Registry Replace

11330 pts.
Microsoft Windows XP
Recently, on my laptop, I got a few viruses. Some of the registry keys have been notoriously difficult to remove. These are strains that AVG anti-virus, Spybot Search and Destroy, McAffee, and Trend Micro weren't even able to get rid of...and I had to do manually. With that in mind, I'm sure there is still something in my registry somewhere. To get to the point, I backed up my registry a short while before the incident. The abilities of regedit are very limited. I want to REPLACE my registry with the previous file. Not import, REPLACE! I just want to stress that.

Answer Wiki

Thanks. We'll let you know when a new response is added.


If you only have a .reg backup, good luck.

If a value does not exist in the .reg file but does exist in the modified registry Then the value will not be removed or changed in the registry.

If a value exists in the .reg file and also exists in the modified registry then the value will be changed in the registry.
If a value exists in the .reg file but not in the modified registry Then the value will be added to the registry.
If a value does not exist in the .reg file and does not exist in the modified registry Then there is no action to be taken in the registry.

You cannot replace a registry with a .reg backup, only merge.

If you have a hive backup, this will work fine….

Open Registry Editor
Navigate to the location in the Key Pane (left pane) where the hive file backup is to be imported. This is an absolutely critical step. Do not ignore it or the hive file backup will be imported to the wrong location.
Click File > Import…
Make sure [Files of Type] is set to Registry Hive Files [*.*]
Navigate to the location where the hive file backup is saved, click the file, then click Open.

Verify the information in Confirm Restore Key dialog is correct and click Yes. If it’s incorrect, click No.
A Yes response will generate a confirmation dialog stating the information in the file has been successfully entered into the registry. Clicking No will end the process with no information being entered in the registry.

Hope you solev your problem

I use an automatic tool known as Wise Registry Cleaner for this purpose which when run automatically fixes unwanted/undesirable/wrong registry entries and prior to taking any action it takes a backup and confirms for the action to be taken. so it is quite safe to use.
Just write a batch file or a reg script to replace them all or do so in a live os, better yet just reformat and start over new? All you need to do is remove the registry entries with something like GMER kill the processes, and so on to get rid of the rootkit if there even is one… Even then, just because I’m a paranoid security freak, I would reflash my BIOs, overwrite my MBR then reformat.

Discuss This Question: 10  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Schmidtw
    I am perfectly familiar with the functions of reg edit and I appreciate your response, but it doesn't really answer my question. I am looking at replacing the registry. There could have been 1000 new keys added to the registry without me knowing about them. I got rid of the ones that are running programs in the background because those are (to be honest) easy to find since malware authors these days aren't very coy about it (FakeAntivirus.exe for example). I am concerned about the other keys that I don't want propagating other problems or regenerating commands. I need to know if there is a different tool I can use to completely replace the registry without reimaging.
    11,330 pointsBadges:
  • 40
    hi i thing ur regedit file corrupted and find the file by useing dos to configer ur file from ur os cd
    10 pointsBadges:
  • Dwiebesick
    The answer is no, you cannot replace the registery on a live computer, it is built during each boot from several sources. If you have scanned your system for malware with all know good programs, like on-line scans from,,, then I would not worry about trying to clean up your registery. If you are that concerned, for some reason, then try, JV16 Power Tools
    2,235 pointsBadges:
  • Schmidtw
    After this whole episode, I am still finding IE7 not opening a lot of graphics and other media. I think it might be because I set internet security to the max, but I'm not sure.
    11,330 pointsBadges:
  • Bobkberg
    Couple of things to try... . - Add one of the sites you're having trouble with to the trusted site list on the Tools/Options/Security tab and see if that has any effect. . - Look into "Registry Tool" which will allow you to edit another system's registry off-line. I forget how much I paid for it, but it's quite useful once in a while. . Bob
    1,070 pointsBadges:
  • Schmidtw
    With Registry Tool I should be able to modify the registry of my laptop from my desktop PC and correct any issues. I have used CCleaner's registry feature, but I am not sure how good it is at removing malkeys (malware-keys) (I just invented a word, I think). I will try Wise Registry Cleaner and Registry Tool depending on price. I have still having problems with spools.exe and ctfmon.exe. Both are hidden in some fashion where if I browse to the directory they are located in (verified by Spybot Search and Destroy as well as Kaspersky 7.0) they do not appear. I have used CMD to delete the files (del C:\Documents and Settings\Schmidtw\ctfmon.exe) and this works...for a while. I am also getting a bunch of randomly generated registry keys originating from C:\WINDOWS\System32\ and I am getting quite frustrated with those.
    11,330 pointsBadges:
  • Technochic
    malkeys, schmitdw, I love that! I've just added a new word to my tech vocab! thanks! :-)
    57,010 pointsBadges:
  • Chippy088
    Ah, back to people trying to get us to try a totally unsuitable products, because they are impressed with them. @jolin TuneUP is not worth bothering with to a serious user. We are professionals and tuning up PCs is our bread and butter. This functions of this program can be replaced by regular maintenance, by IT departments. @197173 the question was how to REPLACE the registry, not attempt to repair it. The program is virus/mlware related, but does not even attempt what was asked in the question. Please learn more about what the programs actually do, before you are suggesting them, and take the time to read all the answers already given.
    4,625 pointsBadges:
  • MelanieYarbrough
    Thanks for the heads up, Chippy088. I've deleted the irrelevant answers. - Melanie
    6,345 pointsBadges:
  • bhannah
    I know and trust CCleaner to remove bad registry entries after I have made sure that the Malware / virus is gone. If I have malware / virus that I am not sure that has been removed from a system, then I usually will remove the hard drive and place it in another enclosure to remove the possibility that the malware / virus is hidden in the boot sector, and then attach the drive to known clean system as a slave to prevent it from booting and then rescan it to remove any and all boot sector malware / viruses, and to remove any possibility of reinfecting the machine with the virus / malware from the boot sector. I then run CCleaner to remove all the bad registry entries.
    4,590 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: