Microsoft has a funny way of sneaking ‘features’ in with patches. In this case Windows Search 4.0 is not really a feature as much as a problem. It was installed on a few of the networks I support as part of our weekly patching, and the next day I got a bunch of calls about reduced performance. I figured that people would complain until it finished indexing. Not the case, it seemed to cripple computers and crush servers. It indexed to the point of actually leaving no resources for users to authenticate to one of our terminal servers. I started looking for a fix and came up with this:
Kaseya:
Script Name: Remove Windows Search 4.0
Script Description:
IF Test File
Parameter 1 : C:WINDOWS$NtUninstallKB940157$spuninstspuninst.exe
Exists :
THEN
Execute File
Parameter 1 : C:WINDOWS$NtUninstallKB940157$spuninstspuninst.exe
Parameter 2 : /quiet /norestart
Parameter 3 : 3
OS Type : 0
ELSE
Windows logon script or batch file:
If you are using kasaya you can import that script directly and run it to remove the ‘feature’. You can also add the above line to a login script or batch file. This will automatically, silently remove the update with no user intervention or popup.  it literally just disappears.
WARNING: running this on a terminal server with users logged in will cause new users to not be able to authenticate until you restart the server. Â Always follow best practice for software uninstalls. Â Careful when you run it on servers 
Just a nice simple way to remove windows search 4.0 infection from your network.
#1 by Bobby on September 2, 2009 - 10:31 pm
Thanks for your site. I have just purcheasd kaseya for our co. and site has been a big help.
#2 by admin on September 20, 2009 - 3:58 pm
Thanks for the kind words
if you have any questions feel free to ask.