def _get_computer_name(self, reg: RegistryHive):
names = []
for subkey_path in reg.get_control_sets(
r'Control\ComputerName\ComputerName'):
subkey = reg.get_key(subkey_path)
try:
names.append({
'name':
subkey.get_value('ComputerName'),
'timestamp':
Time.change_output_date_format_from_epoch(
subkey.header.last_modified)
})
except RegistryValueNotFoundException as ex:
continue
return names
def _get_usbstorage(self, reg: RegistryHive):
usbs = []
try:
for subkey_path in reg.get_control_sets(r'Enum\USBSTOR'):
subkey = reg.get_key(subkey_path)
for usb in subkey.iter_subkeys():
usbs.append({
'device':
usb.name,
'timestamp':
Time.change_output_date_format_from_epoch(
usb.header.last_modified)
})
except:
return None
return usbs
