Script to Uinstall BitDefender Agent Security Tools

Purushothaman · January 11, 2017, 8:33am

Please use the script to uninstall BitDefender Agent Security Tools from your Endpoint

import os
import shutil
def Download(URL, DownloadTo = None, FileName = None):
    import urllib
    if FileName:
        FileName = FileName
    else:
        FileName = URL.split('/')[-1]
        
    if DownloadTo:
        DownloadTo = DownloadTo
    else:
        DownloadTo = os.path.join(os.environ['SYSTEMDRIVE'], os.sep)
        
    DF = os.path.join(DownloadTo, FileName)
    with open(os.path.join(DownloadTo, FileName), 'wb') as f:
        f.write(urllib.urlopen(URL).read())
    if os.path.isfile(DF):
        return DF
    else:
        return False

def ExecuteCMD(CMD, OUT = False):
    import ctypes
    class disable_file_system_redirection:
        _disable = ctypes.windll.kernel32.Wow64DisableWow64FsRedirection
        _revert = ctypes.windll.kernel32.Wow64RevertWow64FsRedirection
        def __enter__(self):
            self.old_value = ctypes.c_long()
            self.success = self._disable(ctypes.byref(self.old_value))
        def __exit__(self, type, value, traceback):
            if self.success:
                self._revert(self.old_value)

    from subprocess import PIPE, Popen
    with disable_file_system_redirection():
        OBJ = Popen(CMD, shell = True, stdout = PIPE, stderr = PIPE)
    out, err = OBJ.communicate()
    RET = OBJ.returncode
    if RET == 0:
        if OUT == True:
            if out != '':
                return out
            else:
                return True
        else:
            return True
    else:
        return False
    
HOMEPATH = os.getcwd()
BDPATH = Download('https://drive.google.com/uc?export=download&id=0B6I0FCnACZi7UTFyR1RXZWJuMUk', FileName = 'BEST_Uninstalltool.exe')

if 'PROGRAMW6432' in os.environ.keys():
    PF = os.environ['PROGRAMW6432']
    URL = 'http://www.rarlab.com/rar/winrar-x64-540.exe'
else:
    PF = os.environ['PROGRAMFILES']
    URL = 'http://www.rarlab.com/rar/wrar540.exe'

##HOME = os.path.join(os.environ['SYSTEMDRIVE'], os.sep)
HOME = os.environ['TEMP']
try:
    os.mkdir(os.path.join(HOME, 'T3MPH0M3'))
except:
    pass

TEMPHOME = os.path.join(HOME, 'T3MPH0M3')
ExtractToTemp = '"'+os.path.join(PF, 'WinRAR' ,'UnRAR.exe')+'" x -y "'+BDPATH+'"'
UnInstallBD = '"'+os.path.join(TEMPHOME, 'UninstallTool.exe')+'" /silent /force:Endpoint Security by Bitdefender'
UnInstallWinRARCMD = '"'+os.path.join(PF, 'WinRAR' ,'Uninstall.exe')+'"'+' /S'

if os.path.isfile(os.path.join(PF, 'WinRAR', 'WinRAR.exe')):
    LISTOFCMDS = [ExtractToTemp, UnInstallBD]
    LISTOFPATH = [BDPATH]
else:        
    WinRAR = Download(URL)
    LISTOFCMDS = [WinRAR+' /S', ExtractToTemp, UnInstallBD, UnInstallWinRARCMD]
    LISTOFPATH = [WinRAR, BDPATH]

DIC = {}
for i in LISTOFCMDS:
    if i == ExtractToTemp:
        os.chdir(TEMPHOME)
        if type(i) is not tuple:
            DIC<i> = ExecuteCMD(i)
        else:
            a, b = i
            DIC[a] = ExecuteCMD(a, b)
        os.chdir(HOMEPATH)
    else:
        if type(i) is not tuple:
            DIC[i] = ExecuteCMD(i)
        else:
            a, b = i
            DIC[a] = ExecuteCMD(a, b)


for rem in LISTOFPATH:
    os.remove(rem)  

try:
    shutil.rmtree(TEMPHOME)
except:
    print 'WARNING: '+TEMPHOME

RES = True
for res in DIC.values():
    RES = RES and res

##print DIC

if RES:
    print 'SUCCESS: Uninstalling'
else:
    print 'FAIL: Uninstalling'

Sample Output:

Scripts to Export:

Usage:
[I]Please run the script as ‘Local System User’ from the ITSM

20170111-Uninstall-BitDefender-Security-Agent.json (4.77 KB)

dgomez · January 11, 2018, 6:03pm

Hi, I’ve been trying to uninistall bitdefender on multiple machines. I’ve created a script using msiexec with the uninstall string for the BD security agent but I’ve found out that every computer has a different uninstall string. I’ve tried to uninstall it using the BD management console, however the console does a poor job, the uninstall fails on most machines. I’ve tired looking for silent uninstall switches for the BD uninstall tool but I’ve found none, BD support wont help with this even though we are still under contract with them until the end on march 2018, i’ve tried third party uninstall tools such as ESET av removal tool but sometimes it works some times it doesn’t. I came across this script but I’m having a hard time figuring out how to run a .json script. Do I need to run it from the COMODO one Manager? Can someone please point me in the right direction?

Update: I’m new to comodo one. I see it’s a procedure, I think the BDPATH = Download link seems to be broken! I will replace it with my own, lets see if that works.

Thank you,
Danny

Preethi · January 12, 2018, 10:08am

Hi @dgomez

We will analyse and update the script request shortly.

Thank you

dgomez · January 12, 2018, 3:36pm

Thank you, I also deployed the Comodo security client from ITSM, very light weight endpoint I like that but unfortunately it did not uninstalled the old AV. When I run the procedure, it runs successfully but uninstall fails.

Thank you

artseremis · January 8, 2019, 5:50pm

Hi,
UninstallTool.exe /silent /force:Endpoint Security by Bitdefender
what is the password modifier?
i try
/pass:
/password:
/nopassword
thanks