Removing a virus or worm usually requires editing the Windows Registry, and the first step we recommend is to back it up. In the past, we've pointed readers to the Microsoft Knowledge base article KB322756 for details on backing up the registry. However, when it comes to backing up the whole registry, the KB information gets a little complicated when it doesn't need to.
One caveat, the technique described below only works for restoring non-catastrophic registry failures. It is intended to preserve settings in a healthy registry. Any registry editing should be done only by someone who knows what they're doing. If you're not familiar with the system, you may want to use the System Restore to save a snapshot of your system. If your system becomes unbootable through a registry editing problem, you can roll back to a working state.
The Windows Registry is a database that stores most if not all configuration information for Windows. Replacing the earlier INI file architecture of Windows 3.x, the registry allows you to have all your settings centrally accessible. Unfortunately when you put all your eggs in one basket, you risk losing the whole thing if you make a mistake when working with it.
The technique of backing up the registry is essentially to use the Windows Registry Editor, Regedit, to export all information to another file. You can export either a single key or tree branch, or the whole registry.
To begin, run Regedit from the start menu by clicking Start, Run and typing in Regedit and pressing the <enter> key. In the registry editor click on the "File" menu for Windows XP, or the "Registry" menu for Windows 2000/9x. and select Export. In the Export Registry File dialog box, navigate to a folder to save your file. In our example (Figure 2), we created a sub folder in our Temp directory. You'll need to name the file, in our case, "RegBack", plus the date.
By default, the setting will be to save "Selected Branch". It is important that you change the Export Range to "All", or you will not be saving the complete file. Click on Save. The process can take anywhere from a few seconds to a minute or more, depending on the size of your registry and speed of your computer. The file is automatically given a .REG extension.
To Restore the registry backup, you reverse the procedure, clicking on Import, and following the prompts. For more information see the Microsoft Knowledge base article KB322756.