If you want to manually restore a specific section of the registry from a previous System Restore snapshot, or access some specific keys from an older version of the registry, you can do so by getting access to those files and then exporting sections from them. Here’s how to do it in Windows 7 or Vista.
Since Windows 7 and Vista utilize Shadow Copy, otherwise known as Volume Snapshot Service, to power the “Previous Versions” feature, there are snapshots of important files taken over time, including registry hives, so we can access the older versions of registry files this way without having to do a full System Restore.
This article was jointly written by myself and Ramesh from WinHelpOnline, who has also covered how to do the same thing on Windows XP.
Access Previous Registry Hives from Shadow Copy
Important Note: before we get started, we should really give you a disclaimer: you should not use this technique unless you know what you’re doing and are willing to deal with possible problems, or at least have some good backups of your files. Still here? Read on.
The first thing you’re going to want to do is disable User Account Control, because you can’t really access the folders otherwise. Once you’ve done that and rebooted, open up a new Windows Explorer window and head to the following folder:
C:\Windows\System32\Config
Right-click anywhere in the white space area of the folder, choose Properties from the menu, and then click the Previous Versions tab. Once you’re there, double-click the appropriate folder (Hint: Look at the Date modified field to decide which version of the files you want to restore.)
Note: If you’re using Windows Vista Home editions and you want to do this, you’re going to need to use Shadow Explorer to get to these files.
Select the registry hive files you need, and copy them to a folder of your choice.
Click OK when you see the Windows Security prompt.
And now you should have a folder containing the backup registry keys.
Now that you have the backup versions of the registry, you can use them to access the older version.
Loading a Registry Hive and Accessing Specific Keys
At this point you can load the entire registry hive into the registry, which will make it a sub-key of one of the main sections, and allow you to access settings from the older version. Open up the Registry Editor using regedit.exe in the Start Menu search or run boxes, click on HKEY_LOCAL_MACHINE or HKEY_USERS, and then use File –> Load Hive.
You’ll be prompted to give the new hive a name—for this example I just used test.
And just like that, you can see the new key with the contents from last week’s backup copy. So, for instance, if one of the settings or license keys for an application was lost, we can find it by browsing through the keys for that application. You’ll have to manually make the changes if you’re doing just a few keys.
If you are trying to use this method to restore large chunks of the registry, you can export a key, modify the exported file to have the correct key path instead of Test, and then import it again. It’s a bit of a pain, but might be helpful if you need to.
Once you’re done, you should make absolutely certain to delete this entire key, or else it’s going to add a lot of extra bloat to your registry that you really don’t need.
Access the Previous Version’s Registry Keys Through the Command Line
Instead of loading the registry key using the GUI and adding all those keys to your current registry, you can use the RegFileExport tool from Nirsoft to access and extract the data from the backup files directly—you’ll just need to know the exact key that you’re looking for
So, for example, if you wanted to access the list of currently installed programs from the Programs and Features dialog. You’d run a command like this against the saved backup copy of the SOFTWARE registry hive—assuming you have the command-line application in the same directory as the backup file:
regfileexport SOFTWARE ExportedKey.reg "HKEY_LOCAL_MACHINE\SOFTWARE\
Microsoft\Windows\CurrentVersion\Uninstall"
This will generate a regular .reg file that you can either double-click to enter the contents into the registry, or you can open it up and find specific keys that you might want to use.
This method can actually be used to easily restore sections of the registry, should you need to. It’s probably most useful for restoring the sections pertaining to a specific application.
Again, you should be very careful when editing the registry, but at least you know a lot more than you did before.
No comments:
Post a Comment