I usually backup my registry with regedit along with doing a System
Restore before installing anything new. Does System Restore already
include a registry copy?

On 11/7/2022 7:22 PM, Colin H. ? wrote:
> I usually backup my registry with regedit along with doing a System
> Restore before installing anything new. Does System Restore already
> include a registry copy?
>

System Restore does restore the registry, so the answer is Yes.

You will find procedures on the web, similar to this:

1) "My Registry is corrupted, my system won't boot"
2) Find the "empty registry set" and place them in the
folder in place of the normal SOFTWARE and SYSTEM and so on.
3) Now, the system is boot-able again, but the system has also
lost all its customization.
4) Next, using SR, restore to a time before the corruption occurred.
Now, everything is fixed. This *only* works, if you enabled and
properly configured SR, before the events in question. If SR is not
available, the registry set in (2) is kinda useless by itself.

That's a typical sequence for making a system bootable, then restoring
it to a proper configured state. The conditions at (2) are rather dismal
and not intended for permanent usage. (2) is only an intermediate point.
If you know you have no SR, doing the procedure would be largely a waste
if you just got stuck at (2). Only a good result from (4) represents
success.

A canonical source of info for SR, is here: Use the menu under the WinXP
entry, and select a topic of interest.

https://web.archive.org/web/20140212113648/http://bertk.mvps.org/index.html

One of the major flaws of WinXP SR, is that it treats everything outside
"Documents" as stuff to be tracked. SR does not modify your Documents.
However, if you create C:\Downloads, then go back in time using SR,
then C:\Downloads will suffer damage, and files you downloaded will... disappear.
That's the major flaw of SR. It treats Documents well, and relies on the
user "staying in their lane and using Documents like MS intended".
If you create auxiliary storage outside of Documents, SR does the wrong thing.
This behavior was fixed via new policies, in later OSes.

*******

The reason you will continue to back up your registry is: Malware.

Keep your independent registry backup "off-disk" and on external storage.

Most AV programs, when treating malware, immediately *invalidate*
all SR points, rendering them useless. There goes your
"free registry backup".

So while your noting the redundancy of what you're doing is nice,
in the real malware world, you really do want at least two backup methods.
And that is because of the fragility of SR. Trashing the SRs
is a "standard part" of malware :-/

Think of SRs as "fairly weak and easily damaged" inband backups.

If you're fearless and think you will never get malware,
then... you could run with nothing more than SR points.
But then I would also be expecting to see a "sad panda"
post from you later. Typically on WinXP, if you select a point in time
which is three months ago, the incremental SRs that have to be
loaded to get back to that point in time, are already corrupt,
just via normal issues, and not malware as such. If you use
an SR to go back two days, that usually always works. Expecting
10GB worth of SRs to take you back three months, it takes
a miracle for that to work. Because every SR back to that point
in time, must be parsed, to create the final system state.

There are system registry files (stored in the C:\Windows)
as well as personal registry files (stored in your account storage area).
SR captures both of those. The four step example above, only
preps the system ones, with the intention that this is "just enough"
to get booted and then run SR. Then the SR can restore your personal ones.
But check Berts notes in the archive.org link above, for details.
I'm not an SR guy, and this is just stuff I've picked up
along the way.

Paul

On Tue, 8 Nov 2022 07:12:34 -0500, Paul <nospam@needed.invalid> wrote:

>On 11/7/2022 7:22 PM, Colin H. ? wrote:
>> I usually backup my registry with regedit along with doing a System
>> Restore before installing anything new. Does System Restore already
>> include a registry copy?
>>
>
>System Restore does restore the registry, so the answer is Yes.
>
>You will find procedures on the web, similar to this:
>
>1) "My Registry is corrupted, my system won't boot"
>2) Find the "empty registry set" and place them in the
> folder in place of the normal SOFTWARE and SYSTEM and so on.
>3) Now, the system is boot-able again, but the system has also
> lost all its customization.
>4) Next, using SR, restore to a time before the corruption occurred.
> Now, everything is fixed. This *only* works, if you enabled and
> properly configured SR, before the events in question. If SR is not
> available, the registry set in (2) is kinda useless by itself.
>
>That's a typical sequence for making a system bootable, then restoring
>it to a proper configured state. The conditions at (2) are rather dismal
>and not intended for permanent usage. (2) is only an intermediate point.
>If you know you have no SR, doing the procedure would be largely a waste
>if you just got stuck at (2). Only a good result from (4) represents
>success.
>
>A canonical source of info for SR, is here: Use the menu under the WinXP
>entry, and select a topic of interest.
>
>https://web.archive.org/web/20140212113648/http://bertk.mvps.org/index.html
>
>One of the major flaws of WinXP SR, is that it treats everything outside
>"Documents" as stuff to be tracked. SR does not modify your Documents.
>However, if you create C:\Downloads, then go back in time using SR,
>then C:\Downloads will suffer damage, and files you downloaded will... disappear.
>That's the major flaw of SR. It treats Documents well, and relies on the
>user "staying in their lane and using Documents like MS intended".
>If you create auxiliary storage outside of Documents, SR does the wrong thing.
>This behavior was fixed via new policies, in later OSes.

That is way too complicated for me. But the fact SR does restore the
registry is a help I guess, but I'm going to keep using ERUNT to do
so. Double safe. Actually, what I found as really great asset is the
freebie AOMEI freebie backup program. I use an old 4.5.2 version.
This program backs up or reinstalls my C: backup in about 20 minutes
compared to the 4-5 hours the old Acronis TrueImage used to take.

It is one of those godsend things that has made comp safety so easy.
There simply is no reason to lose your C: with programs like this
around. Use a couple of times a week, saving to an external drive,
and your SAFE. It's made to save dummies from themselves.

I have 5 external drives. They hold my C: backups and ALL my data. I
don't trust C: worth squat.

Why do I have so many backup drives? Well, a number of decades ago I
lost my C: drive on a Saturday. I felt safe because I still had my
external drive with all my stuff plus C: backups. I figured I'd
pickup a replacement for C: on my way home from work on Monday. I
just didn't want to deal with going to BestBuy on a weekend.

Guess what?

My damn external backup died on Sunday. I lost YEARS OF EVERYTHING!

That ain't never happening again.

>
>*******
>
>The reason you will continue to back up your registry is: Malware.
>
>Keep your independent registry backup "off-disk" and on external storage.
>
>Most AV programs, when treating malware, immediately *invalidate*
>all SR points, rendering them useless. There goes your
>"free registry backup".
>
>So while your noting the redundancy of what you're doing is nice,
>in the real malware world, you really do want at least two backup methods.
>And that is because of the fragility of SR. Trashing the SRs
>is a "standard part" of malware :-/
>
>Think of SRs as "fairly weak and easily damaged" inband backups.
>
>If you're fearless and think you will never get malware,
>then... you could run with nothing more than SR points.
>But then I would also be expecting to see a "sad panda"
>post from you later. Typically on WinXP, if you select a point in time
>which is three months ago, the incremental SRs that have to be
>loaded to get back to that point in time, are already corrupt,
>just via normal issues, and not malware as such. If you use
>an SR to go back two days, that usually always works. Expecting
>10GB worth of SRs to take you back three months, it takes
>a miracle for that to work. Because every SR back to that point
>in time, must be parsed, to create the final system state.

To even think of being that lazy, depending on some backup from months
ago, is ridiculous. I can't believe anyone is that slotful with so
much at stake. Heck, I'm collecting new stuff all the time. You have
to keep backups up to date.

>There are system registry files (stored in the C:\Windows)
>as well as personal registry files (stored in your account storage area).
>SR captures both of those. The four step example above, only
>preps the system ones, with the intention that this is "just enough"
>to get booted and then run SR. Then the SR can restore your personal ones.
>But check Berts notes in the archive.org link above, for details.
>I'm not an SR guy, and this is just stuff I've picked up
>along the way.
>
> Paul

Those four steps are too much if-and-maybe for me. I'll stick with
the surety of a C: backup a few times a week. The SR/registry stuff
comes in handy when trying new program installs, etc.