RegdatXP Backup Registry A user with administrative rights can backup the Registry to a directory of choice. RegdatXP uses the following file names to backup Registry files: HKEY_LOCAL_MACHINE\Software SOFTWAR
Download

RegdatXP Ranking & Summary

RegdatXP Tags

backup backup registry compare registry registry manager repair registry registry snapshot offline games for keyman amharic software free cell phone www.software.com www.nokia n72 software.com tv software for auto repair sales samsung mobile software xslt 2 PPT download free mobile multiplayer software

RegdatXP Description

RegdatXP reads non active NT based registry files like Ntuser.dat and usrClass.dat Backup Registry A user with administrative rights can backup the Registry to a directory of choice. RegdatXP uses the following file names to backup Registry files: HKEY_LOCAL_MACHINE\Software SOFTWARE HKEY_CURRENT_USER ntuser.dat HKEY_CURRENT_USER\Software\Classes usrClass.dat HKEY_LOCAL_MACHINE\System SYSTEM HKEY_LOCAL_MACHINE\Sam SAM HKEY_LOCAL_MACHINE\Security SECURITY HKEY_USERS\xxxx HKU_xxxx.dat With command-line arguments it can be used in the form RegdatXP -software -hkcu -classes -system -sam -security -hku C:\WINNT\Regdat which executes a registry backup to the directory C:\WINNT\Regdat. On Vista, additional flags -components, and -bcd have to be used in order to save also the Components and BCD files. Upon success a message is written to a text file regdatxp.ok. Errors will be written to regdatxp.err. The backup directory should be placed in %windir% (usually C:\WINNT) so that it is also accessible from the recovery console. Additional flags: -bweek once a week, or -bmonth once a month The last backup date is taken from the file regdatxp.ini. To schedule the backup command you could put it simply into one of the Run registry keys as a startup option, or create a scheduled task, or maybe add it to an already existing script. Note that by default the security hive is not accessible to users even with administrative rights, but its access rights can be modified using Regedit/Regedt32 so that it can also be backuped. To restore a registry file from a backup directory you may use the "Replace Registry Hives" function from the Registry menu. When the Recovery Console is needed to replace, for example, the software hive one would do like change directory: cd C:\WINNT\system32\config change file attributes: attrib -rsh software copy backup file to current directory "." (trailing point): copy C:\WINNT\Regdat\software . done: exit Repair Corrupt Registry File If a registry file is severely damaged the system load process will usually result in a blue screen of death (BSOD), like the ones below, or even in an automatic reboot loop. If one of the user registry files ntuser.dat, or classes.dat, is corrupt then the user, upon logon, will be forced into a temporary default user profile and can no longer use his personal settings. A corrupted ntuser.dat file could also cause a reboot loop at startup. ***Stop: 0x00000051 (0x0000000C,0xC0000005,0xF58F8728,0xF58F8380) REGISTRY_ERROR Beginning dump of physical memory Dumping physical memory to disk: 43 STOP: c0000218 {Registry File Failure} The registry cannot load the hive (file): SystemRoot\System32\Config\Software or its log or alternative. It is corrupt, absent, or not writable. Beginning dump of physical memory Dumping physical memory to disk: 35 The above situation can be solved by replacing the corrupt registry file by a recent backup file. Backup files can be found in %windir% \ repair, or in %windir% \ repair \ regback if the ntbackup program was previously used. Usually, %windir% is C:\WINNT, or C:\Windows. On WinXP there is the "System Restore" utility which regularly creates Restore Points in the System Volume Information folders. These folders also contain backup files of the registry. In order to replace a registry file for a non bootable system, you could put the disk as a slave into another machine, use a parallel install, or use a BartPE Boot CD to get access to the disk. If the system is W2k or higher, and the file is not an ntuser.dat file, you could also use the Recovery Console, see MS Knowledge Base Article 307545 for more details. RegdatXP can be used to repair the corrupted file so that it can be loaded again by the system. On W2k you could also try the MS chkreg utility. Another option is to load the file as a hive in a higher OS version like W2k3. There exists a built-in repair function and the file will usually be repaired if the load process succeeds. In case repairing does not succeed the binary export function 'Recreate Hive' can still be used to recreate a non-corrupt registry file from the corrupted one. The unregistered version scans a file for corrupted items, the full version is needed for repair or export. Recreate Hive This saves a Hive to a new binary registry file. It should be used for corrupt registry files that can not be repaired, or when repairing them causes too much loss of data, or when RegdatXP does not find corrupted items. The new file will contain all information that still can be extracted from the corrupted file. You can choose to export security settings too, or, using default security settings instead. The user must have administrative rights. This is only available in the full version. Security Records Permissions to registry keys are determined by security records where different keys may have the same security record. Each security record has a discretionary access-control list (DACL), and a system access-control list (SACL), where each list contains a number of Access Control Entries (ACEs.) Each ACE stores permissions for a unique SID along with a few flags indicating, for example, if the permissions are inherited to newly created sub keys. This has been documented in US Patent 6625603. Usually the allow/deny type ACEs make up the DACL, while the audit type ACEs are located in the SACL. RegdatXP can generate lists of all security records/ACEs of the opened files. It can display all ACEs for a specified SID.

RegdatXP Related Software