Jump to content
Jahar

How to fetch date/time of last windows 10 system restore point?

Recommended Posts

Hi All,

Please help me on how to fetch date/time of last windows 10 system restore point using autoit? Basically its about querying the last restore point.

Share this post


Link to post
Share on other sites
Posted (edited)

The are numerous ways to get the information.  Here are a few:

  • Capture & Parse a command line command:
    • ShadowCopy Object (Timestamp is slightly different by a few seconds but value is local time)
      • vssadmin list shadows (CMD)
      • wmic ShadowCopy get InstallDate (CMD)
    • SystemRestore Object (Timestamp is UTC and has to be converted to local time)
      • wmic /namespace:\\root\default path SystemRestore get CreationTime (CMD)
      • Get-ComputerRestorePoint (PowerShell)
         
  • AutoIt WMI query

 

Example of command capture and WMI query below:

Spoiler
#RequireAdmin ;System Restore point access requires elevated privileges

#include <Constants.au3>
#include <Array.au3>
#include <Date.au3>

last_restore_point_wmi_example()
last_restore_point_cmd_example()

Func last_restore_point_wmi_example()
    Local $oWmi, $oItems, $oComError
    Local $sRestorePointDateTime = ""
    Local $aRestorePoints[0]

    #forceref $oComError

    $oComError = ObjEvent("AutoIt.Error", comm_error_handler)

    ;Get WMI object
    $oWmi = ObjGet("winmgmts:\root\default")

    ;Query restore points
    $oItems = $oWmi.ExecQuery("SELECT CreationTime FROM SystemRestore")
    If $oItems.Count = 0 Then Exit MsgBox($MB_ICONWARNING,"Warning","No items found")

    ;Process result set
    For $oItem in $oItems
        With $oItem
            ;Convert UTC creation time from yyyymmddhhmmss to local yyyy-mm-dd hh:mm:ss time
            $sRestorePointDateTime = convert_utc_to_local_time(.CreationTime)

            ;Add date/time to the array
            _ArrayAdd($aRestorePoints, $sRestorePointDateTime)
        EndWith
    Next

    ;Sort the array in descending order and display first entry
    _ArraySort($aRestorePoints, 1)
    MsgBox($MB_ICONINFORMATION, "WMI Example", "Last System Restore Point" & @CRLF & $aRestorePoints[0])
EndFunc

Func last_restore_point_cmd_example()
    Local $iPID = 0
    Local $sCmdOutput = ""
    Local $aRestorePoints[0]

    ;Execute & capture console command output
    $iPID = Run("wmic /namespace:\\root\default path SystemRestore get creationtime /format:list", "", Default, $STDERR_MERGED)
    If Not $iPID Then Exit MsgBox($MB_ICONERROR, "ERROR", "WMIC command failed.")

    ;Wait for command to finish
    If Not ProcessWaitClose($iPID, 5) Then Exit MsgBox($MB_ICONERROR, "ERROR", "Timeout occurred waiting for command to complete.")

    ;Get command output and parse info of interest
    $sCmdOutput = StdoutRead($iPID)

    $aRestorePoints = StringRegExp($sCmdOutput, "(?m)^CreationTime=(\d{14})", $STR_REGEXPARRAYGLOBALMATCH)
    Switch @error
        Case 1
            MsgBox($MB_ICONWARNING,"Warning","No items found")
            Exit
        Case 2
            MsgBox($MB_ICONERROR, "ERROR", "Stringregexp error. @error = " & @error)
            Exit 1
    EndSwitch

    ;Process result set
    For $i = 0 To UBound($aRestorePoints) - 1
        ;Convert utc creation time from yyyymmddhhmmss to local yyyy-mm-dd hh:mm:ss
        $aRestorePoints[$i] =  convert_utc_to_local_time($aRestorePoints[$i])
    Next

    ;Sort the array in descending order and display first entry
    _ArraySort($aRestorePoints, 1)
    MsgBox($MB_ICONINFORMATION, "WMIC Example", "Last System Restore Point" & @CRLF & $aRestorePoints[0])
EndFunc

Func convert_utc_to_local_time($sUTCDateTime)
    Local $tSYSTEMTIME = DllStructCreate($tagSYSTEMTIME)

    ;Convert utc time to local time
    $tSYSTEMTIME.Year   = StringMid($sUTCDateTime,  1, 4)
    $tSYSTEMTIME.Month  = StringMid($sUTCDateTime,  5, 2)
    $tSYSTEMTIME.Day    = StringMid($sUTCDateTime,  7, 2)
    $tSYSTEMTIME.Hour   = StringMid($sUTCDateTime,  9, 2)
    $tSYSTEMTIME.Minute = StringMid($sUTCDateTime, 11, 2)
    $tSYSTEMTIME.Second = StringMid($sUTCDateTime, 13, 2)

    $tSYSTEMTIME        = _Date_Time_SystemTimeToTzSpecificLocalTime($tSYSTEMTIME)

    Return StringFormat("%04i-%02i-%02i %02i:%02i:%02i", _
                        $tSYSTEMTIME.Year, $tSYSTEMTIME.Month , $tSYSTEMTIME.Day, _
                        $tSYSTEMTIME.Hour, $tSYSTEMTIME.Minute, $tSYSTEMTIME.Second)

EndFunc

Func comm_error_handler($oComError)
    With $oComError
        MsgBox($MB_ICONERROR, "COM ERROR", _
               "An error occured on line " & .ScriptLine & @CRLF & @CRLF & _
               StringStripWS(.WinDescription, $STR_STRIPTRAILING) & @CRLF & @CRLF & _
               StringFormat("Error Number = %i (0x%x)", .Number, .Number) & @CRLF & @CRLF & _
               .Description)
    EndWith

    Exit 1
EndFunc

 

 

Edited by TheXman
Reformat reply & changed example WMI objects from ShadowCopy to SystemRestore

Share this post


Link to post
Share on other sites
Posted (edited)

@TheXman Thanks for your kind reply. I just added command " last_restore_point_cmd_example()" at last of script to call the function. But I am facing one issue:

1. Windows is prompting to a question "Allow changes using autoit". I dont want this prompt to happen.

 

Kindly guide me.

Edited by Jahar

Share this post


Link to post
Share on other sites

@TheXman Currently I am getting the last restore point with your code.  But if i remove line "#RequireAdmin" , I am getting different result:

1.  For last_restore_point_cmd_example - It says no items are found. But, with #RequireAdmin, it gives restore point

2. For last_restore_point_wmi_example - Msg "An error occured on line 24" is shown.

Please guide me.

Share this post


Link to post
Share on other sites
Posted (edited)
32 minutes ago, Jahar said:

For last_restore_point_cmd_example - It says no items are found. But, with #RequireAdmin, it gives restore point

If you get results with #RequireAdmin, and don't get results without it, what does that tell you?  Did you read the first line of my example script?  To query the Restore Points, it requires the script to run with elevated (Admin) privileges.  :bonk:

32 minutes ago, Jahar said:

For last_restore_point_wmi_example - Msg "An error occured on line 24" is shown.

How am I supposed to know why you get errors in your script without seeing your script?  I'm not going to try to guess what is on or around line 24.  If you are referring to the example script, then you probably ran it without #RequireAdmin.

 

I provided examples for you to learn from.  That means you need to take the time to see and understand what it is doing.  If you make changes to my examples, which I encourage you to do, you need to see how your changes affect the result and why?  It is time for you to do a little learning.  If you don't want to take the time to learn, then hopefully someone else will come along and write your solution for you.  :bye:

Edited by TheXman

Share this post


Link to post
Share on other sites
34 minutes ago, Jahar said:

is there a way to disable UAC for this script alone?

If you, or the user context in which you are running the script, is an Admin and you are just trying to get rid of the UAC prompt that #RequireAdmin displays, then the following UDF has functions to do it.  However, you will need #RequireAdmin to execute those necessary functions.  That means, until you have made the changes necessary, you will still see the prompt.  So I guess the answer to your question is yes and no.

There are other ways to get around the UAC prompt, without #RequireAdmin, when admin is required.  Discussion of getting around security is discouraged in these forums.  However, there are a few topics that have been created in the past that discuss ways that it can be done.  Some are acceptable to discuss like using the Task Scheduler and others aren't, like self-elevation techniques -- at least is was still taboo the last time I checked.  You will need to search the forum on your own for more information.

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By WilliamasKumeliukas
      Hello everyone!
      I've started this project alone in May 2020 as project in my spare time at work, I'm working for a IT compagny that's started opening their services to residential customers few months ago and now my position in the compagny kinda drifted in the doom and gloom world of repetitive tasks like: Reinstallation of Windows 10.
      The procedure is very repetitive and I started feeling like being a robot which is the main reason I started this project.
      ==============================FAQ==================================
      1. Q: Do you want this project to be accomplished with the usage of AutoIT ONLY or 3rd party tools / Scripts (BAT / CMD / VBS) ? A: No, if I cannot find a way using AutoIT to accomplish a task I will move to my Plan B which consist of automating an 3rd party tool to accomplish the affected task until a solution is found. 2. Q: What do I get from contributing/participating in this project? A: I will personally take the responsability to mention you in the credits of this project. 3. Q: If I have more questions, can I ask? A: Certainly! feel free to ask any questions related to this project! 4. Q: What is the main goal of this project? A: Automating Windows 10 configuration without user interaction needed (as much as possible) ______________________________________________________________________________________________________________________________
      Current progression of the project (more might be added in future)
      « Blue = Info || Yellow = Unfinished/Untested || Purple = Could be better || Green = Done ||Red = Not Yet Started »
      *** Very early Stage ***
      Connect Network Attached Storage(NAS) (Tested & Working - AutoIT only)
      Install Adobe Reader DC, 7zip, Google Chrome (Tested & Working - using 3rd party tool)
      Change OEM Information (Tested & Working - contains both AutoIT version and CMD script)
      Disable ScreenSaver (Require testing AutoIT only)
      Change Computer Name (Require testing AutoIT only) 
      Change Default Browser (Work - using 3rd party tool)
      Change .pdf / .pdfxml from Edge to Adobe Reader DC (AutoIT only)
      Change Edge to Google Chrome as Default Browser (Tested & Working - using 3rd party tool)
      Windows Updates (Currently working on it - AutoIT only)
      Install Office 
      Activate Office (Tested on 2010 & Working - CMD Script)
      Pin to taskbar Excel, Outlook, Word, Chrome (Tested & Working - using 3rd party tool)
      GUI currently featuring the following options 
      - TreeView to check case of desired tasks
      - RichEdit to display ConsoleWrite with _NowTime()
                 *** To Do ***
       - Read informations needed for tasks like: OEM, ComputerName, NAS user/password etc... from a file
       - ListView for Windows Updates
       - Probably more
       
      ***  Reply here if this project interest you,This will greatly help me to see if anyone want this project to become real  ***
      ______________________________________________________________________________________________________________________________
      Click here to view or download W10 Configurator
       
      Best Regards,
      ~WilliamasKumeliukas
    • By Jgladden
      Dan - thanks for all that you do - this stuff is great. 
      Hoping you can assist with an issue we are having now that we have moved to Windows 10/Server 2016. The Chrome interactions were working flawlessly until moving over. Now my code fails when attempting to create the session. As you can see, our Chrome install is not in a standard location but I have validated the path to the binary. I have attached some detail below including system info, console output and the chrome log detail. I have tried several recommendations that have seen in various forums but none have made a difference
      Any assistance you can give would be greatly appreciated. 
      Thanks in advance, 
      chrome_Details.txt
    • By Danyfirex
      Hello!!!  
      In the past I had problems adding an application as a default for an extension in Windows 10. (It was easy in windows 7 using Registry) But since Windows 8 It requires to do some steps more. I wrote a tool (in other programming language) months ago for handling it. But now I just want to share an AutoIt version.
       
      Check on GitHub.
       
       
      Saludos
    • By TXTechie
      Hello Everyone,
      I've developed my own GUI using AutoIt and I'm allowing users to minimize the GUI, but I also want to include some kind of timer so that it will automatically restore the GUI after something like 30 minutes or an hour. However, I also want them to be able to manually restore the GUI by clicking the application's icon in the taskbar.
      I've searched through the forums, but I'm not sure how to get started.
      Any ideas or functions to research are appreciated!
      Regards,
      TX Techie
    • By poddex
      Hello everyone.
      I always try to work with old Windows 10 versions as much as possible because I know mane compatibility issues with Windows 10 upgrading. 
      But I couldn't do anything else (I got drivers problem), and nothing couldn't help me besides upgrading, so I upgraded from 1807 to 1903.
      And...get another problem 😃
      I use AutoitX library in external project like this.
      ObjectAutoIt=New COMObject("AutoItX3.Control");
      ObjectAutoIt.AutoItSetOption("WinTextMatchMode",2);
              While ObjectAutoit.WinExists("",WindowHeader) Cycle 
                  ObjectAutoIt.WinClose("",WindowHeader);
              EndCycle;
      After upgrade I get that this line code 
      While ObjectAutoit.WinExists("",WindowHeader)
      become extremely low - ~ 20 seconds even if 10 windows open. But before upgrade it takes 0.5 s for a max.
      And every time that this code line passes through  - it takes ~20s, (20.115, for example), not less, not more. Something pauses it to work.
      How can I diagnose, what is that?
      I tried reinstall whole AutoIt, but no results.
      Thanks to all.
×
×
  • Create New...