We use Symantec Antivirus where we work, and somehow I got put in charge of it. It’s not my favorite product, but I’m not sure what would be better. So we live with it.
Recently I had two systems that decided they didn’t want to be managed anymore, and my usual fix, copying the server’s certificate file and grc.dat back into place, didn’t work. The official solution? Uninstall and reinstall.
So what if it refuses to uninstall and reinstall?I didn’t like the answer I got (rebuild the server), so I did some digging. I noticed that one of the services hung in the stopping state, which gave me a clue. I found manual instructions for uninstalling, but one of the prerequisites is that you stop all the services.
Unable to stop the services, I set everything with “Symantec” in its name to Disabled and rebooted. When the server came back, SAV wasn’t running.
At that point, the manual uninstallation would have worked, but that process takes 30-60 minutes, depending on how much junk you have to wade through in the registry (the more applications you have installed, the longer it takes). While I was snowed in this weekend, I built a machine and installed SAV on it so I could step through the process. With nothing else installed, it took me about 30 minutes to complete all the steps.
I decided to be lazy and see if I could pull it out with Add/Remove Programs. It would take 5-10 minutes to find out, and if it worked, it would be a good investment of time.
In my case, it worked, so I got to trade 60-120 minutes of active work for 20 minutes of mostly passive work. That’s a good trade, especially when the active work involves registry editing.
If the official method, via Add/Remove Programs, had failed, I can think of one option besides the manual uninstall. If your local bureaucracy will allow you to install a tool without jumping through a zillion hoops, you could install Revo Uninstaller and see if it can clean up the mess. Odds are it would leave fewer traces of SAV strewn about on your computer, so you’d get a cleaner uninstall, and, perhaps, less chance of whatever caused your problem in the first place lingering and rearing its ugly head again.
That wasn’t an option for me, so I was glad that I was able to get Add/Remove Programs to work.
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.