0

I have to write a Python script that monitors specific registry keys and files in Windows file system and execute command each time that one of them changed. Does anybody familiar with Python package that can monitor registry and files and call a function when they changed?

Thanks

Dan
  • 829
  • 2
  • 12
  • 23
  • Possible duplicate of [How do I watch a file for changes using Python?](http://stackoverflow.com/questions/182197/how-do-i-watch-a-file-for-changes-using-python) – SiHa Jan 12 '16 at 08:12

2 Answers2

1

There is a _winreg library in python that reading from and writing to the Windows Registery. 

from _winreg import *

print r"*** Reading from SOFTWARE\Microsoft\Windows\CurrentVersion\Run ***"
aReg = ConnectRegistry(None,HKEY_LOCAL_MACHINE)

aKey = OpenKey(aReg, r"SOFTWARE\Microsoft\Windows\CurrentVersion\Run") 
for i in range(1024):                                           
    try:
        n,v,t = EnumValue(aKey,i)
        print i, n, v, t
    except EnvironmentError:                                               
        print "You have",i," tasks starting at logon..."
        break          
CloseKey(aKey)                                                  

print r"*** Writing to SOFTWARE\Microsoft\Windows\CurrentVersion\Run ***"
aKey = OpenKey(aReg, r"SOFTWARE\Microsoft\Windows\CurrentVersion\Run", 0, KEY_WRITE)
try:   
   SetValueEx(aKey,"MyNewKey",0, REG_SZ, r"c:\winnt\explorer.exe") 
except EnvironmentError:                                          
    print "Encountered problems writing into the Registry..."
CloseKey(aKey)

CloseKey(aReg)

This is an example of how reading and writing. for more information visit: _winreg library doc

In order to this write a Listener function that executes evey timeStamp and returns a dictonary of regsiter key and their vaules , and another function for compare these dictionaries.

ᴀʀᴍᴀɴ
  • 4,443
  • 8
  • 37
  • 57
  • Thanks, but can I monitor changes in real-time? - I don't want to query the registry each time and check if the value changed.. – Dan Jan 12 '16 at 08:19
  • @Dan there is a `EnumValue` that returns a tuple and have key and value of a register key , you can track this for interested register keys you want – ᴀʀᴍᴀɴ Jan 12 '16 at 08:23
  • How can I track these changes real-time? I mean that when the key changed automatically the Python script will call a function – Dan Jan 12 '16 at 08:36
  • @Dan you can have a dictionary with register key and their values and with a `timestamp` check registery with this dictionary and figure out the changes – ᴀʀᴍᴀɴ Jan 12 '16 at 08:38
  • That's nice idea.. But do you know if, and how, can I create kind of 'listener' that monitors the changes and response real-time? – Dan Jan 12 '16 at 08:47
  • @Dan write a fucntion `listener` that every `timestamp` runs and returns a `dictionary` and another function that `compare` these dictionaries and returns changes , for write a function that execute every `timestamp` google it , in order to this there are ways – ᴀʀᴍᴀɴ Jan 12 '16 at 08:52
-1

You can read and write to the Windows registry with the _winreg module.

Then you can very easily open, query and or modify a registry key.

import _winreg as wreg

# Open registry key of choice
my_key= wreg.OpenKey(wreg.HKEY_LOCAL_MACHINE, "Software\\Test\\test",0, wreg.KEY_ALL_ACCESS)

# Get a key value
my_key_val = wreg.QueryValueEx(my_key, 'ValueName')

# Close registry key
my_key.Close()
sptrks
  • 205
  • 1
  • 8