Manual System Restore

[usasma]

Back in the XP days we'd perform a manual system restore by booting to a "live" OS and replacing the registry hives with backups that were generated previously.

I thought that this had gone extinct with the advent of the newer OS's until one of the techs at work tried it on a Win8 system yesterday.

The system had a doskey exploit that put a password on the screen before the system even reached the login.
We used a live CD, renamed 5 of the hives to .bak and then picked copies from a backup dated from 3 October
And, viola!, it booted to the desktop!

I'll be posting more details (and will also add it to my website) as soon as I get a bit of time! :0)
Just wanted to post here so that others would know about it

 

[Digerati]

Please note if the computer/motherboard in question had UEFI or the older standard BIOS.

 

[usasma]

UEFI

 

[Digerati]

Hmmm, then I find it interesting W8 allowed the tech to boot to an unfamiliar CD. Do you know if "Secure Boot" was enabled? I note it is enabled by default on factory built PCs with OEM W8 installed at the factory.

 

[usasma]

We have a proprietary boot DVD that allows us to boot in UEFI with SecureBoot still enabled.
We boot into a version of Windows PE that's on the DVD.

 

[Digerati]

Ah! As in here. Gotcha. Thanks.