• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Registry Protection ala Test Run

S

Seekermeister

Golden Member
Something that I have been looking for is a program similar to Test Run, which makes a copy of the registry so that you can test a program, before permanently installing it. Instead of fixing registry problems after the fact, it allows you to prevent them from ever occuring. Unfortunately, Test Run was for W98. Is there anything like that available?
 
System restore is better than nothing, but it isn't the same as I'm looking for. System restore only works if a checkpoint is made at the opportune moment. so it may or may not fix a situation. With Test Run, you could install, test and uninstall a program without giving it a thought.
 
Originally posted by: Seekermeister
System restore is better than nothing, but it isn't the same as I'm looking for. System restore only works if a checkpoint is made at the opportune moment. so it may or may not fix a situation. With Test Run, you could install, test and uninstall a program without giving it a thought.
Click to expand...

mmm.. actually system restore probably does exactly what you are after. It will create a restore point when software or drivers are installed. If you don't have faith you can also manually create a restore point at any time. It also backs up far more than simply the whole registry. From the install/test/remove procedure you describe I think the reason there isn't a "test run" for XP is because the functionality is already built in.

To get back to a restore point you need only be able to boot into safemode.

if you can't boot even that far you can still recover from recovery console (if you know what you're doing...if not, ping folks here and we'll help asap)

Roll with it, you're good!
 
i guess it's the fact that I haven't gotten too accustomed to System Restore yet. I never think about making a manual checkpoint, and often when I do check what is available from the automatic checkpoints, it has not necessarily made one with every installation of programs and drivers. The last time I checked, it had about a weeks worth of checkpoints available, but only one of them listed a specific installation, despite the fact that I generally install several things each day. I was also looking for a way to have it keep more checkpoints longer, but I guess that it either doesn't do it, or I'm missing something.

You don't need to be detailed, but can you give me a brief outline of how to use it from the Recovery Console? I don't recall any of the commands available that would seem to relate to this.
 
The way you fix yourself in recovery console is to copy your registry files from the restore points back to their normal location manually.

Your restore points are buried in the "system volume information" folder under rpXXX folders. You'll find your hives saved as registry_system, registry_software etc (something similar to this, these are not the exact filenames). To get an idea, go give yourself permissions to the "system volume information" folder and look around (don't touch! just look)...it's stuff I had memorized at one time when I was doing support for this but I'm all rusty now.

Your registry is stored in \windows\system32\config and consists of four files (with no extensions): system, software, sam, security.

To fix yourself, you go to the config folder, rename your registry hive files then go to a restore point and copy over + rename the restore point copies of the hive files.


There is an MS kb out there about how to recover from registry corruption that details the steps. The topic has been covered quite a bit here too. Just search on "missing or corrupt system32\config\system"


If you are finding you don't have many restore points availabe, right click my computer, goto properties then the system restore tab. move the slider up to consume more disk space. If you ever want to free up the disk space, keep the slider in the same spot, but use the disk cleanup wizard. Under advanced it has an option to delete all but the latest restore point.

Hope this helps!
 
Thanks smilin, I may not need this at the moment, but I'm certain that I will in the future. I like knowing the answers before a question rises. I believe that I have the gist of it now, except that about the number of restore points, because I already have the slider set at max, and I still don't have enough automatic checkpoints, and it doesn't necessarily make one everytime an installation is made. Maybe that's because it's x64, because this system has some "funny" quirks. I have never used the cleanup wizard, so I would think that there would be alot of restore points available, but there isn't.
 
Ok, got a present for ya. This is good stuff:
http://www.microsoft.com/technet/community/en-us/management/sysrestore_faq.mspx

It covers what causes a restore point to be created (windows installer, installshield, unsigned drivers ...)

It also covers lots of reasons why you may not see points created and when created points are removed.

Also, Here is that article I mentioned before. It has the details of how to restore a registry in recovery console:
307545 How to recover from a corrupted registry that prevents Windows XP from starting
http://support.microsoft.com/default.aspx?scid=kb;EN-US;307545

take care

🙂
 
Thanks, I've scanned over the document and bookmarked it. I did find one item that related to a restore that I did when I first installed XP on my SATA raid drives. After installing the OS and the VIA drivers, I did a Windows Update, which included 26 fixes. But somehow, the updates causes my system to automatically reboot everytime that I tried to get to the desktop. After doing a restore, those updates no longer appearred in Add/Remove Programs. Yet, when I return to the Windows update website, it apparently still sees those updates and only offers newer one. Those old updates are still listed in the Windows folder, but I have often wondered if they are actually installed properly?

I'm going to need to study the article further, because it is still not clear to me why most of my program installations do not creat a new checkpoint automatically. I did see a brief explaination of this, but not enough to make me feel as though I understand.

I still wish it were possible to retain a checkpoint as long as I might choose, because sometime a problem doesn't make itself apparent until long after the original installation...like a problem that I'm now having with uninstalling an AVG trial program, which was only installed about 12 days before I tried to uninstall it. The uninstall fails each time that I try, and cripples my internet connection in the process. If there were something like Test Run, this would never be a problem.
 
Programs make a checkpoint because the installer is "system restore aware" and causes one to get made.

Windows installer and the newer versions of installshield do this. If you are setting up via some other installer it won't happen. You would have to do it manually in this case.



As for your update situation after a restore here is how to set your mind at ease...
Reapply SP2 then hit windows update. You'll be 100% level no matter where you are.

However, you're really fine anyway. The reason you don't see the updates in add/remove is because they are recorded in your registry under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall. When you rolled back the registry via system restore this got whacked. Windows update does not look here when determining what updates to install.

Yea system restore points are not permanent. If you want a permanent backup of the registry just do this:
-start | run | ntbackup.
-kick over to advanced mode if the wizard starts.
-Once there goto the backup tab.
-specify a file as a destination down at the bottom (any file will do...you're gonna delete it in a sec).
-Check the system state checkbox and start the backup.
-It will estimate files and whatnot then start actually backing stuff up.
-Once you see a couple files get backed up, cancel the backup and close ntbackup.
-Delete that file you backed up to (or let the backup complete and keep the file 😛 ).

The part that happened while you weren't looking:
goto window\repair and you'll see a shiny new folder called regback that has a copy of all your registry hives sitting in it just like a restore point. It's permanent until you do this process again and it will be updated.
Heck rename regback each time if you want multiple points in time.

You'll also see in windows\repair itself some copies of the registry hives as well. These
were created at the final moment of GUI mode setup before your computer booted for the first time. They are handy to get you booted in a pinch long enough to do some more serious repair work (like move the registry out of a restore point via gui instead of in recovery console..yuk)
 
Apparently, the problem is that x64 doesn't recognize the installers of most programs, and therefore doesn't creat a checkpoint. Not really important, but for x64 the service pack is 1 instead of 2. I didn't know about ntbackup at all, so that may come in handy in the future.

I'm curious, would the hive in windows\repair permit me to fix a bad problem that I have with AVG's firewall? As it is, I can't uninstall the program normally, and when I try to do so manually, I get nowhere and I lose my internet access.
 
hm. Probably not. It may come in handy as a reference of what your clean system looked like before AVG.

I don't know how AVG works but I can make some guesses about where it is plugging in. There are going to be some deep hooks in that thing in the registry and without some guidance from AVG, getting that firewall off manually would be very difficult.

Why can't you uninstall normally? If there is something busted in AVGs install process, a reinstall over the top of itself may correct it and allow an uninstall.
 
I suspect that you are correct about needing AVG's help, but I have sent them 3 requests, but have received no response. I have tried to uninstall "normally" three times, and each time It says that it can't find the awfwfu64.dll, which that and the awfwfu.dll are the two files that I have been unable to delete, regardless of the methods that I have tried. Obviously, I reinstalled the program each time, and that corrected nothing.

Since I suspect that they is being protected by the Windows File Protection, do you have any idea of how to turn that off long enough to get rid of these files? If they were deleted without the WFP being active, would WFP replace them when turned on again?
 
3rd party stuff isn't protected by windows file protection (as far as I know..could be wrong).

I would imagine AVG is keeping files locked by a process, and setting the processes permissions such that it cannot be shut down.

There is a real good chance this will work if you try it in safemode.



If for some reason something is deleted that WFP protects, yes it will replace it or attempt to do so when the machine boots.
 
I have already tried Safe Mode, without any luck. By process, are you speaking of something that would be found in the Task Manager Window? I have checked that, and it doesn't appear that there is anything related to AVG which is active or listed.
 
it's possible you won't be able to see a particular process in task manager. They can be hidden. Could be a driver/service as well. If it's not working in safemode the next step should be to get with AVG.

kick back with a drink and a bag of popcorn and give their tech support a call during business hours.
 
I wish it were that easy. If it were, I wouldn't have pestered you. AVG only has a choice of email or an online support form...no telephone number. If there were, I'd be burning up the telephone lines.
 
I spent the last couple of hours fighting with AVG, and I think that I finally got rid of all of the files, but I still couldn't access the internet. I have come to the conclusion that the listener socket, that my proxy complains about is the port for com 1. Since there are 256 ports selectable in the Device Manager, I tried the first dozen, and then some random selections all the way up to 256, and none changed the situation. Trying the modem diagnostics tab in the Hardware Manager failed also, and it says that another application is already using it. Since I also throughly cleaned the registry, I'm back to step 1...not knowing which way to turn.

I bought a copy of Kapersky Internet Security 6.0 today, and I'm wondering if I install it, if it might correct the problem. I somehow doubt that, because running the Windows firewall doesn't fix it. I'm still looking for ideas.
 
I finally got AVG uninstalled. Fortunately, they had a new version available for download, and it was able to do the uninstall. But now, I ran into a problem installing Kaspersky...the install shield opens, but before anything else, it pops an error saying "Could not install this application. Current operating system not supported". But according to their website, and the information on their box, XP x64 is supported. I checked their FAQs, and all that I found remotely similar, was advising to install the Windows installer from MS. But this only applied to older OSs, both on the Kaspersky and MS websites. There was no installer that I could find that was for x64. Does anyone have any ideas about this?
 
I got Kaspersky installed, but Ihad to download a trial version and use the CD key to activate it, apparently the CD is defective. But then the download isn't too good either, because while it did install the AV okay, it didn't install the firewall. According to the manual, if the Windows Firewall is active, then Anti Hack (firewall) is disabled to avoid any conflict. However, I disabled Windows firewall and rebooted and it still doesn't work. Looking at the online help manual, it describes the various aspects of determining the firewall status in the control window, but none of these appear. I sent another email to Kaspersky about the firewall and the CD, but since they haven't responded to the first, I wonder how long it will take them to respond to the second. Even though they claim to have continous support available, if they are anything like AVG, they will never answer my questions.
 
I wish I could help more.

My kung-fu is with MS and I've never actually run AVG myself. I'm not at all surprised you need an x64 version though. Anti-Virus and Firewalls need drivers to run and you can't thunk drivers from 64bit to 32bit like you can apps.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top