Your post makes interresting reading, well done.
I see there is no mention of the fact of ERUNTgui which has been out for a little while, this is a ADD ON which is designed to work as a GUI interface with it. Perhapse people should google ERUNTgui and look for it.
However I have had a problem with ERUNT aka ERDNT although they work very well on my PC using a GUI interface, and ERDNT has saved my bacon on many occasions.
But here is my problem and others may have run up against a brick wall as I have done.
What do you do when your OS, as in my case XP is hosed and it won't start, even in Safe Mode and the Command Prompt cannot appear.
(yep it hapened to me) for all intents and purposes ERDNT cannot be accessed on the hard drive of the computer. (A malware hit me)
WARNING WARNING WARNING
DO NOT DO THIS IF YOU FEEL YOU DON'T HAVE THE EXPERIENCE
IF YOU HOSE YOUR SYSTEM (WHICH IS DEAD ANYWAY), DON'T COME LOOKING AT ME.
you take full responsibility for any mistakes you make, continueing to read this it is understood by me YOU will not blame me for any loss whatsoever at all.
First of all, I took my hard drive out of the primary machine and mounted it as the IDE secondary primary Hard Drive on a working second computer.
Fired up the SECOND computer, looked to see if my original hard drive was there, yep it was and I headed down to WINDOWS to the ERDNT directory and the sub directories.
I did a DIR of the hard drive like this DIR X: (being the new Hard Drive letter) \WINDOWS\ERDNT and I could see I still had access to the sub directories.
I then chose the most recent "date" that I knew was a good working registry then accessed and opened it to find the ERDNT.inf file.
From this point I could access the ERDNT.INF file, because I needed (HAD) to modify it.
I could have used EDIT.com but used Notepad instead to do it.
The .INF file contains the instructions to write back to the Windows Registry the files which were saved when it was working OK, for this to happen the ERDNT.EXE file is clicked on and it then accesses the INF file which acts like a BAT file and points the recovery process to all the other files in turn.
MAJOR WARNING READ THIS if nothing else.
Before I did this I had to alter the pointers inside the .INF file or I would automatically hose my "other" second working computer.
I printed out the INF file to work with and I also made a backup copy of the original INF file.
Looking at the contents of INF file, there is referance made to 9 [sections] this may differ in yours, I was after every DRIVE Letter pointing to the C: drive.
Now as this was the original INF from the original computer, but because it is being read from the second computer I need to change all reference from C: to D: because we don't want all the original files sent back to the second computers hard drive C:
So under the following I made the changes you can see below.
Another MAJOR WARNING
Double check what drive letter the Second computer has assigned to your hosed original Hard Drive and WRITE IT DOWN.
"6/06/2011 10:53:37 AM" Has NO reference to C: you do not need to do anything here.
"C:\WINDOWS" now became "D:\WINDOWS"
"C:WINDOWS\system32\config\SECURITY" now became "D:\WINDOWS\system32\config\SECURITY"
"C:\WINDOWS\system32\config\software" now became "D:\WINDOWS\system32\config\software"
"C:\WINDOWS\system32\config\system" now became "D:\WINDOWS\system32\config\system"
"C:\WINDOWS\system32\config\default" now became "D:\WINDOWS\system32\config\default"
"C:\WINDOWS\system32\config\SAM" now became "D:\WINDOWS\system32\config\SAM"
Below this I have two other files that need to be altered, it's the same thing, changing the drive letter from C: to D: on the bottom lines.
This is pointing to my USERS ntuser.dat file and the last one is pointing to my USERS UsrClass.dat file
Both these files will be different in your own registry so I havent typed in here all the numbers etc refering to my setup.
All you need to do is to change the C: to a D: (remember IF this is what the hard drive letter is now seen as in the second computer).
I doubled checked what I had done and rechecked it again, (Meassure twice,,,,,, Cut Once).
I then saved the "modified" INF file and saved it still as the same name as ERDNT.INF
Next I double clicked the GREEN ERDNT.EXE file to begin the restore process and let it roll out the saved good registry settings.
This now wrote the good registry settings or files back onto the "dead" hard drive making it "alive" again.
When the computer asks to reboot, I just pressed the start button on the computer and after 4 seconds the second computer was off.
I disconnected the original Hard drive and reconnected it to my original computer connected it and powered up the computer and it fired up with a operating system that was working again.
All my information was still there as it was originally, even my desktop.
Next I had to remove the sub directory where I had just repaired the INF file as I did NOT want to accidently use it as the file would now point to a non existant drive so I erased just the whole Sub Directory I had modified and just created a new one using ERDNT on the desktop.
I hope this helps others who have had a "stuck" dead computer.
WARNING don't use this method if you have no experience writing BATch files etc, if you make a single mistake you WILL totally screw up your system.
I have placed my method here as at the moment there is NO other method accessing it to get a dead computer back up and running unless you have the Windows XP install CD or other Bootable CDs where you can access it via a working GUI setup in RAM etc.
What we all need is someone who can write and put together a special CD bootable just to access a "dead" hard drive by searching automatically for ERDNT recovery using a DOS GUI interface that can recognise the NTFS OS
Any takers please?