Load Registry Hive with AutoIT

[ViciousXUSMC]

I found this one thread: https://www.autoitscript.com/forum/topic/33925-can-you-load-a-registry-hive-with-autoit/

The LoadHive it references seems to be long gone.

I have done this before a rather long time ago like this:

#RequireAdmin
$phive = "HKEY_USERS\Temp\"
Run(@ComSpec & " /c reg.exe load HKU\Temp C:\Users\Default\NTUSER.dat")
Sleep(1000)
$regtest = RegRead("HKEY_USERS\Temp\Environment", "Temp")
If $regtest <> "" Then
;Stuff

I also had some issues unloading the hive, not sure but sometimes it would take more than one try before it would actually unload so I put it in a loop.

Do
            Sleep(200)
            Run(@ComSpec & " /c reg.exe unload HKU\Temp")
            RegRead("HKEY_USERS\Temp\Environment", "Temp")
        Until @error <> ""

This was old code so I hope I can clean it up and make it better.

My goal here is to make a GUI/Script to let me read some key information on external hard drives for when I need to replace a computer that has become physically broken.  So I need to get the computer name, printers, and mapped drives to make setting up the users new computer much easier.  I have been manually doing this and think I do it often enough to go ahead and script it.

 

So I suppose the question is, Is there some native AutoIT feature or better way to do this than pretty much what I have above.  Also does anybody know why the unload command would not work until repeated a few times?

Regards,

Edited July 28, 2015 by ViciousXUSMC

[jguinch]

Not sure you will have a difference with WinAPI functions, but you can try it : https://www.autoitscript.com/forum/topic/170655-check-windows-version-using-folders/?do=findComment&comment=1250360 (in #12)

[ViciousXUSMC]

Got my working script together so I can make the good coders cringe at how bad it is lol.

Working in my test environment, cant wait to go test it out in the field.

expandcollapse popup

#include <ButtonConstants.au3>
#include <ComboConstants.au3>
#include <GUIConstantsEx.au3>
#include <StaticConstants.au3>
#include <WindowsConstants.au3>
#include <Array.au3>
#include <FileConstants.au3>
#include <File.au3>
#RequireAdmin

$vOldPC = InputBox("BoCC Automation", "Enter Old PC Drive Letter", "D:")
If @Error Then Exit
$vOldPC = StringLeft($vOldPC, 1) & ":"

Run(@ComSpec & " /c reg.exe load HKLM\OldSys " & $vOldPC & "\Windows\System32\Config\system")
Sleep(1000)

If _RegExistKey("HKLM\OldSys") = False Then
    MsgBox(0, "BoCC Automation", "Could Not Load System Hive, Exiting Program")
    Exit
EndIf


;Part 1 Get Computer Name
$sOldPCName = RegRead("HKLM\OldSys\ControlSet001\Control\ComputerName\ComputerName", "ComputerName")
;MsgBox(0, "BoCC Automation", $sOldPCName)

#Region ### START Koda GUI section ### Form=C:\Users\it022565\Desktop\Form1.kxf
$Form1 = GUICreate("BoCC Automation", 430, 151, 192, 124)
$Label1 = GUICtrlCreateLabel("User Name", 16, 88, 57, 17)
$Label2 = GUICtrlCreateLabel("External Drive Information Extraction", 56, 0, 299, 24)
GUICtrlSetFont(-1, 12, 800, 0, "MS Sans Serif")
$Combo1 = GUICtrlCreateCombo("User Name", 16, 112, 145, 25, BitOR($CBS_DROPDOWN,$CBS_AUTOHSCROLL))
$Button1 = GUICtrlCreateButton("GO!", 270, 112, 75, 25)
$Label3 = GUICtrlCreateLabel("Drive Letter", 16, 40, 92, 20)
GUICtrlSetFont(-1, 10, 400, 0, "MS Sans Serif")
$Label4 = GUICtrlCreateLabel("Old Computer Name", 176, 40, 236, 20)
GUICtrlSetFont(-1, 10, 400, 0, "MS Sans Serif")
GUISetState(@SW_SHOW)
#EndRegion ### END Koda GUI section ###
GUICtrlSetData($Label3, "Drive Letter: " & $vOldPC)
GUICtrlSetData($Label4, "Old Computer Name: " & $sOldPCName)


$aOldUsers = _FileListToArray($vOldPC & "\Users", "*", $FLTA_FOLDERS)
GUICtrlSetData($Combo1, "|")
For $i = 1 to $aOldUsers[0]
GUICtrlSetData($Combo1, $aOldUsers[$i])
Next

While 1
    $nMsg = GUIGetMsg()
    Switch $nMsg
        Case $GUI_EVENT_CLOSE
            Exit
        Case $Button1
            ExitLoop
    EndSwitch
WEnd


Run(@ComSpec & " /c reg.exe load HKLM\OldUser " & $vOldPC & "\Users\" & GUICtrlRead($Combo1) & "\NTUSER.DAT")
Sleep(1000)


If _RegExistKey("HKLM\OldUser") = False Then
    MsgBox(0, "BoCC Automation", "Could Not Load User Hive, Exiting Program")
    Exit
EndIf


;Local Printers
;HKLM\OldSys\ControlSet001\Control\Print\Printers

;Network Printers
;HKLM\OldUser\Printers\Connections

;Mapped Drives
;HKLM\OldUser\Network

_FileCreate(@DesktopDir & "\Old PC Info.txt")
$hFileOpen = FileOpen(@DesktopDir & "\Old PC Info.txt", $FO_OVERWRITE)

FileWriteLine($hFileOpen, "Old PC Info: Computer Name " & $sOldPCName & @CRLF & @CRLF)
FileWriteLine($hFileOpen, "Username: " & GUICtrlRead($Combo1) & @CRLF & @CRLF)
FileWriteLine($hFileOpen, "Mapped Drives" & @CRLF)


For $i = 1 To 100
    $var = RegEnumKey("HKLM\OldUser\Network", $i)
    If @error <> 0 Then ExitLoop
    ConsoleWrite($var)
    FileWriteLine($hFileOpen, $var)
    $var2 = RegRead("HKLM\OldUser\Network\" & $var, "RemotePath")
    FileWriteLine($hFileOpen, $var2)
Next

FileWriteLine($hFileOpen, @CRLF & "Network Printers" & @CRLF)

For $i = 1 To 100
    $var = RegEnumKey("HKLM\OldUser\Printers\Connections", $i)
    If @error <> 0 Then ExitLoop
    ConsoleWrite($var)
    FileWriteLine($hFileOpen, $var)
Next

FileWriteLine($hFileOpen, @CRLF & "Local Printers" & @CRLF)

For $i = 1 To 100
    $var = RegEnumKey("HKLM\OldSys\ControlSet001\Control\Print\Printers", $i)
    If @error <> 0 Then ExitLoop
    ConsoleWrite($var)
    FileWriteLine($hFileOpen, $var)
Next

FileClose($hFileOpen)






;Unload Hives
While 1
    Sleep(200)
    Run(@ComSpec & " /c reg.exe unload HKLM\OldSys")
    If _RegExistKey("HKLM\OldSys") = False Then ExitLoop
WEnd

While 1
    Sleep(200)
    Run(@ComSpec & " /c reg.exe unload HKLM\OldUser")
    If _RegExistKey("HKLM\OldUser") = False Then ExitLoop
WEnd

MsgBox(0, "BoCC Automation", "Information Gather Complete, See Log File On Desktop")



Func _RegExistKey($sKeyname)
    RegEnumVal ($sKeyname, 1)
    Return (@error <= 0)
EndFunc

@jguinch - I will look into that for sure.  I like using WinAPI since I started using Powershell.

[AdamUL]

Have a look at the Registry UDF.  It has some very helpful functions.  

Adam