Last active
March 5, 2023 04:38
-
-
Save ion-storm/a9f97f54cdd6cd83d2217bb41c6b297c to your computer and use it in GitHub Desktop.
sophos removal v1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@echo off | |
:: Sophos Removal Tool | |
setlocal | |
cd /d %~dp0 | |
start /wait net stop "Sophos AutoUpdate Service" | |
start /wait sc stop "Sophos Agent" | |
start /wait sc stop "SAVService" | |
start /wait sc stop "SAVAdminService" | |
start /wait sc stop "Sophos AutoUpdate Service" | |
start /wait sc stop "Sophos Client Firewall" | |
start /wait sc stop "Sophos Client Firewall Manager" | |
start /wait sc stop "Sophos Compliance Agent API" | |
start /wait sc stop "Sophos Message Router" | |
start /wait sc stop "swi_service" | |
start /wait sc stop "swi_update" | |
start /wait sc stop "swi_update_64" | |
start /wait sc stop "Sophos Device Control Service" | |
start /wait sc stop "Sophos Endpoint Defense" | |
start /wait sc stop "Sophos Message Router" | |
start /wait sc stop "SntpService" | |
start /wait sc stop "sophossps" | |
start /wait sc stop "Sophos Web Control Service" | |
start /wait sc stop "swi_filter" | |
start /wait processhacker.exe -c -ctype process -cobject swi_service.exe -caction terminate | |
start /wait processhacker.exe -c -ctype process -cobject swi_filter.exe -caction terminate | |
start /wait processhacker.exe -c -ctype process -cobject swc_service.exe -caction terminate | |
start /wait processhacker.exe -c -ctype process -cobject sntpservice.exe -caction terminate | |
start /wait processhacker.exe -c -ctype process -cobject sdcservice.exe -caction terminate | |
start /wait processhacker.exe -c -ctype process -cobject savservice.exe -caction terminate | |
start /wait processhacker.exe -c -ctype process -cobject savadminservice.exe -caction terminate | |
start /wait processhacker.exe -c -ctype process -cobject routernt.exe -caction terminate | |
start /wait processhacker.exe -c -ctype process -cobject managementagentnt.exe -caction terminate | |
start /wait processhacker.exe -c -ctype process -cobject alupdate.exe -caction terminate | |
start /wait processhacker.exe -c -ctype process -cobject alsvc.exe -caction terminate | |
start /wait processhacker.exe -c -ctype process -cobject almon.exe -caction terminate | |
start /wait msiexec.exe /x{fed1005d-cbc8-45d5-a288-ffc7bb304121} /qn REBOOT=ReallySuppress /L*v %windir%\Logs\Uninstall_SAV_Log.txt | |
start /wait msiexec.exe /x{afbca1b9-496c-4ae6-98ae-3ea1cff65c54} /qn REBOOT=ReallySuppress /L*v %windir%\Logs\Uninstall_SAV_Log.txt | |
start /wait msiexec.exe /x{15c418eb-7675-42be-b2b3-281952da014d} /qn REBOOT=ReallySuppress /L*v %windir%\Logs\Uninstall_SAV_Log.txt | |
start /wait msiexec.exe /x{bcf53039-a7fc-4c79-a3e3-437ae28fd918} /qn REBOOT=ReallySuppress /L*v %windir%\Logs\Uninstall_SAV_Log.txt | |
start /wait msiexec.exe /x{66967e5f-43e8-4402-87a4-04685ee5c2cb} /qn REBOOT=ReallySuppress /L*v %windir%\Logs\Uninstall_SAV_Log.txt | |
start /wait msiexec.exe /x{65323b2d-83d4-470d-a209-d769db30bbdb} /qn REBOOT=ReallySuppress /L*v %windir%\Logs\Uninstall_SAV_Log.txt | |
start /wait msiexec.exe /x{09863da9-7a9b-4430-9561-e04d178d7017} /qn REBOOT=ReallySuppress /L*v %windir%\Logs\Uninstall_SAV_Log.txt | |
start /wait msiexec.exe /x{9acb414d-9347-40b6-a453-5efb2db59dfa} /qn REBOOT=ReallySuppress /L*v %windir%\Logs\Uninstall_SAV_Log.txt | |
start /wait msiexec.exe /x{ca3ce456-b2d9-4812-8c69-17d6980432ef} /qn REBOOT=ReallySuppress /L*v %windir%\Logs\Uninstall_SAV_Log.txt | |
start /wait msiexec.exe /x{1093b57d-a613-47f3-90cf-0fd5c5dcffe6} /qn REBOOT=ReallySuppress /L*v %windir%\Logs\Uninstall_SAV_Log.txt | |
start /wait msiexec.exe /x{b829e117-d072-41ea-9606-9826a38d34c1} /qn REBOOT=ReallySuppress /L*v %windir%\Logs\Uninstall_SAV_Log.txt | |
start /wait "C:\Program Files\Sophos\Endpoint Defense\uninstall.exe" /quiet |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment