title_name_for_popup = u"Restart Reminder" #edit here

message_for_popup = u"""
Successfully uninstalled Comodo cWatch EDR Agent
This system is going to restart in 5 minutes
if you would like to cancel restart, press cancel. otherwise press ok
""" #edit here


import os
import ctypes
import re
import shutil
from ctypes import wintypes

class disable_file_system_redirection:
    _disable = ctypes.windll.kernel32.Wow64DisableWow64FsRedirection
    _revert = ctypes.windll.kernel32.Wow64RevertWow64FsRedirection
    def __enter__(self):
        self.old_value = ctypes.c_long()
        self.success = self._disable(ctypes.byref(self.old_value))
    def __exit__(self, type, value, traceback):
        if self.success:
            self._revert(self.old_value)

kernel32 = ctypes.windll.kernel32
wtsapi32 = ctypes.windll.wtsapi32 

WTS_CURRENT_SERVER_HANDLE = None
WTS_CURRENT_SESSION = kernel32.WTSGetActiveConsoleSessionId()
WTS_WELCOME_TITLE = title_name_for_popup
WTS_WELCOME_MESSAGE = message_for_popup
TIMEOUT = 0  
BUTTON_TYPE = 1  
Icon = 0  


wtsapi32.WTSSendMessageW.argtypes = [
    wintypes.HANDLE,   
    wintypes.DWORD,    
    wintypes.LPCWSTR,  
    wintypes.DWORD,    
    wintypes.LPCWSTR,  
    wintypes.DWORD,    
    wintypes.DWORD,    
    wintypes.DWORD,    
    ctypes.POINTER(wintypes.DWORD),  
    wintypes.BOOL      
]


title = WTS_WELCOME_TITLE
message = WTS_WELCOME_MESSAGE
title_length = len(title) * 2
message_length = len(message) * 2
response = wintypes.DWORD()

if 'PROGRAMW6432' in os.environ.keys():
    path=r"C:\Program Files (x86)\COMODO\cWatchEDRAgent"
    delete=r'reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\COMODO\EDREndpoint'
else:
    path=r"C:\Program Files\COMODO\cWatchEDRAgent"
    delete=r'reg delete HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\EDREndpoint'

path1=r"C:\ProgramData\COMODO\cWatchEDRAgent"

k=[]
with disable_file_system_redirection():
    guid=os.popen(r"wmic product get name,identifyingnumber").read()
k.append(re.findall("{.*",guid))
j=[]
for i in k[0]:
    j.append(i)
EDR=re.findall("EDR Agent v2",guid)
if EDR:
    with disable_file_system_redirection():
        uninst=os.popen(r"wmic product where name='EDR Agent v2' call uninstall").read()
        if uninst:
            print(uninst)
            print("EDR Agent v2 Uninstalled successfully")
            CMD=delete +' /va /f'
            print(CMD)
            out=os.popen(CMD).read()
            print(out)
            result = wtsapi32.WTSSendMessageW(
                WTS_CURRENT_SERVER_HANDLE,
                WTS_CURRENT_SESSION,
                title,
                title_length,
                message,
                message_length,
                BUTTON_TYPE,
                TIMEOUT,
                ctypes.byref(response),
                True
            )
            if result:
                if response.value == 1:
                    print("User clicked on ok button to restart the system in 5 minutes")
                    os.popen("shutdown -r -t 300")
                elif response.value == 2:
                    print("user clicked on cancel button to cancel system restart")
                else:
                    print("Unknown response: %s"%(response.value))
            else:
                print("Failed to send message.")
        else:
            print("EDR Agent v2 not Uninstalled successfully")
else:
    print('CEDR Agent v2 not installed at Endpoint')