DosTips.com

Hi All,

I was wondering whether a kindly soul would help me out with a interesting section of batch code (for XP as far as I know) which employs for-in-do, it backs up registry keys the code & is as follows, I found it elsewhere on the net but it does have potential:

@echo off
setlocal
set BackupFolder=C:\Temp
if not exist "%BackupFolder%" md "%BackupFolder%"
for %%a in (HKLM HKCU HKCR HKU HKCC) do (
echo Exporting %%a to %BackupFolder%\%%a.reg ...
%Systemroot%\system32\reg.exe export "%%a" "%BackupFolder%\%%a.reg" /y
)
pause

However I know this code is busted or wrong as the error it spits out in CMD
"Error: Invalid Command-Line parameters" on each line of HKLM HKCU HKCR HKU HKCC output also the C:\Temp does get created but the contents of C:\temp are zero. I basically have 4 ?'s

• How can I get this above "export" code to work, I cannot see where the error is?

• What would I use in terms of code to "Import" or to restore the resultant backed up registry?

• Is there an error-level log check that could be employed to identify if the routine has been successful?

• There is reference to others comments on the net that say that this method of registry backup is not a good idea as there are special permissions needed when reinstating the registry & this type of procedure could choke or fail. I would be interested others opinions in this question?

Thanks in advance for any assistance that can be given
Regards,

David

ispy wrote: ↑

18 May 2023 10:17

How can I get this above "export" code to work, I cannot see where the error is?

My WinXP (not the newest version of WinXP) doesn't support the "/y"-switch.
Once removed, it seem to work fine.

ispy wrote: ↑

18 May 2023 10:17

What would I use in terms of code to "Import" or to restore the resultant backed up registry?

The opposite of "export" should be "import":

ispy wrote: ↑

18 May 2023 10:17

- Is there an error-level log check that could be employed to identify if the routine has been successful?
- There is reference to others comments on the net that say that this method of registry backup is not a good idea as there are special permissions needed when reinstating the registry & this type of procedure could choke or fail. I would be interested others opinions in this question?

According to "reg.exe /?" an errorlevel of 0 indicates success and an error level of 1 indicates failure.
However you and "reg.exe" might disagree on what to call a "success":

Some parts of the registry indeed need special rights to be able to read from and/or write to.
In case i remember right, then some parts can be accessed with user rights, others with admin rights and some with system rights only.
If you have insufficient rights to see a part of the registry, then "success" only means that "reg.exe" was successfull in exporting the visible portion of the registry.

So you (typically) shouldn't be able to export / import all keys from an account with user or admin rights only.
If you are practicing your skills with the registry, you should create a complete backup of the pc you are working on (depending on what you do, you might lock yourself out of the PC, that you are working on).

I also should mention, that some time has passed since i worked sincerly on registry; since i would have to rely on my memory, i'm not a good guide to this topic.
Maybe some of the others here on this (windows batch) forum may be able to help you.
(Else you might go to a forum that specializes on such topics - i guess for example https://superuser.com/ might be able to help you on that).


penpen

Many thanks for the reply Penpen.

Firstly & most importantly can I express my congratulations on your birthday, I wish I was 46 again! Happy Birthday to you!!!

Do you know what truthfully I would never have guessed that the "/y" switch was the item that was causing the above batch-file to fail in XP, something as basic as that "shame on me" and yes I should have noted that import should be the restore switch apologies & duly noted.

In respect of the error-level question, I have since found after searching on the WWW. in which the batchfile does work in XP (with caveat) which includes an errorlevel check is as follows: The Caveat that I am inferring to is these relevant comments you have made

Some parts of the registry indeed need special rights to be able to read from and/or write to.
In case i remember right, then some parts can be accessed with user rights, others with admin rights and some with system rights only.
If you have insufficient rights to see a part of the registry, then "success" only means that "reg.exe" was successfull in exporting the visible portion of the registry.

So you (typically) shouldn't be able to export / import all keys from an account with user or admin rights only.
If you are practicing your skills with the registry, you should create a complete backup of the pc you are working on (depending on what you do, you might lock yourself out of the PC, that you are working on).

Using these type of batch-files for the registry can be dangerous in that the non-visible parts of the registry could be omitted from the backup, giving you a false sense of security and they could fail, leaving you with a "Bricked OS" unless as you said you have a full tested backup in place. probably best to use a program like ERUNT to do the safer heavy lifting.

So presumably the batch-file would need the permissions within the registry attending to first with say SetACL to unlock the relevant parts of the registry first. Well the moral of the story is "DON'T" try this at home folks it cannot be relied upon as a safe backup solution unless you are an advanced user.

With grateful thanks & Best Regards,

David

Just on the general topic of registry backup. Microsoft sort of created a problem here since they've never had a simple method to manage registries. On Windows NT 4 there was a tool called rdisk which supposedly made a sort of 'rescue disk' with boot information and a copy of the registry. Never actually used it for that purpose personally but it was handy because it quickly took a binary copy of the registry. But there was no method to copy the registry back without using the SysInternals tool MV.EXE which can schedule file operations at boot. Then with later versions of Windows they relied on System Restore to fix problems so they didn't really pursue the option of a standalone registry backup, and eventually in Windows 10 the default was not to make backups at all.

So when Microsoft gives you advice about 'backing up' the registry, they can only really say to export the registry hives to REG files, but 'restoring' these would be a nightmare -- they won't repair registry damage, they don't reinstate ACLs and they won't remove entries that are in the registry currently but not in the REG file. So the registry will end up with a mish-mash of entries which don't relate to each other. In other words, restoring the registry in this way most likely will not fix whatever registry problem you have.

What I do now on Windows 10/11 is enable the automatic backup, per: This causes Windows to routinely make copies of the registry hives into C:\WINDOWS\system32\config\RegBack, and this can be handy if you have an unbootable system because often that could just be a damaged/inconsisent registry file. If you can mount the drive offline and replace the live file with the backup, that can yield results. But you wouldn't do this just because you made some registry entries and it didn't work out the way you wanted.

But in terms of taking a specific backup at a point in time I think it's best to use reg save:

Hi GeoffVass,

Firstly many thanks for the reply, as you say you raise some good points in respect of the registry backup which extend beyond Gud-Ole-WinXP which many would rebuke me for using in the first place but YES you are right because many websites I have looked at extract the registry from system-restore (if its up and running at the time, many disable it due to their own preferences/reasons) However system restore reg backups are bespoke & hidden etc so writing a batch to uncover the relevant reg files, copy them to a backup folder is kinda self defeating in a way when System-Restore can do this without a backup copy, however you would probably only need these backups when your system is "bricked" & then its difficult to access system-restore without windows running anyway? Namely you would need to use an offline method of restoration (you find yourself between a rock and a hard place).

The problem I'm guessing (correct me if I am wrong) is that if you use the reg.exe method you will encounter a multi layered structure of access permissions, you would need to know the relevant keys that had system, administrative permissions etc & need to reinstate them otherwise you will wind-up with, as you put it, the registry data will be incomplete

So the registry will end up with a mish-mash of entries which don't relate to each other. In other words, restoring the registry in this way most likely will not fix whatever registry problem you have.

Thus you could compound the problem using the reg.exe route. I think reg.exe/regedit.exe are best suited for a collection or singular set of reg keys. My preference was to use command-line, there are options in windows but if your OS is "bricked" the registry needs offline access anyway. So as Penpen has stated a full system backup is required to be sure & is the best overall policy.

So with everyone's valuable comments in mind, rather than using reg.exe/regedit.exe it might be better option would be to back up the individual files (in binary) that comprise the registry as the registry is the most often culprit or cause of a partial or complete system failure.

Now opting to take this route raises 3 other problems (There could be others please feel free to educate me),
1) These files are hidden etc for normal usage.
2) Registry files have layered permissions and
3) Using conventional copying methods will choke on SAM & USER registry components they will not let you copy "files in use" or files that are being used by windows, so a work around is needed.

So in terms of windows options (I've used majorgeeks as it is a reputable well known web-site and I've given a one-point of call to ease the location for the files, they are all freeware, you can get these all from the authors web-sites if you so wish also:
AND Always use a virus scanning tool before opening or using any of these files its just good practice - safety notice!
1) You could use ERUNT 1.1j which can be used in command-line format also (XP>)
https://www.majorgeeks.com/files/details/erunt.html
2) Mitec do a freeware registry copy tool-not sure if it is command-line aware (Not for XP)
https://www.majorgeeks.com/files/detail ... overy.html
3) Tweaking.com have a freeware registry backup util (Portable version, just cuz I like portable stuff)
https://www.majorgeeks.com/files/detail ... table.html
4) Acelogix RegBak 1.6.594.1 9 (works on XP also Not win11)
https://www.majorgeeks.com/files/details/regbak.html
others may suggest alternatives, this is just to help or aid others who may visit this web-page looking for a ideas.

On the command-line option my preference really used in conjunction with a batch/CMD-file wrapper some VSS options:
Majorgeeks does not seem to have a lot of the below so I've listed their respective web-sites
1. You could use a program called RawCopy (freeware XP>Win10 Autoit program)
https://www.majorgeeks.com/files/details/rawcopy.html
2. Extents V1.0.0.2 (Freeware it does work in XP not sure about other OS's Win+Command-line)
http://reboot.pro/files/file/316-extents/
3. Hobocopy, the author does now point to a program called ShadowSpawn (freeware/open-source XP>)
https://www.softpedia.com/get/System/Ba ... Copy.shtml
4. ShadowSpawn by Candera (No Longer available & difficult to obtain but found using WayBackMachine) select the appropriate vers to meet your needs. (grab it whilst you still can, it works in conjunction with other copy utils like robocopy emcopy fastcopy Xcopy etc)
ShadowSpawn-0.2.2-x86.zip
ShadowSpawn-0.2.2-x64.zip
the vcredist dependencies if needed are also on this web-page below X86 & X64. You will encounter redirects in Wayback but it does link to the download momentarily
https://web.archive.org/web/20170423020 ... /downloads
5. TSCopy (seems to work with XP open-source copies locked or in-use files click the green Code button with down facing arrow the X86 & X64 apps are within the download.zip file, they are python coded files)
https://github.com/trustedsec/tscopy

Maybe other site members could post their Favs also, if for any reason the links above do not work you can opt to use your own search engine to find them

I think this is the preferred route for myself a batch-file wrapper with appropriate VSS but others may have other ideas or concerns.

Muchas Gracias Everyone,

David