regedit question - unable to load hive error

Yes, it initially did return the STOP code 0x00000051 error. I did run chkdsk before overwriting her registry files, and some bad sectors were found/fixed. Her computer is a 3 year old Dell, so I wouldn't be surprised if any of the hardware was about to give out, i.e. hd.

I've been cross-checking the install version of the hive against her corrupt hive, and so far the pattern seems similar. There are numerous entries, but generally all related to programs she's installed. At this point, I've been manually copying keys/subkeys from the corrupt hive over to the install version to see if that will enable her programs to work.

This is sort of a new question, but on the same issue/computer. I only copied over the software hive from the windows/repair folder, I left everything else alone. However, when the computer booted up, it created new users/administrators, and isn't referencing the old ones. I.e. under Documents and Settings, there are now 4 users (not counting LocalSettings, etc.) Administrator, Lexy, Administrator.LexyS, Lexy.LexyS (Lexy is the user name, LexyS is who the computer is registered to). The original Administrator and Lexy folders can be accessed, there are no restrictions, but the computer is running from the new ones. Any ideas why?

I'll list the details if you're interested, but o/w you can skip the next paragraph.

Any chance you can provide a .PML containing the events associated with regedit.exe when trying to load the corrupted hive?  Prior to capturing, it would be good to configure symbols...

uploads/29478/corruptsofthive.zip

Sorry for the double post.

About 7/10 of the way down, there's an <Unknown> Operation, and reading across, it says INVALID PARAMETER in the Result column. About 3 entries before, you will notice two ReadFile requests, both successful, but with different Offsets (0 vs 4096).

Loading the regular software hive, you can compare and see the difference in processes. At 2:49:28.2524573 pm, you will see the same ReadFile process, with Offset 0, but it moves on to the next Operation, CreateFileMapping. I will upload the zip for that as well.
uploads/29478/regularsofthive.zip

As I mentioned before, I'm not familiar with the program so I can only guess at the meanings of each Operation. I'm not quite sure what Offset means, but I can always google it.

Thanks you guys.

I think the registry events are included, as well as filesystem events. In fact, all events should be included, I just filtered by including only events related to the software file. Specifically, I put a filter saying Path contains fatcat\Desktop\software, then Include.

I ran it again and saved another log file, but this time filtered only by time. I also did not save any profiling events, which helped keep me under the 500 kb limit.

uploads/29478/corruptswlog2.zip

So... no luck, then? I'm stuck?