Ever Posted March 28, 2014 ID:809928 Share Posted March 28, 2014 Hi all, I've spent a significant amount of time looking for a means to silently uninstall MWB via command line script with no user interaction. None of the normal uninstall settings were functioning correctly. Today, by dumb luck I came across a forum with the info and thought I'd share:"c:\program files\malwarebytes' anti-malware\unins000.exe" /verysilent /suppressmsgboxes /norestart Obviously, you'd swap \Program files (x86)\ on a 64-bit OS. This worked beautifully. Hopefully it saves someone else all of the internet search time. Link to post Share on other sites More sharing options...
CNDwannabe Posted October 10, 2014 ID:888529 Share Posted October 10, 2014 Awesome thank you!!! Link to post Share on other sites More sharing options...
cvucic Posted October 17, 2014 ID:891526 Share Posted October 17, 2014 Built a series of PowerShell commands, that'll let you do it remotely: Function List-Programs { [cmdletbinding()] [cmdletbinding()] param( [parameter(ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true)] [string[]]$ComputerName = $env:computername ) begin { $UninstallRegKey="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall" } process { foreach($Computer in $ComputerName) { Write-Verbose "Working on $Computer" if(Test-Connection -ComputerName $Computer -Count 1 -ea 0) { $HKLM = [microsoft.win32.registrykey]::OpenRemoteBaseKey('LocalMachine',$computer) $UninstallRef = $HKLM.OpenSubKey($UninstallRegKey) $Applications = $UninstallRef.GetSubKeyNames() foreach ($App in $Applications) { $AppRegistryKey = $UninstallRegKey + "\\" + $App $AppDetails = $HKLM.OpenSubKey($AppRegistryKey) $AppGUID = $App $AppDisplayName = $($AppDetails.GetValue("DisplayName")) $AppVersion = $($AppDetails.GetValue("DisplayVersion")) $AppPublisher = $($AppDetails.GetValue("Publisher")) $AppInstalledDate = $($AppDetails.GetValue("InstallDate")) $AppUninstall = $($AppDetails.GetValue("UninstallString")) if(!$AppDisplayName) { continue } $OutputObj = New-Object -TypeName PSobject $OutputObj | Add-Member -MemberType NoteProperty -Name ComputerName -Value $Computer.ToUpper() $OutputObj | Add-Member -MemberType NoteProperty -Name AppName -Value $AppDisplayName $OutputObj | Add-Member -MemberType NoteProperty -Name AppVersion -Value $AppVersion $OutputObj | Add-Member -MemberType NoteProperty -Name AppVendor -Value $AppPublisher $OutputObj | Add-Member -MemberType NoteProperty -Name InstalledDate -Value $AppInstalledDate $OutputObj | Add-Member -MemberType NoteProperty -Name UninstallKey -Value $AppUninstall $OutputObj | Add-Member -MemberType NoteProperty -Name AppGUID -Value $AppGUID $OutputObj# | Select ComputerName, DriveName } } } } end {} }Function Uninstall-Program { [cmdletbinding()] param ( [parameter(ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true)] [string]$ComputerName = $env:computername, [parameter(ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true,Mandatory=$true)] [string]$AppGUID ) try { $returnval = ([WMICLASS]"\\$computerName\ROOT\CIMV2:win32_process").Create("msiexec `/x$AppGUID `/qn") } catch { write-error "Failed to trigger the uninstallation. Review the error message" $_ exit } switch ($($returnval.returnvalue)){ 0 { "Uninstallation command triggered successfully" } 2 { "You don't have sufficient permissions to trigger the command on $Computer" } 3 { "You don't have sufficient permissions to trigger the command on $Computer" } 8 { "An unknown error has occurred" } 9 { "Path Not Found" } 9 { "Invalid Parameter"} } }function Uninstall-MBAM { param($computername) try { $AppGUID = (List-Programs -ComputerName $computername | where {$_.AppName -like "*Malwarebytes*"}).AppGUID Uninstall-Program -computername $computername -AppGUID $AppGUID } Catch { $ErrorMessage = $_.Exception.Message $FailedItem = $_.Exception.ItemName Write-Host "There was an error on $computername.`r`n$FailedItem`r`nMessage: $ErrorMessage" Break }} Link to post Share on other sites More sharing options...
Saraph Posted February 7, 2018 ID:1213510 Share Posted February 7, 2018 I cannot get either one of these working with PDQ Deploy. Link to post Share on other sites More sharing options...
exile360 Posted February 16, 2018 ID:1216187 Share Posted February 16, 2018 I don't know if this will prove helpful to you at all, but Malwarebytes uses Inno Setup for its installation packages and the default uninstall commands/switches for Inno Setup can be found here. That said, for certain business versions it is also possible to deploy the product in an MSI installation package and I do not know if the default MSI uninstall commands work in those situations or not but documentation for MSI installation/uninstallation commands may be found here as well as here. That said, it is also possible that uninstalling Malwarebytes remotely without authentication/user input is prevented for security purposes (to prevent malware/hackers from automating the uninstall process to bypass Malwarebytes protection) so you may need to refer to the Malwarebytes business product documentation provided when the product was purchased or contact Malwarebytes Business Support directly for further information and assistance. Link to post Share on other sites More sharing options...
djacobson Posted April 3, 2018 ID:1229634 Share Posted April 3, 2018 (edited) If the MSI installer cache has been removed by any popular desktop cleanup utility, this option will not be available to you. It would be best for you to use the cleaning tools we have made for this purpose. See this KB article - https://support.malwarebytes.com/docs/DOC-2333 Edited April 3, 2018 by djacobson Link to post Share on other sites More sharing options...
Recommended Posts