Back Up XP Registry and Boot Files

17 October 2008
Viruses often attack the Registry of the computer’s operating system. After that, the viruses would be loaded to take control when the user starts the computer. This article will describe how we can back up a copy of the Registry and have it restored at a later date.

What is Registry and How Viruses Can attack it ?
Registry is a place where XP keeps all the information about the computer's hardware and software. It is being used by all the parties including 3rd party hardware and software. For example, if a new program has just been installed or files added, the Registry will be updated. Therefore, the Registry is the one place where it is most vulnerable to virus attacks. It is often difficult to get rid of them; sometimes, they may modify the Registry, making computers going hire-wired.
Viruses can be loaded into the Registry when we browse the Internet or when we run a program.
We can always restore the computer back to its earlier saved state if we have a backup copy.

How to Backup the Registry?
There are 3 methods:

Method 1: Using the System Restore
This is part of the XP built-in program and can be set to save a copy of the Registry automatically or as and when required. Read this article.

Method 2: Backing up the whole of the Registry
Do this often manually or whenever we make some changes to the computer.

  • Click Start, and then click Run. One will reach the following screen.
  • In the drop down box, type "regedit"(without quotes), and then click OK

  • In the next screen, select “My Computer” and in the File menu, click Export.

  • In the "Save in" box, select a location where you want to save the Registry
  • In the "File name" box, type a file name, and then click Save.

1. This file will have an extension of ".reg" and is at least 5 Mbytes.
2. Make sure the computer is cleaned of viruses before saving.
3. Use separate file name each time as the copy of Registry to be saved could contain viruses.
4. Save this file in another hard drive or thumb drive or a RW CD ROM

Method 3: Backing up the System state
XP operating system has a built-in function called “Backup” in the System Tools folder. One can back up not only the whole registry but also the boot files in the Windows’ system 32 folder and the COM+ Class Registration Database.

  • In the main Window, click Start, then in the All program/Accessories/System Tool folder, start the Backup program and follow the instructions, one should reach this screen

  • Browse and select where the backup file should be installed and give the backup file a file name. Remember to use different file names if necessary. Click Next and one should reach the following screen.
  • Select "Let me choose what to backup" and click Next to reach the following screen.
  • Now, expand My Computer folder and then click the tick box next to "System State" folder as shown and click Next
  • Select Advance button and after that, select "Normal" in dropdown box. Click next and one would reach the following screen to select the verification of file after backup. Tick that verification box and then Next. The computer will do the rest of job.

    1. One would need a free disk space of about 600 MB.
    2. Make sure the computer is cleaned of viruses before saving
    3. Store the backup file in a thumbdrive or RW CD or another harddisk so that it can be read and the backup file restored in case of harddisk failures.
    4. The backup file has a maximum limit of 4 GB for hard disk with FAT32 system rather than NTFS system. Check your system here.
    5. BACKUP is not installed by default in Windows XP Home Edition. Install it using the instructions available at: Q302894. A copy of Backup program can be downloaded here.

    Restoring the backup files
    To restore any Registry, always try to boot into the SAFE Mode. This will start the computer with minimum numbers of file and prevent viruses from loading.

    To boot into SAFE Mode, hit F8 continuously after the 1st welcome screen when one boots up the computer.

    When one is in the SAFE mode screen, might as well try if one could start the computer using the option "using Last Known Good Configuration".

    Method 1: Using System Restore
    Refer to this article

    Method 2: Restore the whole of the Registry
    Go to the directory or the folder where the registry file was stored. Double click that file. The following screen will appear. Click OK

    Method 3: Restore the System state

    • Following Step 1 of method 3 in the backup section above, then choose "restore files and settings" instead, one should reach the following screen.

    • Browse through to the directory of the backup file and doubleclick the file, a new screen should show the folder "System State".
    • Tick the box to select file to restore and click Next. Click advance in the next screen. Change the default setting if necessary.

    Which of the 3 Methods is the Best?
    Method 3 appears to be the best; however, there were reports that it may not be compatible with some 3rd party software and may not restore everything in full. Sometime, it prompted users for CD keys etc after the restore.

    Method 2 is neat as it restores everything in full but it does not back up the boot file and Com+ file

    Method 1 is often the target of viruses. Very often, it would automatically save a copy of Registry complete with viruses. Some experts therefore recommended to de-activate the auto-saving function. To de-activate this function, just click start and the run in the main Windows and in the dropdown box, enter "sysdm.cpl" (without quotes). Then in the System Properties window, select the System Restore tab to untick box to turn off the system restore function.

    It is good to use all the 3 methods.

Related Articles

1. How To Restart After Computer Hangs

No comments: