Just signed up a law firm up. they have 9 computers and 1 server running server 2008 32 bit. I am in the process of installing gfi advance monitoring agent. There previous tech's setup was a mess. Some computer had no antivirus and the server and 5 computer were running endpoint. I went through the process of uninstalling all components from each computer. went fine so i left after finishing the installation. Got back to the workshop and checked my dashboard and 2 computer end point was completely removed but the server and 3 computers still showed endpoint. I did the exact same things on each computer. Why not the result? I want to use viper and that is what my contract calls for.

Heres my question:

is there an easier way to remove end point completely then manually removing the seeming endless registry entries? I dont want to spend a lot of time with this uninstallation. thanks everyone.
 
Bobscomputerservice said:
Just signed up a law firm up. they have 9 computers and 1 server running server 2008 32 bit. I am in the process of installing gfi advance monitoring agent. There previous tech's setup was a mess. Some computer had no antivirus and the server and 5 computer were running endpoint. I went through the process of uninstalling all components from each computer. went fine so i left after finishing the installation. Got back to the workshop and checked my dashboard and 2 computer end point was completely removed but the server and 3 computers still showed endpoint. I did the exact same things on each computer. Why not the result? I want to use viper and that is what my contract calls for.

Heres my question:

is there an easier way to remove end point completely then manually removing the seeming endless registry entries? I dont want to spend a lot of time with this uninstallation. thanks everyone.
Click to expand...

I belive GFI MAV is supposed to uninstall whatever A/V is on the system during the installation process, however I have not had an install since this option was released. I do have two scheduled for late tonight though.
 
Is this Symantec endpoint or a different company? Symantec has a tool called Cleanwipe for their products, but it is a bit hard to get. You have to open a ticket with them to get it, or find some random download.

I have not had much luck with GFI MAV removing the previous anti-virus.
 
No currently GFI MAV doesnt do any type of uninstallation of another AV. But I learned at their conference last week that they are planning on having that by the end of the year.
 
MotzTech said:
Is this Symantec endpoint or a different company? Symantec has a tool called Cleanwipe for their products, but it is a bit hard to get. You have to open a ticket with them to get it, or find some random download.
Click to expand...

any way to get cleanwipe. these people will have no i what the log and registration is.
 
NYJimbo said:
This may help:

http://www.symantec.com/connect/forums/how-get-cleanwipe-tool-endpoint-removal

ps - It would sure be nice to get a copy of this....
Click to expand...

I read somewhere that it's frequently updated now...and that ties in with "updates" on the client. Probably a "hash" that changes at some interval. Thus...a copy that you downloaded somewhere a few months ago will stop working after some point, because they client updated definitions at least once since then, and the hash would no longer match.

Reason for all this...earlier tools were built into malware that can knock out antivirus programs. Kinda easy for some scripter to take this tool and run it on a computer to knock out its antivirus.
 
YeOldeStonecat said:
...a copy that you downloaded somewhere a few months ago will stop working after some point, because they client updated definitions at least once since then, and the hash would no longer match.....
Click to expand...

Makes sense, norton-removal-tool for their regular stuff does that as well. After a couple months or so it won't run.
 
I knew I had downloaded it back in August just could not think how I got hold of the software.

I found this http://bestnetworksinc.wordpress.com/tag/symantec-endpoint-protection-cleanwipe-utility/



You can use CLEANWIPE from Symantec to remove the AV and all other associated applications.

To download the utility, open the following web page in a browser:

https://fileshare.symantec.com

Log in with the following information:

Login ID: cleanwipeutility
Password: CL3@nw!p3

Once you have downloaded the utility, please follow these instructions.

Note: The zip file is password protected.
Un-Zip Password: symantec

1. Extract the file to a new folder in a convenient location, such as the Desktop, using the un-zip password provided above.
2. Browse to the new folder and execute the utility by double clicking ‘CleanWipe.exe’
3. Follow the on-screen instructions.

The utility runs in verbose mode and will ask you about the components you want uninstalled.

Note: If the CleanWipe utility fails to remove Symantec Endpoint Protection, please proceed through the manual uninstall procedure for the version of the product you have installed.

You can find the manual uninstall instructions in the following document:

Title: How to manually uninstall Symantec Endpoint Protection client from Windows 2000, XP and 2003, 32-bit Editions
Solution ID: 2007073018014248
Document URL:

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2007073018014248

Title: ‘Manual uninstallation documents for Symantec Client Security products’
Solution ID: 2002031914291648
Document URL: http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2002031914291648
Click to expand...

Hope this helps

Rudger
 
Might have remnants left in the WMI repository which MSP tools often see, thus preventing them from doing a push install. Can manually remove any stale entries.
 
YeOldeStonecat said:
I read somewhere that it's frequently updated now...and that ties in with "updates" on the client. Probably a "hash" that changes at some interval. Thus...a copy that you downloaded somewhere a few months ago will stop working after some point, because they client updated definitions at least once since then, and the hash would no longer match.

Reason for all this...earlier tools were built into malware that can knock out antivirus programs. Kinda easy for some scripter to take this tool and run it on a computer to knock out its antivirus.
Click to expand...

That's also why it prompts with a captcha on startup. To prove a human started it.
 
ok spent the afternoon onsite. Spent the time removing the seeming less endless reg entries and followed symentic directions to the letter. Removed it on the server and went to check the dashboard on another computer and it reads "ca etrust inoculateit" as the antivirus. now there is a backup program under the CA folder in the program files. but there is no etrust virus software and from what i can gather never has been. I have a ticket with gfi but i was wondering if there is any suggestions to fixing this very frustrating problem. Unistallation should not be this hard!

This office has been a nightmare taking over. At least once i have it right it will be fine. Thanks everyone for your support.
 
GFI is great! they told me the two last reg entries for the old software and was good to go. i love gfi tech support super fast and super reliable!
 
Bobscomputerservice said:
GFI is great! they told me the two last reg entries for the old software and was good to go. i love gfi tech support super fast and super reliable!
Click to expand...

How "Much" tech support can you get from GFI? or was it because you needed to add their AV and the were just facilitating that?

Can they offer assistance / guidance on errors that the dashboard shows?
 
knc said:
How "Much" tech support can you get from GFI? or was it because you needed to add their AV and the were just facilitating that?

Can they offer assistance / guidance on errors that the dashboard shows?
Click to expand...

They were facilitating their AV isnt that what they are supposed to do. They are not there to support clients i am. They provide excellent tech support for their products. That is what i pay for. No where do they claim to provide support for errors shown on dashboard.
 
You must log in or register to reply here.

Similar threads

HCHTech
Hyper-V - Moving VM to a new host
Replies
6
Views
506
britechguy
britechguy
HCHTech
Fun with Group Policy
Replies
13
Views
2K
GTP
GTP
C
VM Server reboot has a 169. address.
Replies
3
Views
1K
YeOldeStonecat
YeOldeStonecat
HCHTech
Quickbooks Enterprise 2024 multi-user issues
Replies
7
Views
875
Markverhyden
Markverhyden
Rigo
Google phone support number? Email pwd issues
2
Replies
23
Views
3K
Rigo
Rigo
Back
Top