How-To Geek

What Are “Shadow Copies”, and How Can I Use Them to Copy Locked Files?


When trying to create simple file copy backups in Windows, a common problem is locked files which can trip up the operation. Whether the file is currently opened by the user or locked by the OS itself, certain files have to be completely unused in order to be copied. Thankfully, there is a simple solution: Shadow Copies.

Using our simple tool, you can easily access shadow copies which allows access to point-in-time copies of the currently locked files as created by Windows Restore.

Image credit: Best Backup Services

What Are Shadow Copies?

Shadow copies are a concept which was first introduced in Windows Server 2003. It works by Windows periodically crawling the system and looking for file changes made since the last crawl and recording the changes. These changes are indexed and stacked on top of each other which creates a history of the file/folder. This process was then added to the Windows Vista OS under the System Restore function which is where it remains today. The technology is the foundation of the Windows previous versions functionality.

This is done in the background as a system level process (a Restore Point creation) which isn’t subject to the same limitations as user initiated file operations. As a result, the system is able to capture changes to files which are locked to the user.

So in order to access a locked file, we simply need to access the latest shadow copy. This is the same premise used by Windows Backup and other commercial backup products which are able to access, for example, Outlook PST files while Outlook remains open.

It is important to note, however, that since shadow copies are taken when a system restore point is created, the contents between the live file and shadow copy version can be different. By default, Windows creates a restore point every day so for most situations this should be a reasonable candidate for backup.

Accessing Shadow Copies

From this point, the article assumes you are using our tool provided via the link at the bottom of the article. The batch script should be placed in a folder set in your Windows PATH variable. If you are unsure, just place it in your C:\Windows directory and that should be good enough.

In order to access the files saved within shadow copies, we utilize the VSSAdmin command line tool which is included with Windows. This tool must be run as the administrator in order to function properly so when you open a command prompt, be sure to right-click and select the option to ‘Run as Administrator’.


Once open, our tool does the heavy lifting for you. To view the syntax and header information for the tool, just enter:

MountLatestShadowCopy /?


As an example, the command:

MountLatestShadowCopy C:\LatestShadow\ C:

will perform the following actions:

  1. Locate the latest shadow copy for drive C.
  2. Create a symbolic link/pseudo-directory “C:\LatestShadow”
  3. Make the entire contents of the shadow copy available at this directory.

Once complete, you are free browse the contents either through the command prompt:


or through Windows Explorer, just like any other folder.


When you are finished, you can simply delete the pseudo-directory through the command prompt using:

RMDIR C:\LatestShadow

or directly through Windows Explorer. The delete action simply unmounts the folder and does not actually delete the shadow copy.


Using in Scripts / Automated Tasks

The information above is all fine and dandy, but through manual operation it is more relevantly accessible via Windows previous versions. The leverage our tool provides is during automated processes.

For example, the script below will mount the latest shadow copy to the local directory “C:\MyShadow” and then copy the “outlook.pst” located in user JDoe’s documents folder to a backup server. Once finished, the local directory which held the shadow copy location is removed to clean itself up.

CALL MountLatestShadowCopy C:\MyShadow\

XCOPY “C:\MyShadow\Users\JDoe\Documents\Outlook\outlook.pst” “\\BackupServer\MyFiles\”

RMDIR C:\MyShadow

If you tried to copy the live version of the same file and the user had it open at the time, your file copy operation would fail. However, since we accessed the file via a shadow copy, there are no locks and the copy procedure virtually always succeeds. As stated previously, this procedure is pretty much exactly how popular backup products are able to do the same thing.

An important piece of information noted above is that in order to run the above script, or any script which uses the MountLatestShadowCopy.bat tool (which, again makes use of the VSSAdmin tool), the command prompt must be run as the administrator account. In order to use this tool inside of a scheduled task, the respective task must be set to ‘Run with highest privileges’ so that the automated process will have the ability to mount shadow copies using the VSSAdmin tool.


In a nutshell, performing file copy backups is almost always the safest when copying from shadow copies. While you will not always get the most up to date version of a file, the fact that you know the file will not be locked and the copy procedure will run can be quite advantageous under most circumstances.

Download MountLatestShadowCopy tool from

Jason Faulkner is a developer and IT professional who never has a hot cup of coffee far away. Interact with him on Google+

  • Published 11/26/12

Comments (10)

  1. k4rizmz

    You can also use

    vssadmin command to see more shadow copy commands.

    MountLatestShadowCopy did not work on my Win7 Pro.

  2. Jason Faulkner

    @k4rizmz – I developed it in Win 7 Pro and, for good measure, just downloaded the linked tool and tested it with no problem.

    Are you sure you launched the command prompt using “Run as Administrator” as noted in the article instructions?
    The tool is mere a simplified interface to VSSAdmin which requires elevated access to run.

  3. mike

    What are shadow copies and why should I care? How about that for a title instead of yadah…………………………………………………………………………….and yadah…………………….etc.

  4. Erik

    THANK YOU so much for this. Every research avenue I’ve taken in regards to VSS has lead to a dead-end. The usual conclusion was that Microsoft left it as an undocumented feature, and you could only access it through some special API devkit. Now to create my own backup app and kick my other one to the curb…

  5. LR

    is there anyway to do that in windows XP?

  6. Jason Faulkner

    @LR – XP doesn’t support shadow copies so this functionality will not work.

  7. LR

    Ok ,thank jason. I don’t use XP anymore,but i had the doubt

  8. ReadandShare

    @ Jason (or anyone else who knows):

    Is there a way to enable MS SyncToy to shadow copy? Right now, before using SyncToy to copy my data files to the external drive, I have to close all related apps first.

  9. Jason Faulkner

    @ReadandShare – I’m not exactly sure how Sync Toy works, but essentially in order to use the shadow copies you would have to mount it before syncing and then use your mount folder as the sync source (note that shadow copy mounted folders are read-only).

    It would work something like this:

    1. MountLatestShadowCopy “%UserProfile%\Desktop\LatestShadow\”
    2. Run Sync Toy using “%UserProfile%\Desktop\LatestShadow\” as the source.
    3. Delete the LatestShadow folder on the desktop when done.

  10. ReadandShare

    Thanks, Jason. I’ll look into this.

More Articles You Might Like

Enter Your Email Here to Get Access for Free:

Go check your email!