0

I have a regshot text file that I am trying to clean up and move the necessary data into a new text file. I have a program that prints the registry entries that were changed and moved, but I can not remove the data after the colon which moves into hex data.

Code:

import re
import sys

#This allows you to specify the text file
#in commandline start of program.
with open(sys.argv[1], 'r') as f:
    for i in xrange(7):
        f.next()
    for line in f:
        #process(line)
        if ':' in line:
            #Remove unneeded hex data
            re.sub("\W+", "", line),
        #Print every line with \ on new file
        if '\\' in line:
            with open("completed.txt", "w") as f1:
                f1.write(line)
f.close
f1.close

Data sample:

HKU\S-1-5-21-230830461-2995936100-1910591732-1107\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\Subscriptions\280810\UpdateDrivenByExpiration: 0x00000001
HKU\S-1-5-21-230830461-2995936100-1910591732-1107\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\Subscriptions\280810\UpdateDrivenByExpiration: 0x00000000
HKU\S-1-5-21-230830461-2995936100-1910591732-1107\Software\Microsoft\Windows\CurrentVersion\Search\JumplistData\E7CF176E110C211B:  D6 1E 9E B8 B3 B7 D3 01
HKU\S-1-5-21-230830461-2995936100-1910591732-1107\Software\Microsoft\Windows\CurrentVersion\Search\JumplistData\E7CF176E110C211B:  08 64 2B 00 B4 B7 D3 01
wwii
  • 23,232
  • 7
  • 37
  • 77
theworstTM
  • 1
  • You could split each line on the colon and only keep the *first part*: `keep, *discard = line.split(':')` – wwii Mar 21 '18 at 23:59
  • Yes, you can change your re.sub()-line to `line = line.split(':')[0]` Besides that, are you sure that you really want to overwrite the completed.txt file for every line? – matli Mar 22 '18 at 00:07
  • I tried using that, but unfortunately it does nothing at all. I am also realizing that the only thing printing in that new text file is the first line from the original text file. – theworstTM Mar 22 '18 at 00:08
  • Much better to use standard core utilities from \*nix system, for example the Ubuntu stuff in windows. In that case the difference is get by *diff* tool, the list of keys easily can be get by piping *grep* and *cut* together. Python is too verbose for this particular task. – 0andriy Mar 22 '18 at 00:16

0 Answers0