[electricme]

MrCharlie:

Your post makes interresting reading, well done.
I see there is no mention of the fact of ERUNTgui which has been out for a little while, this is a ADD ON which is designed to work as a GUI interface with it. Perhapse people should google ERUNTgui and look for it.

However I have had a problem with ERUNT aka ERDNT although they work very well on my PC using a GUI interface, and ERDNT has saved my bacon on many occasions.

But here is my problem and others may have run up against a brick wall as I have done.
What do you do when your OS, as in my case XP is hosed and it won't start, even in Safe Mode and the Command Prompt cannot appear.
(yep it hapened to me) for all intents and purposes ERDNT cannot be accessed on the hard drive of the computer. (A malware hit me)

WARNING WARNING WARNING
DO NOT DO THIS IF YOU FEEL YOU DON'T HAVE THE EXPERIENCE
IF YOU HOSE YOUR SYSTEM (WHICH IS DEAD ANYWAY), DON'T COME LOOKING AT ME.
you take full responsibility for any mistakes you make, continueing to read this it is understood by me YOU will not blame me for any loss whatsoever at all.




First of all, I took my hard drive out of the primary machine and mounted it as the IDE secondary primary Hard Drive on a working second computer.
Fired up the SECOND computer, looked to see if my original hard drive was there, yep it was and I headed down to WINDOWS to the ERDNT directory and the sub directories.
I did a DIR of the hard drive like this DIR X: (being the new Hard Drive letter) \WINDOWS\ERDNT and I could see I still had access to the sub directories.
I then chose the most recent "date" that I knew was a good working registry then accessed and opened it to find the ERDNT.inf file.
From this point I could access the ERDNT.INF file, because I needed (HAD) to modify it.
I could have used EDIT.com but used Notepad instead to do it.

The .INF file contains the instructions to write back to the Windows Registry the files which were saved when it was working OK, for this to happen the ERDNT.EXE file is clicked on and it then accesses the INF file which acts like a BAT file and points the recovery process to all the other files in turn.

MAJOR WARNING READ THIS if nothing else.
Before I did this I had to alter the pointers inside the .INF file or I would automatically hose my "other" second working computer.
I printed out the INF file to work with and I also made a backup copy of the original INF file.
Looking at the contents of INF file, there is referance made to 9 [sections] this may differ in yours, I was after every DRIVE Letter pointing to the C: drive.

Now as this was the original INF from the original computer, but because it is being read from the second computer I need to change all reference from C: to D: because we don't want all the original files sent back to the second computers hard drive C:
So under the following I made the changes you can see below.

Another MAJOR WARNING
Double check what drive letter the Second computer has assigned to your hosed original Hard Drive and WRITE IT DOWN.


[Creation]
"6/06/2011 10:53:37 AM" Has NO reference to C: you do not need to do anything here.



[SystemRoot]
"C:\WINDOWS" now became "D:\WINDOWS"

[Restore]
"MACHINE SECURITY"
"SECURITY"
"C:WINDOWS\system32\config\SECURITY" now became "D:\WINDOWS\system32\config\SECURITY"

[Restore]
"MACHINE SOFTWARE"
"software"
"C:\WINDOWS\system32\config\software" now became "D:\WINDOWS\system32\config\software"

[Restore]
"MACHINE SYSTEM"
"system"
"C:\WINDOWS\system32\config\system" now became "D:\WINDOWS\system32\config\system"

[RESTORE]
"USERS .DEFAULT"
"default'
"C:\WINDOWS\system32\config\default" now became "D:\WINDOWS\system32\config\default"

[RESTORE]
"MACHINE SAM"
"SAM"
"C:\WINDOWS\system32\config\SAM" now became "D:\WINDOWS\system32\config\SAM"


Below this I have two other files that need to be altered, it's the same thing, changing the drive letter from C: to D: on the bottom lines.
This is pointing to my USERS ntuser.dat file and the last one is pointing to my USERS UsrClass.dat file

Both these files will be different in your own registry so I havent typed in here all the numbers etc refering to my setup.

All you need to do is to change the C: to a D: (remember IF this is what the hard drive letter is now seen as in the second computer).

I doubled checked what I had done and rechecked it again, (Meassure twice,,,,,, Cut Once).

I then saved the "modified" INF file and saved it still as the same name as ERDNT.INF

Next I double clicked the GREEN ERDNT.EXE file to begin the restore process and let it roll out the saved good registry settings.
This now wrote the good registry settings or files back onto the "dead" hard drive making it "alive" again.



When the computer asks to reboot, I just pressed the start button on the computer and after 4 seconds the second computer was off.


I disconnected the original Hard drive and reconnected it to my original computer connected it and powered up the computer and it fired up with a operating system that was working again.
All my information was still there as it was originally, even my desktop.



Next I had to remove the sub directory where I had just repaired the INF file as I did NOT want to accidently use it as the file would now point to a non existant drive so I erased just the whole Sub Directory I had modified and just created a new one using ERDNT on the desktop.

I hope this helps others who have had a "stuck" dead computer.

WARNING don't use this method if you have no experience writing BATch files etc, if you make a single mistake you WILL totally screw up your system.
I have placed my method here as at the moment there is NO other method accessing it to get a dead computer back up and running unless you have the Windows XP install CD or other Bootable CDs where you can access it via a working GUI setup in RAM etc.

What we all need is someone who can write and put together a special CD bootable just to access a "dead" hard drive by searching automatically for ERDNT recovery using a DOS GUI interface that can recognise the NTFS OS
Any takers please?

Jim

[godawgs]

Quote

What we all need is someone who can write and put together a special CD bootable just to access a "dead" hard drive by searching automatically for ERDNT recovery using a DOS GUI interface that can recognise the NTFS OS
Any takers please?

Jim

ERUNT already has that. There is a Readme.txt file in the ERUNT installation folder, usually C:\Program Files\ERUNT.
Look for a section in the readme.txt file entitled What to do if Windows does not boot anymore?
If you have more than one OS installed on your computer, follow the directions under the Restoring the registry with ERDNT - Emergency Scenario I section.
If you only have one OS installed on the computer, follow the directions under the Restoring the registry with ERDNT - Emergency Scenario II section. The two rescue methods listed require that your PC is configured so that it can boot from a CD. See your BIOS documentation for more information.
Follow method 1 if you don't have a Windows CD.
Method 2 is used to get into Recovery Console when you do have a Windows CD.

Either of these 2 methods will let you restore the registry without having to remove and reinstall hard drives, edit .INI and .DAT files or write batch files.

[electricme]

Godawgs:

Thank you for replying.
I have read the 13 pages of the Readme.txt file and it does go into the recovery situation quite some, I can see that Lars has taken a lot of trouble to give everyone the information they might need to recover their PC.
My main concern is for situations where there is only one PC, and there is no bootable CD's there that can access the broken PC, so the PC will remain dead in the water.

Besides, how many computer users know these days know how to use DOS to return their computers to working order, can they make a batch file? those of us who cut our teeth on DOS 20 years ago, are getting a bit thin on the ground, the present generation just look surprised at you and say huh, what's that?

I think there is a opening for someone to make a bootable CD, in DOS(GUI), that can access the NTFS file system and then write the good registry back to where it should go, and a good BAT file would help.

[dermotk]

Mrcharlie,

This is a great post, i followed your post re autobackup for windows7,but when i check the properties of the autobackup shortcut it don,t have "C:\Program Files\ERUNT after start in;what have i done wrong? thanks in advance for any further advice.
I have sorted out the above problem but still erunt does not backup my registry automaticily,any advice appreciated

[godawgs]

dermotk,


I'm not Mrcharlie, but his post described how to automatically back up the registry in Windows XP. If I read your post correctly, you have Windows 7. If you do have Windows 7 ERUNT will only automatically back the registry up if you set it up through the task scheduler. The link he posted to the directions for how to automatically schedule ERUNT to back up the registry in Windows Vista and Windows 7 is HERE. Follow them to schedule ERUNT to automatically back the registry up in Windows 7.
Hope this helps.

[dermotk]

godawgs,
Thanks for your reply, i have followed all MrCharlie,s guide but still not able to automaticily backup the registry,i checked task scheduler and the startup everything seems to be in order?any further advice would be appreciated.
One thing i do notice in C\windows\erdnt it don,t have autobackup after it.
I am running windows7 ultimate.

[godawgs]

dermotk,

For Windows 7 you shouldn't have anything in the StartUp folder. That's just for XP. If you set up the task properly you should have a Autobackup folder inside the C:\Windows\ERDNT folder.
Since I don't know what information you put in Task Scheduler, it's kinda hard to tell you why it isn't working. If you could take a screen shot of the task you set up for ERUNT, I might be able to see why it isn't working.

[dermotk]

godawgs,
I am not well up on comp.tech,how do i take a screen shot of the task,thanks in advance.

[godawgs]

dermotk,

Click here for an explanation of how to post a screen shot.
Click here for an explanation of how to add an attachment to your reply.

[dermotk]

godawgs,
Thanks again for your reply,i have attached,the 3 sections of task scheduler, ie;General,Triggers and Actions,as i was not sure by just attaching one that it would show you the full content.

Attached thumbnail(s)

• 
• 
• 

[godawgs]

Do you still have ERUNT in your Start Up folder? If so delete ERUNT from the Start Up folder.

[dermotk]

godawgs,
No i don,t have.

[godawgs]

dermotk,

Assuming that ERUNT was installed properly, let's try this.

1. Open Task Scheduler. When the Task Scheduler window comes up click on Task Scheduler Library in the left column. The ERUNT task should be listed in the top window of Task Scheduler. Click on it to highlight it and you should then see the ERUNT task in the bottom window.

2. Now, in the far right column under Selected Item click Properties.
On the ERUNT Properties page, click the Change User or Group button.
On the Select User or Group page, in the box under Enter the object name to select type SYSTEM and click OK.

3. Back on the ERUNT Properties page, click the Triggers tab. Then click the Edit button.
On the Edit Trigger page, make sure the Enabled box at the bottom of the page is checked and click OK.

4. Back on the ERUNT Properties page, click the Actions tab. Then click the Edit button.
On the Edit Action page, make sure that the Action: is set to Start a program. In the Program/Script box, make sure it says "C:\Program Files\ERUNT\AUTOBACK.EXE", be sure the quotation marks are included. In the Add arguments:(optional) box, make sure the following is in there %SystemRoot%\ERDNT\AutoBackup\#Date# sysreg otherusers /noconfirmdelete /noprogresswindow /days:7(Notice the spaces, they're important). Leave the Start in:(optional) box empty. Click OK.

5. Click OK until you get back to the Task Scheduler main page.

6. Close Task Scheduler.

7.Reboot the computer and go to the C:\Windows\ERDNT folder. You should have an AutoBackup folder inside the ERDNT folder. Inside the AutoBackup folder there should be a folder named XX-XX-XXXX (the X's are for the date that the backup was made). The ERDNT folder should eventually contain seven folders as the task has been set up to keep the last seven backups and then start replacing the oldest dated folder with the newest backup.

[dermotk]

Godawgs,
Thanks again for your reply,i followed your instructions given above and double checked that all was correct,but again there was no autoback folder in erdnt,i then uninstalled erunt and deleted erunt from task scheduler,then downloaded reinstalled erunt and carried out your instructions again rebooted my system but got the same result erdnt folder was empty.

[godawgs]

dermotk,

I think I misspoke. When you first install ERUNT and it automatically runs and backs up the registry, there will only be a folder in C:\Windows\ERDNT\ with the name of the date of the first backup ie, C:\Windows\ERDNT\xx-xx-xxxx(the x's are the date of the first backup. And a cache folder.

You won't get the C:\Windows\ERDNT\AutoBackup folder until the next time the computer is turned on after today and ERUNT backs up the registry. To check this, look in your C:\Windows\ERDNT folder and make sure that there is another folder with the date for the name of the folder. That will let you know that ERUNT was installed properly.

The next time you turn the computer on after today, if the AutoBackup folder in not in C:\Windows\ERDNT, you didn't set the task up properly.