System Administration: System State Backup and Recovery Script

Author: John Sharpe
Platform: Windows XP, Windows 2000, Windows NT

Type: startup/shutdown

This set of scripts will perform a system state backup after adding additional software or hardware, providing a significant
value to the responding analyst and client. We currently are testing a
methodology which allows a complete system state restore from the Recovery
Console. If a client then adds an additional configuration to their system
and it will not boot, we have a process that allows for a 3-5 minute turnaround.

This batch job performs a system state backup and then deletes the system state backup file leaving an updated directory to
restore the registry and security information from a later point in
time.

When you install Windows 2000, the Windows 2000 Repair directory structure
looks like this:

06/28/2000 02:55p 438 autoexec.nt

06/28/2000 04:31p 2,577 config.nt

06/28/2000 04:35p 118,784 default

04/03/2002 01:24p 20,480 DS_SAM

04/03/2002 01:24p 20,480 DS_SECURITY

04/03/2002 01:24p 5,844,992 DS_SOFTWARE

04/03/2002 01:24p 20,480 sam

06/28/2000 04:32p 522,914 secsetup.inf

04/03/2002 01:24p 20,480 security

06/28/2000 04:30p 141,118 setup.log

04/03/2002 01:24p 5,844,992 software

06/04/2001 02:59p 2,392,064 system.bak

Once youve performed a system state backup, a directory Regback is
created. The directory structure for a possible recovery point is located
now at: c:winntrepairregback. The directory structure for
c:winntrepairregback looks like this:

05/09/2002 10:26a 143,360 default

03/27/2002 02:56p 626,688 NTUSER.DAT

05/09/2002 10:26a 20,480 SAM

05/09/2002 10:26a 32,768 SECURITY

05/09/2002 10:26a 12,009,472 software

05/09/2002 10:27a 2,433,024 system

03/27/2002 02:56p 8,192 UsrClass.dat

Ive created a system recovery file that can be used via the command line
from the WIN-PE disk or the Windows 2000 Recovery Console. The batch job
performs a backup of the current files in c:winntsystem32config to the
c:winntoptionsregistrybackup directory.

:: Create a directory for backup of suspected defective registry.

mkdir c:winntoptionsregistrybackup

:: Backup suspected defective registry.

copy c:winntsystem32configsoftware c:winntoptionsregistrybackup

copy c:winntsystem32configdefault c:winntoptionsregistrybackup

copy c:winntsystem32configsam c:winntoptionsregistrybackup

copy c:winntsystem32configsecurity c:winntoptionsregistrybackup

copy c:winntsystem32configsystem c:winntoptionsregistrybackup

Next, the batch job restores files from the c:winntrepairregback
directory to c:winntsystem32config.

:: Restore registry and security information from system state backup.

copy c:winntrepairregbacksoftware c:winntsystem32configsoftware

copy c:winntrepairregbacksoftware

c:winntsystem32configsoftware.sav

copy c:winntrepairregbackdefault c:winntsystem32configdefault

copy c:winntrepairregbackdefault c:winntsystem32configdefault.sav

copy c:winntrepairregbacksam c:winntsystem32configsam

copy c:winntrepairregbacksam c:winntsystem32configsam.sav

copy c:winntrepairregbacksecurity c:winntsystem32configsecurity

copy c:winntrepairregbacksecurity

c:winntsystem32configsecurity.sav

copy c:winntrepairregbacksystem c:winntsystem32configsystem

copy c:winntrepairregbacksystem c:winntsystem32configsystem.alt

copy c:winntrepairregbacksystem c:winntsystem32configsystem.sav

Youll also notice that we save an additional copy of each file from
c:winntrepairregback to c:winntsystem32config.

I have intentionally blue screened my machine with 3 versions of
pcAnywhere and recovered using this procedure described above. This
procedure when implemented is a huge lifesaver and add value for the
client and support analyst.

These ideas were founded on material from the book:
Mastering the Windows 2000 Registry by Peter D. Hipson (Sybex, 2000)

Download the script.
Scroll down to view the script.

: BackupSystemState.bat


TITLE Update System State and Registry Files Stored @ c:winntrepairregback
COLOR F

@ECHO OFF 

cls

:: Purpose: Backup batch file used to perform backup of 
::  system state prior to troubleshooting anything.
:: 
::  Author: John Sharpe
::  Title:  Desktop Support Analyst
::  Date:March 12th, 2002
:: 
::  Intent: Provide better customer service in less
:: 	time.

:: Recover Your Operating System By Restoring Registry and Security Files
:: If you cannot recover your Operating System via the Last Known Good Option
:: Boot to the Recovery Console or WinPE Boot Disk.  
:: Execute the RecoverOS.bat file from the Recovery Console via c:winntBATCH RecoverOS.bat.  
:: Execute the RecoverOS.bat file from the WinPE Boot Disk c:winntRecoverOS.bat

%systemdrive%

TITLE Map B: to a share where scripts reside so scripts have the correct path.

::	jsharpw2win2k$MapDriveB.bat

cls


cd

cls

TITLE Erase temp files prior to backing up user profile.

cls

erase *.tmp /s


mkdir c:winntoptionsbackup

cls

TITLE Update System State and Registry Files Stored @ c:winntrepairregback


ntbackup backup systemstate /j "Command Line System State Backup" /f "c:winntoptionsbackup%Username%SysState.bkf" /a

cls

del "c:winntoptionsbackup%Username%SysState.bkf"

TITLE Copy operating system recovery file to c:winnt.

	xcopy /s /h /r b:RecoverOS.bat c:winnt






:: RecoverOS.bat

TITLE Recover Your Operating System By Restoring Registry and Security Files
COLOR F

@ECHO OFF

:: Purpose:  Recover Your Operating System By Restoring Registry and Security Files
::	 If you cannot recover your Operating System via the Last Known Good Option
::Boot to the Recovery Console or WinPE Boot Disk.  
::
::Execute this file from the Recovery Console via c:winntBATCH RecoverOS.bat.  
::	 Execute this file from the WinPE Boot Disk c:winntRecoverOS.bat
:: 	
:: Courtesy: Jerold Schulman
:: Modifier: John Sharpe
:: Title:Desktop Support Analyst
:: Date: May 2nd, 2002
:: Intent:Provide better customer service in less time.
::

:: Create a directory for backup of suspected defective registry.
mkdir c:winntoptionsregistrybackup

:: Backup suspected defective registry.
copy c:winntsystem32configsoftware c:winntoptionsregistrybackup
copy c:winntsystem32configdefault c:winntoptionsregistrybackup
copy c:winntsystem32configsam c:winntoptionsregistrybackup
copy c:winntsystem32configsecurity c:winntoptionsregistrybackup
copy c:winntsystem32configsystem c:winntoptionsregistrybackup

:: Restore registry and security information from system state backup.
copy c:winntrepairregbacksoftware c:winntsystem32configsoftware 
copy c:winntrepairregbacksoftware c:winntsystem32configsoftware.sav
copy c:winntrepairregbackdefault c:winntsystem32configdefault
copy c:winntrepairregbackdefault c:winntsystem32configdefault.sav
copy c:winntrepairregbacksam c:winntsystem32configsam
copy c:winntrepairregbacksam c:winntsystem32configsam.sav
copy c:winntrepairregbacksecurity c:winntsystem32configsecurity
copy c:winntrepairregbacksecurity c:winntsystem32configsecurity.sav
copy c:winntrepairregbacksystem c:winntsystem32configsystem
copy c:winntrepairregbacksystem c:winntsystem32configsystem.alt
copy c:winntrepairregbacksystem c:winntsystem32configsystem.sav

Disclaimer: We hope that the information in these pages is valuable to you. Your use of the information contained in these pages, however, is at your sole risk. All information on these pages is provided “as -is”, without any warranty, whether express or implied, of its accuracy, completeness, fitness for a particular purpose, title or non-infringement, and none of the third-party products or information mentioned in the work are authored, recommended, supported or guaranteed by me. I shall not be liable for any damages you may sustain by using this information, whether direct, indirect, special, incidental or consequential, even if it has been advised of the possibility of such damages.

RELATED NEWS AND ANALYSIS

• Huawei’s AI Update: Things Are Moving Faster Than We Think

  FEATURE |  By Rob Enderle,
  December 04, 2020

• Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 18, 2020

• Key Trends in Chatbots and RPA

  FEATURE |  By Guest Author,
  November 10, 2020

• Top 10 AIOps Companies

  FEATURE |  By Samuel Greengard,
  November 05, 2020

• What is Text Analysis?

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 02, 2020

• How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 29, 2020

• Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 23, 2020

• The Super Moderator, or How IBM Project Debater Could Save Social Media

  FEATURE |  By Rob Enderle,
  October 16, 2020

• Top 10 Chatbot Platforms

  FEATURE |  By Cynthia Harvey,
  October 07, 2020

• Finding a Career Path in AI

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  October 05, 2020

• CIOs Discuss the Promise of AI and Data Science

  FEATURE |  By Guest Author,
  September 25, 2020

• Microsoft Is Building An AI Product That Could Predict The Future

  FEATURE |  By Rob Enderle,
  September 25, 2020

• Top 10 Machine Learning Companies 2020

  FEATURE |  By Cynthia Harvey,
  September 22, 2020

• NVIDIA and ARM: Massively Changing The AI Landscape

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  September 18, 2020

• Continuous Intelligence: Expert Discussion [Video and Podcast]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 14, 2020

• Artificial Intelligence: Governance and Ethics [Video]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 13, 2020

• IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI

  FEATURE |  By Rob Enderle,
  September 11, 2020

• Artificial Intelligence: Perception vs. Reality

  FEATURE |  By James Maguire,
  September 09, 2020

• Anticipating The Coming Wave Of AI Enhanced PCs

  FEATURE |  By Rob Enderle,
  September 05, 2020

• The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  August 14, 2020