import os import re import ctypes import time import subprocess start=time.time() class disable_file_system_redirection: _disable = ctypes.windll.kernel32.Wow64DisableWow64FsRedirection _revert = ctypes.windll.kernel32.Wow64RevertWow64FsRedirection def __enter__(self): self.old_value = ctypes.c_long() self.success = self._disable(ctypes.byref(self.old_value)) def __exit__(self, type, value, traceback): if self.success: self._revert(self.old_value) def Uninstall(path): with disable_file_system_redirection(): print "Sophos endpoint uninstallation has started" process = subprocess.Popen([path],stdout=subprocess.PIPE,stderr=subprocess.PIPE) stdout = process.communicate()[0] cmd=os.popen("wmic product get name").read() if 'Sophos' in cmd: print "Sophos need to restart your system and run the script Again" else: print "Sophos endpoint protection uninstalled successfully" arch=os.popen("""powershell.exe "systeminfo | Select-String 'System Type:'""").read().strip() oss=os.popen("""powershell.exe "systeminfo | Select-String 'OS Name:'""").read().strip() # if "Microsoft Windows 10" in oss: # #print True print(oss) if "x64" in arch: #print True print(arch) cmd1="REG QUERY HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall /s /f SOPHOS" cmd2='REG QUERY HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall /s /f SOPHOS | findstr "UninstallString"' #Uninstallguid sp1=os.popen(cmd1).read() #Uninstallstrings sp2=os.popen(cmd2).read() #print sp2 else: print(arch) cmd1="REG QUERY HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall /s /f SOPHOS" cmd2='REG QUERY HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall /s /f SOPHOS | findstr "UninstallString"' #Uninstallguid sp1=os.popen(cmd1).read() #Uninstallstrings sp2=os.popen(cmd2).read() #print sp2 #uninstall_guid uninstall_guid=re.findall("{\w*.*}",sp1) #unistallstring uninstallstring=re.findall('".*"',sp2) #print unistallstring if uninstall_guid==[] and uninstallstring==[]: print("Sophos is not installed") else: uninstall_using_guid=["msiexec /x {} /qn REBOOT=ReallySuppress".format(i.strip()) for i in uninstall_guid] #Creating a .bat file: bat_content1="\n".join(uninstall_using_guid) bat_content2="\n".join([i+" /uninstall /quiet" for i in uninstallstring]) bat_file=""" net stop "savservice" net stop "Sophos AutoUpdate Service" "%systemdrive%\program files\Sophos\Sophos Endpoint Agent\uninstallcli.exe" {} {} EXIT /B """.format(bat_content1,bat_content2) with open("C:\\sophos.bat","wb") as f: f.write(bat_file) #Uninstalling sophos path="C:\\sophos.bat" Uninstall(path) if os.path.exists(path): try: os.remove(path) except: pass list_prods = ['Sophos AutoUpdate', 'Sophos Anti-Virus', 'Sophos Remote Management System', 'Sophos Network Threat Protection'] for proName in list_prods: out=os.popen('wmic product where name="%s" call uninstall'%(proName)).read() end=time.time() print("Execution Time: {:.2f} ".format(end-start))