Archive: Registry backup/restore


Registry backup/restore
Greetings all,
I want to create a registry backup function that will allow me to backup an entire registry key. (I haven't decided yet on whether I should try to make a REG file or invent my own INI file or some other data file. For now, I'm just focusing on how to get the info out.)

I know that I can use EnumRegKey and EnumRegValue to obtain a list of items and then use one of the WriteReg commands to enter it back in.

But, this is where it gets tricky:
How do I figure out what the data type is of the value I just read? For example, I could be reading a binary value, a string value, and expanded string value, or a DWORD value, just to name a few common ones. (I will need to know this before I try to write the value back in.)

Does anyone know how I might accomplish this? Or does anyone know of a tool or plugin that might help me accomplish this?


ExecWait 'regedit /s "C:\ExportToRegistry.reg"'
ExecWait 'regedit /e "C:\ImportFromRegistry.reg" HKEY_LOCAL_MACHINE\SOFTWARE\MyKey'

Thanks for this suggestion, Intructtor. This looks to be exactly the thing I was looking for! :D


Hi...
About this "regedit /s"
It seems that it doesn't actually do a full backup. What I mean is:
Let's I have 3 string values under a key.
I make a backup using "regedit /e"
If I delete a string value and then run "regedit /s", it will restore it.
But if instead of deleting it I add a forth string value, it will not delete this new entry, so I can have the original key.
I hope it makes some sense and somebody can help me figure out how to have a reliable way of backing up registry.
Thank you


Actually, regedit /s will do a full backup - however, the backup doesn't work like you expect.

The .reg file that is created contains a list of existing keys and values. When restored, these are added one by one, but any additional keys are not removed, as that would be insecure and could break software.

If you want to remove everything not in your backup, you'd probably be best off finding the file where Windows stores its registry data. Though I'm not sure if it'll actually let you modify that file.


Chilli24:
Pigeot is correct in that a REG file will only ADD or MODIFIY values that are specifically in that file. A REG file will not modify any value that is not included in the reg file itself nor will it delete values.

If you want to ensure that items get removed, you should first delete the main key before you merge the original file back in. (For example, if you backed up the key HKLM\Software\Widgets Inc, then you should delete this entire key before merging in the original backup).

Another way to go would be to find the items you want to save and then back them up one by one. (The reason this didn't work for me was that I had no way to knowing exactly what what types of data might be included in the key I needed to backup. But perhpas your situation is different.)

And a few more good tips:
1. Before you start messing with the registry, it's good to first check to make sure that you have access to it.

2. Make sure you thoroughly test your install--you don't want to accidentally delete the wrong key as that could have disastrous results!

EDIT:
I was wrong about deleting. It can be done with the proper syntax in a REG file. Check this link out:
http://support.microsoft.com/default...310516&sd=tech


Yes, but as you've probably seen, this method is not practical for removing all keys added later, as you need to enumerate each one by name. It will also require you to manually do this, as the Registry Editor doesn't do it for you.


I've ended up in deleting the new entries "manually".
But, anyway, thanks for your help. I appreciate it.


regedit - special:

/e = export
/s = do it silent - can be used on import&export
/a = export als old fashioned win9x style (hidden switch, only NT systems / ascii-format)

in a reg file:
[-key] will delete a key
[key] will add a key

on export you should be sure that regedit.exe is closed otherwise all export will fail.

  ;close regedit before export
GoTo Running2

Exit2:
MessageBox MB_YESNO|MB_ICONEXCLAMATION "${MUI_ABORTWARNING_TEXT}" IDNO Running2
Quit

Running2:
FindWindow $R9 "RegEdit_RegEdit" ""
IntCmp $R9 0 NotRunning2
MessageBox MB_OKCANCEL|MB_ICONEXCLAMATION "please close the windows registry\n program (REGEDIT.EXE, REGEDT32.EXE) !" IDCANCEL Exit2
GoTo Running2
NotRunning2:

    Execwait '"regedit.exe" /e $path\regfile.reg HKEY_CURRENT_USER\Software\mysoftware'