+- Python Forum (https://python-forum.io)
+-- Forum: Python Coding (https://python-forum.io/forum-7.html)
+--- Forum: General Coding Help (https://python-forum.io/forum-8.html)
+--- Thread: Windows reg extractor (/thread-27011.html)
Windows reg extractor - shappaeye - May-22-2020
I have written code to extract the software version and name from the Windows 10 registry.
But i have noticed it extracts all named software folders correctly but fails to extract any software names and versions from any software using a GUID in curly brackets.
Is there a switch I can use to include ALL registry entries which will include curly bracket entries?
RE: Windows reg extractor - buran - May-22-2020
what library do you use? Maybe show code...
RE: Windows reg extractor - shappaeye - May-22-2020
aReg = ConnectRegistry(None, HKEY_LOCAL_MACHINE)
#The following opens the registry to extract all software version numbers
aKey = OpenKey(aReg, r"SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall"\
, access=KEY_READ)
bKey = OpenKey(aReg, r"SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall"\
, access=KEY_READ)
savfile = open(r’D:/Test/‘ + pathFin + '/' + result + ‘/Test/Software Versions.txt', 'a')
savfile.write('All software versions extracted from ' + \
pcname +'\n' + '-----------------------------' + '\n')
for i in range(100):
try:
asubkey_name = EnumKey(aKey, i)
asubkey = OpenKey(aKey, asubkey_name)
sofname = QueryValueEx(asubkey, "DisplayName")
sofver = QueryValueEx(asubkey, "DisplayVersion")
#print(sofname + sofver)
outp = str(sofname + sofver)
savfile = open(r’D:/Test/‘ + pathFin + '/' + result + ‘/Test/Software Versions.txt', 'a')
savfile.write(outp + '\n')
except FileNotFoundError:
continue
except OSError:
savfile.close()
break
for a in range(100):
try:
bsubkey_name = EnumKey(bKey, a)
bsubkey = OpenKey(bKey, bsubkey_name)
sofFed = QueryValueEx(bsubkey, "DisplayName")
outFed = str(sofFed)
savfile = open(r’D:/Test/‘ + opathFin + '/' + result + ‘/Test/Software Versions.txt', 'a')
savfile.write(outFed + '\n')
savfile.close()
except FileNotFoundError:
continue
except OSError:
savfile.close()
breakI query 2 locations in the registry to get all the software.
Just looking at that I have just realised I may not be giving the loop enough loops! I may increase that and see what happens. Although the GUID curly bracket entries are at the beginning of the registry entry.
RE: Windows reg extractor - snippsat - May-23-2020
Can try something like this,just something hacked together from some code found online.
Some time since i looked at this,usually if remember right so is finding a way to loop all registry the tricky part,then extract stuff is pretty stray forward.
import errno, os, winreg
proc_arch = os.environ['PROCESSOR_ARCHITECTURE'].lower()
proc_arch64 = os.environ['PROCESSOR_ARCHITEW6432'].lower()
if proc_arch == 'x86' and not proc_arch64:
arch_keys = {0}
elif proc_arch == 'x86' or proc_arch == 'amd64':
arch_keys = {winreg.KEY_WOW64_32KEY, winreg.KEY_WOW64_64KEY}
else:
raise Exception(f"Unhandled arch: {proc_arch}")
for arch_key in arch_keys:
key = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, r"SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall", 0, winreg.KEY_READ | arch_key)
for i in range(0, winreg.QueryInfoKey(key)[0]):
skey_name = winreg.EnumKey(key, i)
#print(skey_name)
skey = winreg.OpenKey(key, skey_name)
try:
print(winreg.QueryValueEx(skey, 'DisplayName')[0])
print(winreg.QueryValueEx(skey, 'DisplayVersion')[0])
print(winreg.QueryValueEx(skey, 'InstallSource')[0])
except OSError as e:
if e.errno == errno.ENOENT:
# DisplayName doesn't exist in this skey
pass
finally:
skey.Close()
RE: Windows reg extractor - shappaeye - May-23-2020
Thank you, I will give that a go.