Hi Guys

 

Just thought I'd post my new JRE uninstall script which is alot faster than my older VB script by using the machines WMI.

*******************************************************************************

Authors: Dylan Ogle (South Africa) & Dimitri Delanghe July 2013

@echo off
cd\
cls :64BitChecker
if exist "C:\Program Files (x86)" set OSV="C:\Program Files (x86)"
if not exist "C:\Program Files (x86)" set OSV="C:\Program Files" :KillIE&JavaProcesses
echo *** This will kill IE and Java Processes ***
Rem ***
taskkill /F /IM iexplorer.exe
taskkill /F /IM iexplore.exe
taskkill /F /IM javaw.exe
taskkill /F /IM jqs.exe
taskkill /F /IM jusched.exe :UninstallingOldJREVersions
cd\
cls
echo *** This will uninstall older versions of JRE *** wmic product where "name like 'Java(TM) 6%%'" call uninstall /nointeractive
goto END
:END wmic product where "name like 'Java 6%%'" call uninstall /nointeractive
goto END
:END wmic product where "name like 'Java(TM) 7%%'" call uninstall /nointeractive
goto END
:END wmic product where "name like 'Java 7%%'" call uninstall /nointeractive
goto END
:END :Backup&ClearRegistryForJavaSoft 32Bit
if exist "C:\Program Files" start /w regedit /e "%systemroot%\JavaSoftRegBackup.reg" HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft
if exist "C:\Program Files" reg delete HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft /f :Backup&ClearRegistryForJavaSoft 64Bit
if exist "C:\Program Files (x86)" start /w regedit /e "%systemroot%\JavaSoftRegBackup.reg" HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft
if exist "C:\Program Files (x86)" reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft /f :Delete Java Folder
if exist "C:\Program Files (x86)\Java" rd "C:\Program Files (x86)\Java" /q /s
if exist "C:\Program Files\Java" rd "C:\Program Files\Java" /q /s :InstallJREVersion 7U25
cd\
cls
echo *** Installing Java 7 Update 25 ***
Rem ***
%~dp0\jre-7u25-windows-i586 /s /L C:\Windows\setup.log "WEB_JAVA=1 REBOOT=SUPRESS WEB_JAVA_SECURITY_LEVEL=M" :Disabling Automatic Updates
cd\
cls
echo *** Disabling Automatic Updates ***
Rem ***
if exist "C:\Program Files (x86)" regedit.exe -s %~dp0\DisableAutoUpdateX64.reg
if exist "C:\Program Files" regedit.exe -s %~dp0\DisableAutoUpdate.reg :Copying Configuration Properties Files
cd\
cls
echo *** Copying Configuration Properties Files ***
Rem ***
if not exist "C:\Windows\Sun\Java\Deployment" MD "C:\Windows\Sun\Java\Deployment"
copy %~dp0\deployment.config "C:\Windows\Sun\Java\Deployment" /y
copy %~dp0\deployment.properties "C:\Windows\Sun\Java\Deployment" /y :End Of Script

 

*******************************************************************************

Background Explanation For Certain Components Of My Script:

 

For the above mentioned script I'm disabling automatic updates in the registry for my 32&64bit machines using the following reg keys which you can create and store in the installation directory of the script along with the JRE setup and deployment.properties and deployment.config files:

 

64 bit:

Windows Registry Editor Version 5.00

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft\Java Update\Policy]

"EnableJavaUpdate"=dword:00000000

"EnableAutoUpdateCheck"=dword:00000000

"NotifyDownload"=dword:00000000

"NotifyInstall"=dword:00000000

 

32Bit:

Windows Registry Editor Version 5.00

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft\Java Update\Policy]

"EnableJavaUpdate"=dword:00000000

"EnableAutoUpdateCheck"=dword:00000000

"NotifyDownload"=dword:00000000

"NotifyInstall"=dword:00000000

*************************************************************************

Then I'm also deleting the Javasoft registry key to remove any traces of previous JRE installations for 32 bit and 64 bit.

 

64Bit:

Windows Registry Editor Version 5.00

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\JavaSoft]

 

32Bit:

Windows Registry Editor Version 5.00

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\JavaSoft]

***************************************************************************

Finally Im locking down and enabling the following settings in the Java control panel by creating a deployment.config and deployment.properties file which gets copied to the following directory:

C:\Windows\Sun\Java\Deployment  . My script creates this directory if it doesn't exist and my deployment files look like this (note you need to copy the contents of each file into notepad and save as deployment.config and deployment.properties

 

Deployment.config:

deployment.system.config = file\:\\C\:\\WINDOWS\\Sun\\Java\\Deployment\\deployment.properties

deployment.system.config.mandatory = true

 

Deployment.properties

deployment.javaws.autodownload=NEVER

deployment.javaws.autodownload.locked=

deployment.security.mixcode=HIDE_RUN

deployment.security.mixcode.locked=

deployment.console.startup.mode=HIDE

deployment.console.startup.mode.locked=

deployment.security.level=MEDIUM

deployment.security.level.locked=

**************************************************************************

And that's it, test it and let me know if it works for you? You can play with the JRE version parameters in the uninstall portion of the script to remove older versions applicable to your enviroment. Once you have standardised on a specific version of JRE in your enterprise and all of the older versions are off your workstations it just makes your lives much easier from a security and application stability perspective. Feel free to email me at jhbitgeek@gmail.com should you have any questions.