-Does your computer fail to bootup?
-Does your computer freeze and reboot?
-Cannot access your data due to the lost password?
-Does your computer contain critical data?
-Don't have a recent backup?
-Reformatted your harddrive?
-Accidentally deleted files?

Our blog will provide the relevant information on free tools, techniques, and approaches to recover your computer and get your valuable data back.

How to Backup and Restore your System Registry for Master and Slave Drives?



Registry Editor is an advanced tool for viewing and changing settings in your system registry, a collection of databases of configuration settings in Microsoft Windows operating systems, which contains information about how your computer runs. Almost the entire settings are stored in the registry, like settings for software programs, hardware devices, user preferences, operating system configurations, and much more. For example, when you resize an application window, the window position (x,y points) is stored in the registry so that the settings are retained permanently. This is just an example, there are much more data stored in the registry, right from your user account names and passwords (if configured to be stored).

There used to be two versions of Registry Editor, regedit and regedt32, but starting with XP they have been incorporated in Microsoft Registry Editor Version 5.1. Type either name in the [Run] box and Version 5.1 is what you're going to end up with. The only real disadvantage of not having regedt32 anymore is the lack of read-only mode in Version 5.1, but it just means you need to be careful not to make any unintended changes when browsing through the registry.

Making incorrect changes in the registry can break your system. It's highly advisable to backup the registry before editing any portion of it.

Types of Registry Backups

It's critical that before you do any editing you make a backup of the current registry. There are different ways of backing up so let's look at each one individually. Backing up is simply exporting information from the registry into a file that is saved on your system. When you invoke the export function you are given a choice of different file types that can be saved.

Each one of the different file types above plays an important role in how the data you export is saved. Choosing the wrong type can give you unexpected results. Understanding each type and when to use it is essential.
  • Registration Files: The Registration Files option creates a .reg file. This is probably the most well known file format used for backing up the registry. The Registration File can be used in two ways. As a text file it can be read and edited using Notepad outside of Registry Editor. Once the changes have been made and saved, right clicking the file and using the [Merge] command adds the changed file back into the registry. If you make additions to the registry using regedit and then merge the previously saved Registration File, anything that you've added via regedit will not be removed, but changes you make to data using regedit that previously existed in the saved Registration File will be overwritten when it is merged.
  • Registry Hive Files: Unlike the Registration Files option above, the Registry Hive Files option creates a binary image of the selected registry key. The image file is not editable via Notepad nor can you view its contents using a text editor. However, what the Registry Hive Files format does is create an image perfect view of the selected key and allow you to import it back into the registry to ensure any problematic changes you made are eliminated.
  • Text Files: This option does just as the name suggests. It creates a text file containing the information in the selected key. It's most useful purpose is creating a record or snapshot of a key at a particular point in time that you can refer back to if necessary. It cannot be merged back into the registry like a Registration File.
  • Win9x/NT4 Registration Files: This option creates a .reg file in the same manner used by the Registration Files option. It's used by previous Windows versions and serves no purpose in XP unless you want to merge a key from XP into a previous version of Windows.

Considering the four choices above, the most effective and safest method of backing up the registry is to use the Registry Hive Files option. No matter what goes wrong in your editing, importing the image of the key will eliminate all changes, additions, or other things that might have occurred.

If you want to edit outside the confines of regedit, or if you are sure you want your additions to the registry to remain even if you have to merge, use Registration Files for your backup.

If you just want a copy of the key that can be referenced using a text editor, but want to eliminate any chance of the file being accidentally merged back into the registry, use Text Files.

Backing Up Master Registry

As said, backing up the registry to reg patch is the most popular method for the registry backup. It might not be the safest one, but it definitely the most useable ways, since you can edit the backup file with text editor, which is quite convenient, and you can easily embed it in the computer registry, updating the system values, as you are ready for this step. This method is especially helpful if you're making changes to a specific branch of the registry. To backup a selected key in the registry, use these steps:
  • Click Start, and then click Run.
  • In the Open box, type regedit.exe, and then click OK
  • Locate and then click the key that contains the value that you want to edit
  • Right-click on the key and choose Export.
  • In the Save in box, select a location where you want to save the Registration Entries (.reg)
  • In the File name box, type a file name, and then click Save.
Now that you've created a Registry backup for that particular key you can save the REG file in a safer location in case you want to undo the registry changes made. The same way you can back up the entire registry.

Restoring a .REG File Backup

The registry update is simple and fast no matter if it is for one key, for the branch, or for the entire system. There are four ways of restoring a .reg file backup. I want to look at the methods in a bit more detail.
  • Method One - From the Registry Editor menu bar select File > Import... and then navigate to where the .reg file is saved. Select the file and click Open. The contents of the .reg file will be merged into the current registry followed by a confirmation dialog stating the information in the file has been successfully entered into the registry. This is a low risk method because it forces you to consciously select the .reg file you want to import. Hopefully your mind is focused on the task at hand and the proper .reg file is selected.
  • Method Two - By default, Windows XP is configured so that when a .reg file is double-clicked it's automatically merged into the registry. To my way of thinking this is a rather high risk method, especially if you happen to double-click the wrong .reg file. Fortunately, this method does present a dialog box that states the name of the .reg file and asks if you're sure you want to add the contents of the file to the registry, then waits for your Yes or No confirmation. A Yes response will generate a confirmation dialog stating the information in the file has been successfully entered into the registry. Clicking No will end the process with no information being entered in the registry.
  • Method Three - Navigate to where the .reg file is saved and right click the file to open the context menu. Select Merge and a dialog box appears that states the name of the .reg file and asks if you're sure you want to add the contents of the file to the registry, then waits for your Yes or No confirmation. A Yes response will generate a confirmation dialog stating the information in the file has been successfully entered into the registry. Clicking No will end the process with no information being entered in the registry.
  • Method Four - Navigate to where the .reg file is saved and right click the file to open the context menu. Select Open With > Registry Editor and a dialog box appears that states the name of the .reg file and asks if you're sure you want to add the contents of the file to the registry, then waits for your Yes or No confirmation. A Yes response will generate a confirmation dialog stating the information in the file has been successfully entered into the registry. Clicking No will end the process with no information being entered in the registry.

Backing Up Slave Registry

While backup and restoration of the reg file may not be the safest way to deal with the registry, it is definitely the easiest and the most straight-forward approach. However, if you need to work with the registry, located not on the Master drive the computer is booted from, but on the internal Slave drive, or on the connected through USB adaptor drive, this method will not work. So, in this case, you will have to apply the Registry Hive Files way, mentioned above.

Why do you need to access Slave registry? In most cases, that is needed for advanced offline registry repair and investigation, or for getting the required settings after the hard drive crash.

So, start the Windows Registry Editor to load and edit offline registry databases:
  • Click Start, and then click Run.
  • In the Open box, type regedit.exe, and then click OK
  • Select the registry branch you would like to retrieve from the drive and highlight it. For example, highlight the HKEY_LOCAL_MACHINE-window and select the root of the tree.
  • In the menu select "Registry" -> "Load Hive"
  • Select the wanted registry database file:
    • [HKEY_LOCAL_MACHINE \SYSTEM] (%windir%/system32/config/system)
    • [HKEY_LOCAL_MACHINE \SOFTWARE] (%windir%/system32/config/software)
    • [HKEY_USERS \.Default] (%windir%/system32/config/default)
    • [HKEY_CURRENT_USER] (%userprofile%/ntuser.dat)
For example, on my computer, the files I needed for investigation were located at C:\Wndows\system32\config\software
  • When prompted for a name give it whatever name you like (etc. test1). The name will be used to create a new node in the tree so you can browse the offline registry under this label.
  • Go to the newly created node and edit whatever you like, if you access the Slave registry just to make changes. The changes are written immediately to the offline registry database. In most cases, you just need to backup newly appeared node in full, or partially. For simplicity of offline operations, you can now export it in the reg file, using the method described earlier.   
  • When finished editing select the newly created node and in the menu select "Registry" -> "Unload Hive"
Sources and Additional Information:
http://windowsxp.mvps.org/registry.htm
http://www.theeldergeek.com/windows_xp_registry.htm
http://smallvoid.com/article/winnt-offline-registry-edit.html
http://pcsupport.about.com/od/termsr/p/registrywindows.htm

 

Related Articles:
Related Posts Plugin for WordPress, Blogger...

Data Recovery Techniques © 2008. Template by Dicas Blogger.

TOPO