'Script that uninstalls Wan Miniports in Windows with Powershell
I have tried to create a script to uninstall wan miniport drivers in windows with no success.
gwmi Win32_PnPSignedDriver | Select devicename | where {$_.devicename -like '*WAN*'}
The following error ensues:
"Method invocation failed because [Selected.System.Management.ManagementObject] does not contain a method named 'uninstall'."
+ $WANDRIVERS.uninstall{} + ~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (uninstall:String) [], RuntimeException
+ FullyQualifiedErrorId : MethodNotFound
I also created a one liner:
Get-WindowsDriver -Online -All | select driver | where {$_.driver -like '*netrasa*'}.uninstall{}
Same error message ensues. What am I missing? Do I need to install some kind of method or module?
Solution 1:[1]
A warning: built-in VPN and IPSEC functionality will cease to function correctly without the WAN Miniport being enabled. If you opt to remove the drivers outright, you may have to re-install or repair an existing Windows installation should you need this functionality currently or later on. Some third party VPN and network security software rely on the built-in drivers as well, and may also be affected by their removal.
It is recommended to instead disable these drivers rather than outright remove them, and ensure that Administrative access is only granted to users which require it to prevent unauthorized re-enablement. Enabling disabled drivers is much easier than restoring them if there is no documented method of doing so.
There is no Uninstall() method on Win32_PnPSignedDriver. There is not a built-in way to remove drivers (short of running a related uninstaller program or MSI) from PowerShell or .NET, nor does there seem to be a documented Win32 API function either, from the currently running OS.
You have three supported options:
- Use the
DeviceManagementPowerShell module to disable the device (it still can't remove the driver with this).- On Windows 10/Server 2016 you can instead leverage the built-in
Disable-PnPDevicecmdlet to disable a PnP device.
- On Windows 10/Server 2016 you can instead leverage the built-in
- Leverage dpinst.exe or one of the other
DFixprovided libraries to perform the uninstallation. Unfortunately, this method is no longer supported by Microsoft and you would need to install an older version of the WDK which containsDFixtools and libraries. - The officially supported answer is that Microsoft now recommends instead of relying on
DFixthat you utilize vendor-supported installers to manage deployment and removal of drivers. For built-in drivers, disable them rather than remove them, or locate a KB provided by Microsoft which entails how to remove certain drivers maintained by them.
A more dangerous option would be to outright remove the drivers from the installation entirely:
Note: These options should be used with caution as removing certain drivers in this way without a vendor-supported uninstaller or official removal KB may result in an unsupported setup.
You can use the Remove-WindowsDriver cmdlet to remove drivers by INF name, but the catch is this can only be done to an offline image. However, this may be useful if you do have a golden image which you deploy VMs or a physical installation from.
You could also leverage the MoveFileEx Win32 API function from PowerShell (you will have to P/Invoke this from C# code in your PowerShell session) to remove the driver files on the next boot.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 |