Script to backup registry to a local file

Download JSON Download Python

Ratings

(0)

Release Time

03/17/2020

Downloads

1074 times

Update Time

03/28/2025

Views

1386 times

Share-it:

Tags

Registry-key

Description
Screen Shots

https://wiki.itarian.com/frontend/web/topic/how-to-use-custom-script-procedure-monitoring

Tested in Windows 10.

Procedure's Instructions

#To define a particular parameter, replace the 'parameterName' inside itsm.getParameter('parameterName') with that parameter's name
drive = itsm.getParameter('DownTo') #Provide the drive which you need to enable Restore Access  eg: "c:"
resistry_backup_path = itsm.getParameter('Registry_Backup_path') #Provide the drive which you need to enable Restore Access  eg: "C:\Users\xxxx\backups"
from datetime import date
import os

ps_content=r'''

enable-computerrestore -drive "%s\"

'''%drive

BAT=r'''
Wmic.exe /Namespace:\\root\default Path SystemRestore Call CreateRestorePoint "My Restore Point", 100, 12
'''

import os
import subprocess

def ecmd(command):
    import ctypes
    from subprocess import PIPE, Popen
    
    class disable_file_system_redirection:
        _disable = ctypes.windll.kernel32.Wow64DisableWow64FsRedirection
        _revert = ctypes.windll.kernel32.Wow64RevertWow64FsRedirection
        def __enter__(self):
            self.old_value = ctypes.c_long()
            self.success = self._disable(ctypes.byref(self.old_value))
        def __exit__(self, type, value, traceback):
            if self.success:
                self._revert(self.old_value)
    
    with disable_file_system_redirection():
        obj = Popen(command, shell = True, stdout = PIPE, stderr = PIPE)
    out, err = obj.communicate()
    ret=obj.returncode
    if ret==0:
        if out:
            return out.strip()
        else:
            return ret
    else:
        if err:
            return err.strip()
        else:
            return ret

file_name='powershell_file.ps1'
file_path=os.path.join(os.environ['TEMP'], file_name)
with open(file_path, 'wb') as wr:
    wr.write(ps_content)
path=os.environ['programdata']+"\Sample.bat"
with open(path,"w") as f:
    f.write(BAT)

ecmd('powershell "Set-ExecutionPolicy RemoteSigned"')
print ecmd('powershell "%s"'%file_path)
process = subprocess.Popen([path],stdout=subprocess.PIPE)
stdout = process.communicate()[0]
print "sucessfully created system restore"
os.remove(path)
os.remove(file_path)

print "Registry backup started"
today = date.today()

if not os.path.exists(resistry_backup_path):
    os.makedirs(resistry_backup_path)
backup_path = resistry_backup_path + '/reg_backup_'+str(today)+'.reg'
print backup_path
print ecmd('REGEDIT /E /y "%s"'%backup_path)
print "Registry backup completed"

 
#To define a particular parameter, replace the 'parameterName' inside itsm.getParameter('parameterName') with that parameter's name
drive = itsm.getParameter('DownTo') #Provide the drive which you need to enable Restore Access  eg: "c:"
resistry_backup_path = itsm.getParameter('Registry_Backup_path') #Provide the drive which you need to enable Restore Access  eg: "C:\Users\xxxx\backups"
from datetime import date
import os
​
ps_content=r'''
​
enable-computerrestore -drive "%s\"
​
 
​
'''%drive
​
BAT=r'''
Wmic.exe /Namespace:\\root\default Path SystemRestore Call CreateRestorePoint "My Restore Point", 100, 12
'''
​
import os
import subprocess
​
def ecmd(command):
    import ctypes
    from subprocess import PIPE, Popen
    
    class disable_file_system_redirection:
        _disable = ctypes.windll.kernel32.Wow64DisableWow64FsRedirection
        _revert = ctypes.windll.kernel32.Wow64RevertWow64FsRedirection
        def __enter__(self):
            self.old_value = ctypes.c_long()
            self.success = self._disable(ctypes.byref(self.old_value))
        def __exit__(self, type, value, traceback):
            if self.success:
                self._revert(self.old_value)
    
    with disable_file_system_redirection():
        obj = Popen(command, shell = True, stdout = PIPE, stderr = PIPE)
    out, err = obj.communicate()
    ret=obj.returncode
    if ret==0:
        if out:
            return out.strip()
        else:
            return ret
    else:
        if err:
            return err.strip()
        else:
            return ret
​
file_name='powershell_file.ps1'
file_path=os.path.join(os.environ['TEMP'], file_name)
with open(file_path, 'wb') as wr:
    wr.write(ps_content)
path=os.environ['programdata']+"\Sample.bat"
with open(path,"w") as f:
    f.write(BAT)
​
ecmd('powershell "Set-ExecutionPolicy RemoteSigned"')
print ecmd('powershell "%s"'%file_path)
process = subprocess.Popen([path],stdout=subprocess.PIPE)
stdout = process.communicate()[0]
print "sucessfully created system restore"
os.remove(path)
os.remove(file_path)
​
print "Registry backup started"
today = date.today()
​
if not os.path.exists(resistry_backup_path):
    os.makedirs(resistry_backup_path)
backup_path = resistry_backup_path + '/reg_backup_'+str(today)+'.reg'
print backup_path
print ecmd('REGEDIT /E /y "%s"'%backup_path)
print "Registry backup completed"

Comments

No Comments.

Script to backup registry to a local file

Comments

Leave a Comment