Recovery Manager v1.2

Reviewed by: Jack Reikel, January 2005
Published by: Winternals Software LP
Requires: Any PC running Windows Server 2003, Windows XP or
Windows 2000 or NT 4 with Service Pack 6a; Windows NT 4 systems in Active Directory domains also require the Active Directory Client Extension; protected client systems must be running Windows Server 2003, Windows XP, Windows 2000 or Windows NT 4 with Service Pack 6a and must have File & Printer Sharing and the C$ and Admin$ administrative shares enabled; systems running the Recovery Wizard to remotely repair other computers must run Windows Server 2003, Windows XP or Windows 2000

MSRP: $29.00 (each workstation), $299.00 (each server), $69.00 (each concurrent administrator) - minimums may apply, volume pricing available

Windows users sometimes live in fear—of bad patches automatically downloaded and installed by Windows update, of bad video driver installations, of poorly tested program installations which turn the Registry into corrupted mush—and have very few ways of easily alleviating that fear. Winternals Software is a developer of systems availability and performance programs for Microsoft-based computer networks. The company began life in 1996 and has produced a steady stream of useful software since then designed for use mainly in enterprise-wide applications. Recovery Manager is designed to restore unbootable or unstable computers suffering from damaged data or incorrectly installed files. It does its job by creating a database full of recovery points (based on dates and times) to which you can rollback your computer in order to restore its proper operation. Sounds like a great concept, yes?

Recovery Manager works by focusing exclusively on the Windows operating system, taking scheduled snapshots of critical system files and configuration settings. When virus attacks, faulty patches, buggy security updates, dumb user errors, corrupt drivers and other problems mess up a computer on your network, Recovery Manager can be used to remotely restore all or any part of the damaged OS and bring the machine back to life without overwriting data. For computers which will not boot at all, Recovery Manager lets you create a bootable recovery CD that can be used to get the dead system up and running again. Recovery Manager is not a hardware analysis wizard or hardware system utility of any kind.


Some of you may be wondering about Recovery Points and Restore Points. For the record, recovery points is a term used by Winternals and restore points is a term used by Microsoft. A recovery point is a specific record of a computer's system files and configuration settings on a particular date and time. Like a Windows XP restore point, a Recovery Point can be applied to undo harmful changes and to restore a system's settings and performance without losing recent work such as saved documents, e-mail, history or Favorites lists. But there are important differences between recovery points and restore points. For example, Winterals' recovery points operate across a network; Microsoft's restore points do not. Recovery Points can resurrect unbootable or locked-out computers; restore points are only useful as long as the computer on which they're stored remains accessible. Recovery points can be applied in their entirety or selectively for certain drivers, services and so on; restore points are full-system only. Recovery points can be created for Windows XP, 2000 and NT servers and workstations; restore points are restricted to XP. Microsoft's genuinely flaky System Restore function contains data which is easily corrupted rendering previously unstable systems totally unbootable; Winternals' recovery points are not subject to such instabilities.

In keeping with the Kickstartnews philosophy of "real reviews by real users" we installed Recovery Manager on a control workstation in a small but busy network environment (a segment with 2 servers, 6 workstations, 3 laptops). The program installs three things: a) the Microsoft Data Access Components (MDAC) interface, b) a free version of Microsoft SQL Server, and c) the Recovery Manager snap-in for the Microsoft Management Console (MMC) built into Windows. The point of the exercise was to set up Recovery Manager, create restore points automatically, and generally hope that one of the computers went down so that we could then see how well Recovery Manager works. The only problem was that after a week of normal use and some additional poking and prodding, none of the computers on the network showed any signs of going down. So we did the next best thing—we cheated. The simple act of overwriting a known good Windows system file with one we deliberately corrupted did the trick. We corrupted copies of some critical system and driver files by loading them into HexEdit (a binary editor), altering information, and saving the changes. We then used the newly corrupted copies, after booting into MS-DOS, to overwrite the good files. Needless to say, the corrupt files had the required effect with one system going down entirely (it became unbootable) and the other becoming ridiculously unstable (programs would not launch properly, random spontaneous restarts, etc). Prior to doing any of this, we used the scheduler in Recovery Manager to create intervals at which it automatically set recovery points for all the different computers on the network segment. The data for each recovery point is stored in a SQL Server database.

The main component of Recovery Manager is the MMC snap-in that provides full access to all of the recovery points for your system. Having a SQL Server installation on your computer is one thing, understanding how to access it is another matter altogether. Recovery Manager puts a friendly, easy to understand face on SQL Server through the snap-in.

We attacked the unbootable computer first by using the Recovery Manager bootable recovery CD which we created using the software installed on the control computer. We then booted the dead computer and set the BIOS to boot from CD. After restarting with the boot CD, the Recovery Manager utility found the recovery point data easily and we selected a recovery point. Recovery Manager reset the system, restarted the computer and all worked normally again. The second computer was restored remotely by accessing it from the Recovery Manager snap-in. We were able to see the problem system, access the error log file and selectively recover the corrupt driver files. It all worked like a charm.

Cons: If you don't disable your antivirus software, there is a chance its background operation will mess up the SQL Server and Microsoft Data Access Components installations which take place prior to the installation of the Recovery Manager snap-in. And since Recovery Manager can't complete its initial configuration routine without a proper working SQL Server, you will be ticked off at having to reinstall. We're going to suggest that Winternals add a routine to its installer which detects any running antivirus software and tells users to disable it until after Recovery Manager has done its thing. This is not software for the casually amused computer user, rather this is serious stuff that is best used by IS/IT people or at least advanced small office, advanced small business or advanced home computer users.

Pros: The Recovery Wizard is extremely cool. Successful recoveries are even cooler and Recovery Manager is essentially flawless in most situations. Highly configurable. Point & click to select a recovery point and that's about all the work you have to do. Restoring a system does not lose or ignore documents which were created after the date of the selected recovery point. We also loved the driver & service manager feature which lets you change driver and service settings or simply disable a driver or service which is preventing your system from booting or functioning properly. The ability to change passwords on a networked computer for which the password has been lost or forgotten is extremely useful. The event logs provide an excellent view of any remote system to help understand why the system is acting up, another thing which can't be done with Windows System Restore. We loved the ability to compare the differences between two different recovery points in order to determine which specific aspects of a particular point should be applied. Using Recovery Manager as part of a comprehensive data and system protection policy (alongside regular system and data backups, actively updated antivirus software, defragmentation software, SpinRite 6 and a good firewall) is one of the best practices we know of to ensure computer and data security. A word to the wise - install Recovery Manager before installing Windows XP Service Pack 2. Highly recommended.




© Copyright 2000-2007 All rights reserved. legal notice
home | previous reviews | forums | about us | search | store | subscribe


Forums Search Home Previous Reviews About Us Store Subscribe