Anti-Virus Annulment

Spear those dead, useless registry keys and values with Reg.exe after a Norton Antivirus failure.

Bill: Occasionally, Norton Antivirus will get corrupted and we have to uninstall it. It usually fails to uninstall, so we have to spend 30-40 minutes (per computer) running through the registry searching and deleting entries, per Symantec Doc ID 2002081213583048.

Can we script this procedure somehow? If so, how hard would it be?
—Mike

Mike: The Symantec document you refer to specifies the Registry keys that must be deleted to remove the Norton Antivirus entries. Armed with this detailed information, automating the changes is not too difficult.

In the Windows 2000 Support Tools is a command-line utility, Reg.exe, that simplifies adding, changing, or removing keys and values from the Registry of a local or remote machine as long as you have sufficient admin privileges. (Windows XP and Windows Server 2003 include Reg.exe in the standard OS installation.)

Get Help from Bill

Got a Windows or Exchange question or need troubleshooting help? Or maybe you want a better explanation than provided in the manuals? Describe your dilemma in an e-mail to Bill at mailto:[email protected]; the best questions get answered in this column.

When you send your questions, please include your full first and last name, location, certifications (if any) with your message. (If you prefer to remain anonymous, specify this in your message but submit the requested information for verification purposes.)

The syntax for using Reg to remove one of the keys in the Symantec document is:

reg delete hklm\System\
CurrentControlSet\Services\
NAVENG /f

The /f switch forces the deletion to proceed without a yes/no prompt; all subkeys and values are deleted as well.

If you want to perform this operation across the network, all you need to do is preface the key name with the UNC name of the desktop:

reg delete \\xp-pro1\hklm\
System\CurrentControlSet\
Services\NAVENG /f

You can create a batch file with a series of Reg commands to clean out all the Registry entries in the Symantec document. Replace the computer name with a %1 placeholder in each Reg entry so you can specify the target machine on the command line of the batch file:

reg delete \\%1\hklm\System\CurrentControlSet\Services\
NAVENG /f

If you're not fortunate enough to have a document that lists the Registry entries, you can use a tool call Regmon from Sysinternal (http://www.sysinternals.com) to identify the Registry entries added during installation and initial configuration. Using Regmon effectively takes a little practice; it gives you more information than you need unless you set the filters correctly.

About the Author

Contributing Editor Bill Boswell, MCSE, is the principal of Bill Boswell Consulting, Inc. He's the author of Inside Windows Server 2003 and Learning Exchange Server 2003 both from Addison Wesley. Bill is also Redmond magazine's "Windows Insider" columnist and a speaker at MCP Magazine's TechMentor Conferences.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.