Is it possible to restore a previous Windows registry state without Scanreg.exe?



I messed up the Windows registry. I should be able to restore it to a previous state because Windows keeps a backup in C:\Windows\System32\Config I think. There used to be a tool called Windows Registry Checker Tool (scanreg.exe) that would allow you to not only restore to a previous Windows registry state but also to take backup of the current one, by using one of the two commands below.

scanreg /restore

scanreg /backup

But I am using Windows Vista, and apparently they have removed this from Vista and newer versions of Windows. So how do I do something like this in Windows Vista? Is there an alternative to scanreg.exe? Is there another way to backup and restore Windows registry?


Posted 2013-06-16T21:11:26.693

Reputation: 17 919

Please correct me if I'm wrong but it seems that backups of the registry were stored in C:\Windows\System32\Config in old Windows 9x versions. As of Windows XP/Vista it should be stored in C:\System Volume Information as part of the System Restore. – Samir – 2013-06-19T15:38:26.263

Does windows boot at all? – cybernard – 2013-06-19T17:09:13.970

@cybernard Yes, it boots now and it booted then. It belongs to the past now. It was just that some of the services were messed up, mainly the Windows Audio and the Audio Endpoint Builder which refused to start and I could not use sfc /scannow due to a repair pending error. But I have sorted it out by performing a repair install. It took 5 hours to complete but it works now.

– Samir – 2013-06-19T17:15:18.700



There is a way to restore the registry if System Restore is enabled.

If you can boot into Windows you can use System Restore to restore the registry by restoring the system to a restore point before the incident.

If you cannot boot into Windows, you can try booting into Windows safe mode. You can use System Restore from safe mode as well.

If you cannot boot into Windows normal mode nor into safe mode, you can try performing a startup repair, and at the same time restore the system to a restore point before the incident by using WinPE/WinRE.

  1. Boot from the Windows installation media (DVD).
  2. Select Language to install, Time and currency format, and Keyboard or input method.
  3. Click Next.
  4. Click Repair your computer.
  5. If the System Recovery Options dialog shows up, allow it to scan for Windows installations and follow the instructions shown on screen. It should give you the option to restore the system from a restore point.
  6. If you are not prompted to restore from a restore point, or if no startup errors are found you should see the main System Recovery Options screen.
  7. Click on System Restore and follow the instructions to restore from a restore point before the incident.

If you want to restore only the Windows registry you will have to do it manually. System Restore stores its Restore Points (RP) in a folder called _Restore{#} where # represents a Hex number. It is located in C:\System Volume Information. You will have to take ownership of this folder and all of its subfolders. Each restore point has its own folder of the format RP### where the ### stands for a 3-digit number.

After taking ownership of the C:\System Volume Information folder and its subfolders, locate the RP folder that goes back to a date before the incident.

For example, to restore Windows registry from restore point 100, issue following commands in a command prompt.

cd c:\system volume information\_restore{#}\rp100\snapshot
copy _REGISTRY_MACHINE_COMPONENTS c:\windows\system32\config\COMPONENTS
copy _REGISTRY_MACHINE_SECURITY c:\windows\system32\config\SECURITY
copy _REGISTRY_MACHINE_SYSTEM c:\windows\system32\config\SYSTEM
copy _REGISTRY_MACHINE_SOFTWARE c:\windows\system32\config\SOFTWARE

You don't have to copy them all unless you need to or you want to.

Reboot and the registry should be restored.


Posted 2013-06-16T21:11:26.693

Reputation: 11 200

I can see how this could be helpful. It doesn't quite answer the question but this is very good stuff. Thanks for sharing! – Samir – 2013-06-18T10:10:06.137

1@Sammy "restore to a previous Windows registry state" Since scanreg is gone this is the next best alternative. Create a new restore point and a new registry backup is taken. You can access the hidden folders above to get at all the backup registries. – cybernard – 2013-06-19T14:48:59.217

Unfortunately System Restore was disabled before the incident. So I didn't have the option to restore the registry that way. Or to try to restore to the previous restore point. But I didn't see the path C\Windows\System32\Config when I booted from Windows DVD and opened Command Prompt and tried to cd to this location. Is this normal? – Samir – 2013-06-19T15:19:34.237

The LiveCD is mount to X: c:\windows\system32\config is the real registry – cybernard – 2013-06-19T17:04:18.343

So the installed Windows system is offline when I'm in Command Prompt in WinRE? But when I do c: and then cd windows\system32\config it says not found. Is it because it is hidden?... Should I use attrib -s -h to show it? – Samir – 2013-06-19T17:21:26.663

try cd \windows\system32\config The / you missed actually makes a big difference. It only looks in the current directory. So if you were in c:\users and did "cd windows\system32\config" it would never work. – cybernard – 2013-06-19T17:26:37.077

At first I was at x:\ and then I typed in c: and hit Enter. It brought me to c:\ so I only switched the drive letter and it gave me the root of c. That's why I assumed that cd windows\system32\config should work as good as cd \windows\system32\config. I will check it now. But you are saying that I should be able to see c:\windows\system32\config from within Command Prompt when I boot from Windows DVD? – Samir – 2013-06-19T18:00:48.080

yes you should be able to see that folder. – cybernard – 2013-06-20T00:18:27.827

I have tried this now and it's true that C:\Windows\System32\Config and C:\System Volume Information can be accessed from the Command Prompt of Windows RE (Windows DVD). System Volume Information doesn't list any folders or files, but I can cd to it. It probably has to do with security, so I would probably need to take ownership of it and take full permissions over it. I don't plan on doing that unless I need to. I don't need it now. Thanks for the help! – Samir – 2013-06-22T12:16:26.590


There is no such thing. If you messed up the registry, do the repair installation (look at your other question about installing Vista over Vista).

  1. Boot into Windows
  2. insert the Windows DVD
  3. run setup.exe from DVD
  4. in setup select "Upgrade".


Posted 2013-06-16T21:11:26.693

Reputation: 86 560

Quite right! Thank you! As you have noticed, I have posted several questions lately regarding different Windows system tools, as part of my efforts to resolve the issue with the audio service. I didn't want to make one gigantic post/question. I think splitting it up like this makes it easier for others who have the same issue to find the questions and answers. The chances are also greater that someone will answer if the question is short and concise. I kept posting questions as I encountered new errors while troubleshooting. But you are right, doing a repair installation solved the issue. – Samir – 2013-06-18T10:18:32.590

ok, great to hear this :) – magicandre1981 – 2013-06-18T19:02:05.993