Ve hev vays to uninstall Symantec Antivirus

We use Symantec Antivirus where we work, and somehow I got put in charge of it. It’s not my favorite product, but I’m not sure what would be better. So we live with it.

Recently I had two systems that decided they didn’t want to be managed anymore, and my usual fix, copying the server’s certificate file and grc.dat back into place, didn’t work. The official solution? Uninstall and reinstall.

So what if it refuses to uninstall and reinstall?I didn’t like the answer I got (rebuild the server), so I did some digging. I noticed that one of the services hung in the stopping state, which gave me a clue. I found manual instructions for uninstalling, but one of the prerequisites is that you stop all the services.

Unable to stop the services, I set everything with “Symantec” in its name to Disabled and rebooted. When the server came back, SAV wasn’t running.

At that point, the manual uninstallation would have worked, but that process takes 30-60 minutes, depending on how much junk you have to wade through in the registry (the more applications you have installed, the longer it takes). While I was snowed in this weekend, I built a machine and installed SAV on it so I could step through the process. With nothing else installed, it took me about 30 minutes to complete all the steps.

I decided to be lazy and see if I could pull it out with Add/Remove Programs. It would take 5-10 minutes to find out, and if it worked, it would be a good investment of time.

In my case, it worked, so I got to trade 60-120 minutes of active work for 20 minutes of mostly passive work. That’s a good trade, especially when the active work involves registry editing.

If the official method, via Add/Remove Programs, had failed, I can think of one option besides the manual uninstall. If your local bureaucracy will allow you to install a tool without jumping through a zillion hoops, you could install Revo Uninstaller and see if it can clean up the mess. Odds are it would leave fewer traces of SAV strewn about on your computer, so you’d get a cleaner uninstall, and, perhaps, less chance of whatever caused your problem in the first place lingering and rearing its ugly head again.

That wasn’t an option for me, so I was glad that I was able to get Add/Remove Programs to work.

4 thoughts on “Ve hev vays to uninstall Symantec Antivirus

  • February 4, 2008 at 9:05 pm
    Permalink

    Speaking of stupid Symantec AntiVirus tricks, I had a new one I discovered after banging my head for a couple of hours yesterday – just didn’t know it was being caused by Symantec.

    I was preapring a laptop manually from an OEM build (Lenovo). Removed most of their stuff, along with their 90-day Norton AntiVirus offering. Fairly standard build. Rename, add to the domain, all the usual stuff. Install the department requested apps, and SAV CE (10.1.6010). SAV is even managed by a Symantec System Center just fine.

    Try an UpdateEXPERT query, and it comes back with “unknown operating system”. Unknown? I can see from my desk that it’s WindowsXP, darned software! Try pushing Centennial Discovery client agent at the system, and I get an odd error message that suggests I try to run “md \COMPUTERNAMEc$Centenn.ial” from a command line as a test. Sure enough, I could not get to c$, and when I tried, I got a perplexing error message suggesting the “server” was out of space.

    Thinking it was related to Lenovo’s Access Connections software, I reinstalled that, made sure File and Printer Sharing was not disabled, removed the software – no change. Turn off the firewall – no change. Banged my head on the table – no change. Googled “not enough server storage is available to process this command xp” and finally was getting someplace.

    Found a Microsoft KB article that shows a registry change to try. The default settings of 15 (decimal) did not work, but bumping it to 20 did.

    So today, I am building an identical system, and still hadn’t put together the fact that SAV was the cause of this, because I had been pushing patches at that system all last night without any problem, I just hadn’t installed SAV yet. Got everything done that I needed to, then installed SAV. Tried to query from UpdateEXPERT (which had been pushing patches just fine) and bingo – unknown operating system!

    I was able to make the suggested changes to the registry remotely (which makes this even more perplexing) and after bumping IRPStackSize to 20, I was able to query with UpdateEXPERT and push the Discovery client to the system.

    So now we have the two minute fix that took two hours of head banging to find. The fact that we have never seen this problem before makes it all the more interesting, but without running something like this up Symantec’s or Microsoft’s flagpole, I am sure we’ll never know what the exact combination of software and events lead to this. At least when we see it, we’ll have a better idea what to do about it.

    There really are times when I hate computers.

    • February 5, 2008 at 4:33 pm
      Permalink

      That problem sure does sound familiar, but I don’t know if we ever solved it, or just worked around it. That would have been 3-6 years ago and of course everyone who would remember it (Todd, Alan, and me) is long gone.

  • February 5, 2008 at 8:12 am
    Permalink

    So you like Revo Uninstaller alright ? I visited the website and it looks handy, but the "free" part put me off a bit (for Windows software – I’m used to free under Linux 😉

    Works as advertised ? No ad-ware or spyware ?

    • February 5, 2008 at 4:11 pm
      Permalink

      Yep, so far it works as advertised. I haven’t had a lot of occasion to use it, since I’m not the kind of person who downloads and installs everything in sight. But in my limited usage, it does get rid of traces that Add/Remove Programs leaves behind. And no adware/spyware as far as I can tell.

Comments are closed.

%d bloggers like this:
WordPress Appliance - Powered by TurnKey Linux