HI all Sorry for this simple question I am doing some tests osquery #general

HI all .... Sorry for this simple question: I am d...

Carlos López

04/08/2021, 11:20 AM

HI all .... Sorry for this simple question: I am doing some tests with osquery and I need to uninstall it in Windows platforms ... but there is not an uninstall procedure ... How can I uninstall osquery in Windows platforms?

Juan Alvarez

04/08/2021, 11:21 AM

you can just go to add/remove programs and find it over there

Carlos López

04/08/2021, 11:25 AM

Nop, there is nothing in there ...

Juan Alvarez

04/08/2021, 11:29 AM

did you install it using the windows msi that is provided?

Carlos López

04/08/2021, 11:31 AM

Yes

Carlos López

04/08/2021, 11:33 AM

Release 4.7.0

Juan Alvarez

04/08/2021, 11:39 AM

well, it should be there , not sure why you are missing it.

Carlos López

04/08/2021, 12:36 PM

I hav used the following command to install it:

Carlos López

04/08/2021, 12:37 PM

Copy code

Start-Process -FilePath osquery.msi -ArgumentList "/q" -Wait -WindowStyle 'Hidden'

blaedj

04/08/2021, 1:07 PM

Does osquery persist after a restart? I think that command just runs osquery once, it doesn't 'install' it such that it will start up upon reboot. You can probably do something like

Stop-Process -Name "osquery"

to stop osquery started this way.

Carlos López

04/08/2021, 2:33 PM

Yes, it persist ... In fact, osqueryd service is created ..

Juan Alvarez

04/08/2021, 2:39 PM

maybe you can try to execute the msi with the /uninstall argument

blaedj

04/08/2021, 2:55 PM

ah yes, you've executed the installer, not the osquery binary. My mistake.

3 Views

Open in Slack

Previous Next