import os import ctypes import subprocess import re import fnmatch import _winreg from _winreg import * class disable_file_system_redirection: _disable = ctypes.windll.kernel32.Wow64DisableWow64FsRedirection _revert = ctypes.windll.kernel32.Wow64RevertWow64FsRedirection def __enter__(self): self.old_value = ctypes.c_long() self.success = self._disable(ctypes.byref(self.old_value)) def __exit__(self, type, value, traceback): if self.success: self._revert(self.old_value) def find(pattern, path): result = [] for root, dirs, files in os.walk(path): for name in files: if fnmatch.fnmatch(name, pattern): result.append(os.path.join(root, name)) return result def run_cmd(command): with disable_file_system_redirection(): process=subprocess.Popen(command, shell=True, stdout=subprocess.PIPE) result=process.communicate() ret=process.returncode if ret==0: return result[0] return False Path=os.environ['systemdrive'] Path64=r"\Program Files (x86)\COMODO\Shield Agent" Path32=r"\Program Files\COMODO\Shield Agent" Path32=os.path.join(Path,Path32) Path64=os.path.join(Path,Path64) ret = os.system("taskkill /f /im cShield.exe") if (ret == 0 or ret == 128): c=0 ret_proxy = os.system("taskkill /f /im cShield.Service.ProxyController.exe") ret_watchdog = os.system("taskkill /f /im cShield.Service.ProxyController.WatchDog.exe") if (ret_proxy == 0 or ret_proxy == 128) and (ret_watchdog == 0 or ret_watchdog == 128): c=0 else: print "Error while closing Proxy Services with return code : " + str(ret_proxy) if os.path.exists(Path32): regdel='reg delete "HKLM\SOFTWARE\COMODO\Shield Agent" /va /f' regde2='reg delete "HKLM\SOFTWARE\COMODO\Shield Agent" /va /f' run_cmd(regdel) run_cmd(regde2) elif os.path.exists(Path64): regdel='reg delete "HKLM\SOFTWARE\WOW6432Node\COMODO\Shield Agent" /va /f' regde2='reg delete "HKLM\SOFTWARE\WOW6432Node\COMODO\Shield Agent" /va /f' run_cmd(regdel) run_cmd(regde2) blacklist=[] blacklist.append("Comodo Shield Agent") uninstallkey='SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall' uninstallkey1='SOFTWARE\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall' if 'PROGRAMFILES(X86)' in os.environ.keys(): reg_list=[(_winreg.HKEY_LOCAL_MACHINE,uninstallkey1,_winreg.KEY_WOW64_32KEY | _winreg.KEY_ALL_ACCESS), (_winreg.HKEY_LOCAL_MACHINE,uninstallkey1,_winreg.KEY_WOW64_64KEY | _winreg.KEY_ALL_ACCESS), (_winreg.HKEY_CURRENT_USER,uninstallkey,_winreg.KEY_WOW64_32KEY | _winreg.KEY_ALL_ACCESS), (_winreg.HKEY_CURRENT_USER,uninstallkey,_winreg.KEY_WOW64_64KEY | _winreg.KEY_ALL_ACCESS)] else: reg_list=[(_winreg.HKEY_LOCAL_MACHINE,uninstallkey,_winreg.KEY_READ,_winreg.KEY_ALL_ACCESS), (_winreg.HKEY_CURRENT_USER,uninstallkey,_winreg.KEY_READ,_winreg.KEY_ALL_ACCESS)] strun=[] list=[] for i in reg_list: reg_key=i[0] sub_key=i[1] Value=i[2] reg = ConnectRegistry(None, HKEY_LOCAL_MACHINE) k = OpenKey(reg, i[1]) reg =_winreg.OpenKey(_winreg.HKEY_LOCAL_MACHINE, i[1], 0, i[2]) i=0 while True: try: key_value=_winreg.EnumKey(reg,i) path=os.path.join(sub_key,key_value) Hkey=_winreg.OpenKey(reg_key,path,0,Value) try: key,dis_name=_winreg.QueryValueEx(Hkey,'DisplayName') inlist=[key.strip(), path, sub_key] list.append(inlist) except: pass i+=1 except: break final_list=[] rs = 0 for c in list: if c not in final_list: final_list.append(c) for c1 in final_list: for i in range(0,len(blacklist)): if blacklist[i] == c1[0]: Registry = ConnectRegistry(None, HKEY_LOCAL_MACHINE) RawKey = _winreg.OpenKey(Registry, c1[1],0,Value) (value, type) = _winreg.QueryValueEx(RawKey,"UninstallString") strun.append(value) Uninstr=re.findall('{.*}',value) unin_str=''.join(Uninstr) command="msiexec /x "+unin_str+" /qn" unarglist= command.splitlines(True) unarglist2= ''.join(unarglist) subprocess.check_call(unarglist2) rs += 1 else: rs += 0 if rs: print blacklist[i] +' Successfully removed' else: print blacklist[i] +' not installed on endpoint' try: shutil.rmtree(Path64) except: pass try: shutil.rmtree(Path32) except: pass