powered by PmWiki |
MSTips /
MSSystemRestoreSystem Restore is a component of Microsoft's Windows Me, Windows XP and Windows Vista operating systems that allows for the rolling back of system files, registry keys, installed programs, etc., to a previous state in the event of a failure. Vista has been improved interface relying on Shadow Copy Table of ContentsOverviewSystem Restore is can be accessed via Start -> All Programs -> Accessories -> System Tools -> System Restore. From there, the user may either create a new restore point manually, roll back to an existing restore point, or change the System Restore configuration. New Restore Points are created when:
System Restore can be configured to use up to 15% of hard drive space. Old restore points are discarded in order to keep drive usage within the specified amount. This can provide restore points covering the past several weeks. Users concerned with performance or space usage may also opt to disable System Restore entirely. Files stored on partitions not monitored by System Restore are never backed up or restored. The amount of space a System Restore will allocate towards its use is, by default, 12 percent of your total usable space on the particular partition being monitored if the partition is greater than 4GB, otherwise it will use up to 400 MB. This amount can be adjusted per partition in the System Restore tab in your System control panel. If you have less than 200 MB, system restore will be disabled until the amount of available space rises above 200 MB. If system restore attempts to make a new restore point, and that restore point would put you past the allocated amount of storage that system restore can use, system restore will delete the oldest restore point automatically to create more room for the new one. System Restore backs up system files of certain extensions (.exe, .dll, etc.), with the exception of files in My Documents folders, and saves them in a large compressed block for later recovery and use. It backs up the registry and most drivers. It does not back up or restore user data. System restore will not monitor changes to users' personal data. Nor will it restore windows logins. Thus, users will not lose personal data, emails, etc., when performing a system restore. When a rollback to a previous restore point is performed, the files that were being monitored by System Restore are restored and newly created folders are removed. Microsoft recommends that if a user is unsure as to whether certain files will be modified by a rollback, that they keep those files under My Documents which is not effected by the system rollback. Disabling and Enabling System Restore Figure 1. Disabling System Restore NOTE: You need to be logged in as an Administrator to administer System Restore. WARNING: By disabling system restore you will delete all stored restore points. This is access right click My Computer->'Properties->System Restore Tab. See Figure 1 Manually Creating Restore Points XP Figure 2. System Restore Utility It is possible to manually make restore points when you wish by using the System Restore utility. Common reasons to do this are because you feel have your computer set up perfectly and would like to save that state in case something goes wrong in the future. To open the utility, go to your System Tools group under Accessories in your Programs menu. Then click on the System Restore icon. Select the radio dial labeled "Create a restore point", designated by the blue box, and press the Next button. "Name your Restore Point" It is possible to manually make restore points when you wish by using the System Restore utility. Common reasons to do this are because you feel have your computer set up perfectly and would like to save that state in case something goes wrong in the future. To open the utility, go to your System Tools group under Accessories in your Programs menu. Then click on the System Restore icon.To create a manual restore point select the radio dial labeled "Create a restore point", designated by the blue box, and press the Next button. Type the name you would like this restore point to be referred as in the field designated. When you are done, select the Create button. System restore will create the restore point and give you a confirmation screen. Select the Close button to close the System Restore utility. Restoring Windows XP to a previous StateTo restore Windows XP to a previous restore point you need to open the System Restore Utility. To open the utility, Sart->Programs->System Tools->Select the System Restore icon and a window will appear select the radio button labeled Restore my computer to an earlier time, Select Next button which will invoke a window. Select a restore point that you would like to restore. If a particular day has any restore points created on it the date will be in bold. Select the restore point by clicking once on its name, then select the Next button and follow the prompts After the computer is rebooted you will see a screen that contains information confirming that the restoration to the restore point is complete. If there are any problems with your computer since you restored to this restore point, you can revert back to your previous settings by going back into the System Restore Utility and selecting the Undo my last restoration radio button. Deleting Restore PointsThere are three known safe ways to delete restore points stored on your computer.
Note: System Restore runs out of storage space - If system restore runs out of the storage space that has been allocated towards its use, it will delete the oldest restore point in order to create space for the new restore point. Problems with System RestoreThere are some problems associated with System Restore when it comes to viruses. When restore points are created they are stored in a directory that is accessible only to the System account and not to a user. This keeps the restore points safe from misuse and tampering. Unfortunately this also means that any virus scan software you may have installed can not scan the files located there as well. This causes a problem if a file that is infected with a virus gets backed up into a restore point because now the anti-virus software can not clean it. If the restore a stage in time where your computer was infected the virus will be introduced back into your system. If you find that you are infected with a virus, hijacker, or spyware and want to make sure you do not get reinfected if you restore a restore point,
Access System FilesWARNING: Information found in this section is for advanced users only. If you use this information without advanced knowledge of your operating system you can cause serious damage to your Windows installation. All restore points are stored in a folder that starts with _restore in the System Volume Information folder found in the root of your individual partitions. This folder is used to store copies of your registry, files, configuration, etc. The system volume information folder is only accessible to the System account by default. By adding yourself to the security permissions of this account will grant access to these files. Registry HacksMost of the configuration options for System Restore can be found at the following registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore One interesting key you can change here is the interval Windows uses to make an automatic restore point. By changing the value, which is the total seconds between automatic restore point creation, you can make Windows create restore points more often or less frequent. The default value is 86400, which in seconds corresponds to 24 hours between each automatic restore point creation. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\RPGlobalInterval For more information on the registry keys used by System Restore read this Microsoft Knowledgebase article: http://support.microsoft.com/default.aspx?kbid=295659 You can also specify what registry keys should not be restored and what files should not be backed up by System Restore. These registry keys are: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\BackupRestore\FilesNotToBackup HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\BackupRestore\KeysNotToRestore The values contained in the FilesNotToBackup key are files or directories, in which you can specify wildcards as well to exclude all files in a particular directory. Any files listed in this way will not be added to a restore point when one is created. The values contained in the KeysNotToRestore key are registry keys that should not be restored if you ever restore your computer to a previous restore point. Concluding ObservationsSystem Restore is a powerful tool for keeping your Windows Installation running smoothly and safely. If you use this feature you will be guaranteed to have a valid restore point to revert to if any issues arise in the future. Care must be taken, though, when using this application so that damaged or infected files are not restored to your computer and cause you to be reinfected. With caution in mind when using System Restore you should not have these problems. All text is available under the terms of the GNU Free Documentation License |