Jump to content

How to fetch date/time of last windows 10 system restore point?

Jahar

By Jahar,
in AutoIt General Help and Support

 Share Followers 0

Recommended Posts

TheXman

TheXman 637

Posted
Posted (edited)

The are numerous ways to get the information.  Here are a few:

  • Capture & Parse a command line command:
    • ShadowCopy Object (Timestamp is slightly different by a few seconds but value is local time)
      • vssadmin list shadows (CMD)
      • wmic ShadowCopy get InstallDate (CMD)
    • SystemRestore Object (Timestamp is UTC and has to be converted to local time)
      • wmic /namespace:\\root\default path SystemRestore get CreationTime (CMD)
      • Get-ComputerRestorePoint (PowerShell)
         
  • AutoIt WMI query

 

Example of command capture and WMI query below:

Spoiler 
#RequireAdmin ;System Restore point access requires elevated privileges

#include <Constants.au3>
#include <Array.au3>
#include <Date.au3>

last_restore_point_wmi_example()
last_restore_point_cmd_example()

Func last_restore_point_wmi_example()
    Local $oWmi, $oItems, $oComError
    Local $sRestorePointDateTime = ""
    Local $aRestorePoints[0]

    #forceref $oComError

    $oComError = ObjEvent("AutoIt.Error", comm_error_handler)

    ;Get WMI object
    $oWmi = ObjGet("winmgmts:\root\default")

    ;Query restore points
    $oItems = $oWmi.ExecQuery("SELECT CreationTime FROM SystemRestore")
    If $oItems.Count = 0 Then Exit MsgBox($MB_ICONWARNING,"Warning","No items found")

    ;Process result set
    For $oItem in $oItems
        With $oItem
            ;Convert UTC creation time from yyyymmddhhmmss to local yyyy-mm-dd hh:mm:ss time
            $sRestorePointDateTime = convert_utc_to_local_time(.CreationTime)

            ;Add date/time to the array
            _ArrayAdd($aRestorePoints, $sRestorePointDateTime)
        EndWith
    Next

    ;Sort the array in descending order and display first entry
    _ArraySort($aRestorePoints, 1)
    MsgBox($MB_ICONINFORMATION, "WMI Example", "Last System Restore Point" & @CRLF & $aRestorePoints[0])
EndFunc

Func last_restore_point_cmd_example()
    Local $iPID = 0
    Local $sCmdOutput = ""
    Local $aRestorePoints[0]

    ;Execute & capture console command output
    $iPID = Run("wmic /namespace:\\root\default path SystemRestore get creationtime /format:list", "", Default, $STDERR_MERGED)
    If Not $iPID Then Exit MsgBox($MB_ICONERROR, "ERROR", "WMIC command failed.")

    ;Wait for command to finish
    If Not ProcessWaitClose($iPID, 5) Then Exit MsgBox($MB_ICONERROR, "ERROR", "Timeout occurred waiting for command to complete.")

    ;Get command output and parse info of interest
    $sCmdOutput = StdoutRead($iPID)

    $aRestorePoints = StringRegExp($sCmdOutput, "(?m)^CreationTime=(\d{14})", $STR_REGEXPARRAYGLOBALMATCH)
    Switch @error
        Case 1
            MsgBox($MB_ICONWARNING,"Warning","No items found")
            Exit
        Case 2
            MsgBox($MB_ICONERROR, "ERROR", "Stringregexp error. @error = " & @error)
            Exit 1
    EndSwitch

    ;Process result set
    For $i = 0 To UBound($aRestorePoints) - 1
        ;Convert utc creation time from yyyymmddhhmmss to local yyyy-mm-dd hh:mm:ss
        $aRestorePoints[$i] =  convert_utc_to_local_time($aRestorePoints[$i])
    Next

    ;Sort the array in descending order and display first entry
    _ArraySort($aRestorePoints, 1)
    MsgBox($MB_ICONINFORMATION, "WMIC Example", "Last System Restore Point" & @CRLF & $aRestorePoints[0])
EndFunc

Func convert_utc_to_local_time($sUTCDateTime)
    Local $tSYSTEMTIME = DllStructCreate($tagSYSTEMTIME)

    ;Convert utc time to local time
    $tSYSTEMTIME.Year   = StringMid($sUTCDateTime,  1, 4)
    $tSYSTEMTIME.Month  = StringMid($sUTCDateTime,  5, 2)
    $tSYSTEMTIME.Day    = StringMid($sUTCDateTime,  7, 2)
    $tSYSTEMTIME.Hour   = StringMid($sUTCDateTime,  9, 2)
    $tSYSTEMTIME.Minute = StringMid($sUTCDateTime, 11, 2)
    $tSYSTEMTIME.Second = StringMid($sUTCDateTime, 13, 2)

    $tSYSTEMTIME        = _Date_Time_SystemTimeToTzSpecificLocalTime($tSYSTEMTIME)

    Return StringFormat("%04i-%02i-%02i %02i:%02i:%02i", _
                        $tSYSTEMTIME.Year, $tSYSTEMTIME.Month , $tSYSTEMTIME.Day, _
                        $tSYSTEMTIME.Hour, $tSYSTEMTIME.Minute, $tSYSTEMTIME.Second)

EndFunc

Func comm_error_handler($oComError)
    With $oComError
        MsgBox($MB_ICONERROR, "COM ERROR", _
               "An error occured on line " & .ScriptLine & @CRLF & @CRLF & _
               StringStripWS(.WinDescription, $STR_STRIPTRAILING) & @CRLF & @CRLF & _
               StringFormat("Error Number = %i (0x%x)", .Number, .Number) & @CRLF & @CRLF & _
               .Description)
    EndWith

    Exit 1
EndFunc

 

 

Edited by TheXman
Reformat reply & changed example WMI objects from ShadowCopy to SystemRestore

CryptoNG UDF: Cryptography API: Next Gen
jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor
Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script
About Me

"Any fool can know.  The point is to understand."  -Albert Einstein

Link to post
Share on other sites
Jahar

Jahar 0

Posted
  • Author
Posted (edited)

@TheXman Thanks for your kind reply. I just added command " last_restore_point_cmd_example()" at last of script to call the function. But I am facing one issue:

1. Windows is prompting to a question "Allow changes using autoit". I dont want this prompt to happen.

 

Kindly guide me.

Edited by Jahar
Link to post
Share on other sites
Jahar

Jahar 0

Posted
  • Author
Posted

@TheXman Currently I am getting the last restore point with your code.  But if i remove line "#RequireAdmin" , I am getting different result:

1.  For last_restore_point_cmd_example - It says no items are found. But, with #RequireAdmin, it gives restore point

2. For last_restore_point_wmi_example - Msg "An error occured on line 24" is shown.

Please guide me.

Link to post
Share on other sites
TheXman

TheXman 637

Posted
Posted (edited)
32 minutes ago, Jahar said:

For last_restore_point_cmd_example - It says no items are found. But, with #RequireAdmin, it gives restore point

If you get results with #RequireAdmin, and don't get results without it, what does that tell you?  Did you read the first line of my example script?  To query the Restore Points, it requires the script to run with elevated (Admin) privileges.  :bonk:

32 minutes ago, Jahar said:

For last_restore_point_wmi_example - Msg "An error occured on line 24" is shown.

How am I supposed to know why you get errors in your script without seeing your script?  I'm not going to try to guess what is on or around line 24.  If you are referring to the example script, then you probably ran it without #RequireAdmin.

 

I provided examples for you to learn from.  That means you need to take the time to see and understand what it is doing.  If you make changes to my examples, which I encourage you to do, you need to see how your changes affect the result and why?  It is time for you to do a little learning.  If you don't want to take the time to learn, then hopefully someone else will come along and write your solution for you.  :bye:

Edited by TheXman

CryptoNG UDF: Cryptography API: Next Gen
jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor
Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script
About Me

"Any fool can know.  The point is to understand."  -Albert Einstein

Link to post
Share on other sites
TheXman

TheXman 637

Posted
Posted
34 minutes ago, Jahar said:

is there a way to disable UAC for this script alone?

If you, or the user context in which you are running the script, is an Admin and you are just trying to get rid of the UAC prompt that #RequireAdmin displays, then the following UDF has functions to do it.  However, you will need #RequireAdmin to execute those necessary functions.  That means, until you have made the changes necessary, you will still see the prompt.  So I guess the answer to your question is yes and no.

There are other ways to get around the UAC prompt, without #RequireAdmin, when admin is required.  Discussion of getting around security is discouraged in these forums.  However, there are a few topics that have been created in the past that discuss ways that it can be done.  Some are acceptable to discuss like using the Task Scheduler and others aren't, like self-elevation techniques -- at least is was still taboo the last time I checked.  You will need to search the forum on your own for more information.

 

CryptoNG UDF: Cryptography API: Next Gen
jq UDF: Powerful and Flexible JSON Processor | jqPlayground: An Interactive JSON Processor
Xml2Json UDF: Transform XML to JSON | HttpApi UDF: HTTP Server API | Roku Remote: Example Script
About Me

"Any fool can know.  The point is to understand."  -Albert Einstein

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Followers 0
Go to topic listing

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • VeeDub
      RegWrite - HKLM - W10
      By VeeDub
      Hello,
      I am trying to use RegWrite to create a key within HKLM on W10 without success.
      I've had a look at a number of posts on the forum to troubleshoot, without success.
      This post seems highly relevant
      Here is my latest script with output
      ; Read/write data to registry #RequireAdmin Example() Func Example() Local $Status = "" ; Check if the registry key is already existing, so as not to damage the user's system. RegRead("HKLM\SOFTWARE\Microsoft\F1", "Key1") ConsoleWrite("Error: " & @error & @CRLF) ; Write a single REG_SZ value to the key "Key1". $Status = RegWrite("HKLM\SOFTWARE\Microsoft\F1", "Key1", "REG_SZ", "This is an example of RegWrite") ConsoleWrite("Status: " & $Status & @TAB & " Error: " & @error & @CRLF) EndFunc ;==>Example  
      Output
      >"C:\Program Files (x86)\AutoIt3\SciTE\..\AutoIt3.exe" "C:\Program Files (x86)\AutoIt3\SciTE\AutoIt3Wrapper\AutoIt3Wrapper.au3" /run /prod /ErrorStdOut /in "D:\Temp\Macrium\Registry_write_read.au3" /UserParams +>16:18:46 Starting AutoIt3Wrapper (21.316.1639.1) from:SciTE.exe (4.4.6.0) Keyboard:00000409 OS:WIN_10/2009 CPU:X64 OS:X64 Environment(Language:0409) CodePage:0 utf8.auto.check:4 +> SciTEDir => C:\Program Files (x86)\AutoIt3\SciTE UserDir => C:\Users\ZEN\AppData\Local\AutoIt v3\SciTE\AutoIt3Wrapper SCITE_USERHOME => C:\Users\ZEN\AppData\Local\AutoIt v3\SciTE >Running AU3Check (3.3.16.1) from:C:\Program Files (x86)\AutoIt3 input:D:\Temp\Registry_write_read.au3 +>16:18:47 AU3Check ended.rc:0 >Running:(3.3.16.1):C:\Program Files (x86)\AutoIt3\autoit3.exe "D:\Temp\Registry_write_read.au3" +>Setting Hotkeys...--> Press Ctrl+Alt+Break to Restart or Ctrl+BREAK to Stop. Error: 0 Status: 1 Error: 0 +>16:18:47 AutoIt3.exe ended.rc:0 +>16:18:48 AutoIt3Wrapper Finished. >Exit code: 0 Time: 2.362  
      The user is a local admin.

      According to the script output, the regwrite call should have succeeded.
      SciTe has been runas admin.
      I've also tried compiling the script and running the resulting exe as admin.

      Obviously I can't see the consolewrite output when I do this, but if the function calls were working then the exe should update the registry.

      After suggestions as to options to try next.
      Also, I tried narrowing down the forum search using arguments like: "regwrite windows 10" or "regwrite windows10" and for some reason had no results on the search; so had to use more general search arguments. Would be interested to know why the above wouldn't work as a search argument.

      Thanks

      VW
    • ahha
      ListView sorting on date
      By ahha
      Newbie to _GUICtrlListView_RegisterSortCallBack and can't get it to sort properly on date in format MM/DD/YYYY.
      Example code below.  Q - How do I get the date to sort properly?
      ;#AutoIt3Wrapper_run_debug_mode=Y #include <GUIConstantsEx.au3> #include <GuiListView.au3> Global $g_id_ListView Example() Exit Func Example() Local $idRow1, $idRow2, $idRow3 GUICreate("ListView Sort Question", 300, 200) $g_id_ListView = GUICtrlCreateListView("Row#|Name|Date", 10, 10, 280, 180) $id_Row1 = GUICtrlCreateListViewItem("#1|Alice|01/15/2022", $g_id_ListView) $id_Row2 = GUICtrlCreateListViewItem("#2|Bob|02/22/2021", $g_id_ListView) $id_Row3 = GUICtrlCreateListViewItem("#3|Carol|03/13/2021", $g_id_ListView) $id_Row10 = GUICtrlCreateListViewItem("#10|Dave|10/09/2021", $g_id_ListView) $id_Row11 = GUICtrlCreateListViewItem("#11|Eve|11/21/2021", $g_id_ListView) GUISetState(@SW_SHOW) ;$vCompareType = 0 ;not ok as Row# sort #1, #10, and want #1, #2, ;$vCompareType = 1 ;not ok as Row# sort #1, #10, and want #1, #2, $vCompareType = 2 ;Row# okay but Date messed up _GUICtrlListView_RegisterSortCallBack($g_id_ListView, $vCompareType) While 1 Switch GUIGetMsg() Case $GUI_EVENT_CLOSE ExitLoop Case $g_id_ListView ;MsgBox(0,"","col="&GUICtrlGetState($g_id_ListView)) _GUICtrlListView_SortItems($g_id_ListView, GUICtrlGetState($g_id_ListView)) EndSwitch WEnd _GUICtrlListView_UnRegisterSortCallBack($g_id_ListView) GUIDelete($g_id_ListView) EndFunc ;Func Example()  
    • WilliamasKumeliukas
      Project Windows-10 Configurator
      By WilliamasKumeliukas
      Hello everyone,
      I started this project alone in May 2020 as project in my spare time at work, I'm working for a IT company that started opening their services to residential customers few months ago and now my position in the company kind of drifted in the doom and gloom world of repetitive tasks like: Reinstallation + Configuration of Windows 10.
      The procedure is very repetitive and I started feeling like being a robot which is the main reason I started this project.
       
       
      ==============================FAQ==================================
      1. Q: Do you want this project to be accomplished with the usage of AutoIt ONLY or 3rd party tools / Scripts (BATCH / POWERSHELL / VB) ? A: No, if I cannot find a way using AutoIt to accomplish a task I will move to my Plan B which consist of automating an 3rd party tool to accomplish the affected task until a solution is found. 2. Q: What do I get from helping/collaborating in this project? A: I will personally take the responsibility to mention you in the credits of this project. 3. Q: If I have more questions, can I ask? A: Certainly! feel free to ask any questions related to this project! 4. Q: What is the main goal of this project? A: Automating Windows 10 configuration without user interaction needed (as much as possible) ______________________________________________________________________________________________________________________________
      Current progression of the project (more will be added in future)
      « Blue = Info || Yellow = Unfinished/Untested || Purple = Could be better || Green = Done ||Red = Not Yet Started »
      ***Very early Stage ***
      Connect Network Attached Storage(NAS) (Work but missing configuration in GUI - AutoIt only)
      Download & Install up to 600+ softwares (Tested & Working - using 3rd party tool + 50/50 Powershell/AutoIt)
       Auto prediction of Apps name of text typed inside input (Tested & Working - AutoIt Only)
      Change OEM Informations (Tested & Working -  AutoIt)
      Disable hibernation (Tested & Working - AutoIt only)
      Change Computer Name (Work but require testing - AutoIt only) 
      Show Computer Information and Smart status on GUI (Tested & Working - AutoIt Only)
      Change .pdf / .pdfxml from Edge to Adobe Reader DC (Tested & Working - using 3rd party tool)
      Change Edge to Google Chrome as Default Browser (Tested & Working - using 3rd party tool)
      Windows Updater (Seems to work but require further testing - AutoIt only)
      Install Office 365 / 2013 + Activation (To Do)
      Add L2TP VPN Configuration for Windows Built-in VPN (To Do)
      Save / Load tasks configuration profile in (.ini file) to avoid repeating same configuration twice (In progress - AutoIt Only)
      (EXPERIMENTAL) Install Apps from Microsoft Store with UIAutomation UDF made by @junkew(Work if you know what your doing)
         P.S: Installing Apps from Microsoft Store will require usage of  UIA spy tool made by @LarsJ which you can download & learn how to use it on UIA Spy Tool thread.
      ***  If this project interest you, Reply here This will greatly help me to see if you'd like this project to become real  ***
      ______________________________________________________________________________________________________________________________
      Best Regards,
      ~WilliamasKumeliukas
    • beautifulsoup
      Changing .exe #properties dynamically based on @ScriptName with AutoIt3Wrapper
      By beautifulsoup
      Hi All,
      I'm not sure if its possible that I'm trying to achieve, I've looked into https://www.autoitscript.com/autoit3/scite/docs/SciTE4AutoIt3/AutoIt3Wrapper.html and such resources for help, but I cant really find the answer to my question.
      So upon compiling the script in SciTE, the exe file is given a Description under file Properties>Details. I understand, that  one can enter info manually there and it can even implement the version automatically with each compilation.
       
      What I'm trying to achieve is to somehow include the "@ScriptName" in the Details>File Description Field. But as I see no variable can be taken after "#" in this case.
       
      Do You think its achievable? (Win 10)
       
      Much obliged for taking time on reading this.
       
      Kind Regards,
      Brave


    • IndianSage
      Run autoit script/exe program with locked or logoff as task / job
      By IndianSage
      Hi,
      I have a specific situation:
      Is it possible to run autoit script/.exe as a task which in turn is automating a desktop user interactive application on windows 10 where user will not be logged in - at best I can get user locked? 
      If so how will this work or is there any tool available to do this?
      I am trying z-cron task scheduler but it runs only some part also I tried windows 10 task schedule with option to allow task to run which is user interactive type but that too does not work.
      Looking forward to hear from you to help me out of this situation.
      Thanks,
       
×
×
  • Create New...