Registry Cleaners...

[S.]

Are they any good?
What are the impacts of having incorrect entries in the registry? Do they
make windows slower?

I ran Registry Mechanic on my Windows 2000 machine and it finds "136
problems"!
Are they really problems?

Thanks,
S.

 

[Jim Byrd]

Hi S. - In my experience all of these Reg cleaners, even the best, are
fraught with danger. I advise against using them except in one specific
instance, that is when you have one that is capable of doing specific Reg
searches, and you NEED (not just WANT) to remove the remaining traces of
something that didn't get uninstalled correctly. (and you didn't have
foresight enough to install it using Total Uninstall,
http://www.martau.com/tu.html or free direct dwnld here:
http://digilander.libero.it/molearchive3/tun235.zip or here:
http://freeware4u.com/modules/mydownloads/singlefile.php?lid=234, in the
first place.) (As an aside, there are, however, some third party Registry
Editors which can be of great help with both the incorrect uninstall and
with certain malware problems, especially some of theCoolWebSearch types
such as the AppInit_DLLs variant of the about:blank version of CWS, for
example. I can recommend Registrar Lite, here:
http://www.resplendence.com/reglite .)

There are a couple of specific bugs that can cause abnormal growth in either
the System or Software hives; however, they are rare, and unless these hives
in %SystemRoot%\System32\config are very, very large (in the hundreds of
megabytes), then I would council you to leave your Registry alone except for
the special circumstances I mentioned above.

I and most other MVP's that I know believe that Registry modifications of
any type are probably best done manually, very carefully, with a thorough
knowledge of what's installed on your machine, and what you're doing, and
then only when necessary. There's very little (if any!) noticeable benefit
in either space saving or speed achievable by cleaning out the Registry
except in those few cases where there's a specific problem the client is
experiencing (usually uninstall or malware related in my experience) that
needs to be fixed.

Lastly, if you must screw around with your Registry, then at least get
Erunt/Erdnt, and run it before you do the Reg clean. You'll then have a
true restore available to you. Read below to see why you might not just
using the Reg cleaner's restore:

Get Erunt here for all NT-based computers including XP:
http://home.t-online.de/home/lars.hederer/erunt/index.htm I've set it up to
take a scheduled backup each night at 12:01AM on a weekly round-robin basis,
and a Monthly on the 1st of each month. See here for how to set that up:
http://home.t-online.de/home/lars.hederer/erunt/erunt.txt, and for some
useful information about this subject.

This program is one of the best things around - saved my butt on many
occasions, and will also run very nicely from a DOS prompt (in case you've
done something that won't let you boot any more and need to revert to a
previous Registry) IF you're FAT32 OR have a DOS startup disk with NTFS
write drivers in an NTFS system. (There is also a way using the Recovery
Console to get back to being "bootable" even without separate DOS write NTFS
drivers, after which you can do a "normal" Erdnt restore.) (BTW, it also
includes a Registry defragger program). Free, and very, very highly
recommended.

FYI, quoting from the above document:

"Note: The "Export registry" function in Regedit is USELESS (!) to make a
complete backup of the registry. Neither does it export the whole registry
(for example, no information from the "SECURITY" hive is saved), nor can the
exported file be used later to replace the current registry with the old
one. Instead, if you re-import the file, it is merged with the current
registry, leaving you with an absolute mess of old and new registry keys.

 

[S.]

Thanks for the info Jim,

I ran Regestry Mechanic (demo version) just because I was curious. I don't
trust registry cleaners. Never the less it found 136 errors. Entries I would
have never known they were there; Invalid values, wrong path, invalid help
items, invalid file extention, etc.

My computer runs just fine and I have no problems with it but I must ask
again; what are the impacts of having incorrect entries in the registry?
Do/can they make windows slower over time?

Thanks,

S.

 

[Jim Byrd]

Hi S. - Well, if your "computer runs just fine" and you "have no problems
with it", then I suggest that in your specific case there are no "impacts of
having incorrect entries in the registry" (to the extend that you actually
do have some!).

If you experience problems with some specific program that you _know_ are
caused by some "incorrect" Registry entry associated with it, then a likely
better way of correcting them would be to first backup any data and then try
a re-install of the program in question if possible, preferably from a
"Clean Boot" (see below) so as to avoid the interference that probably
created the Registry error(s) in the first place. (Non-commercial Norton
c**p is noted for this, for example, although it's by no means the only
thing that will do so.) As a general rule I recommend doing any
major/important install using a Clean Boot, since it eliminates most
interference while retaining necessary system services such as the Windows
Installer.

Failing that for some reason, if you _know_ you have a Registry error that's
causing a specific problem (most of those reported by most Reg Cleaners are
usually innocuous, BTW), then use Erunt as I previously recommended so that
you can recover if something goes wrong (and get some help from someone
really knowledgable if you're not totally comfortable with dealing with the
Registry) and start manually debug the issue. (In my experience you won't
find that running a Reg Cleaner as an alternative to this helps at all with
your problem.)


FWIW, the second question I ask clients is whether they've used a Registry
Cleaner of any sort recently. (The first is if they have any
Norton/Symantec software installed.)



From my Blog, Defending Your Machine, addy in my Signature below:


#########IMPORTANT#########

Show hidden files and run all of the following removal tools from Safe mode
or a "Clean Boot" when possible, logged on as an Administrator. BEFORE
running these tools, be sure to clear all Temp files and your Temporary Inte
rnet Files (TIF) (including offline content.) Reboot and test if the malware
is fixed after using each tool.

HOW TO Enable Hidden Files
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2002092715262339

Clean Boot - General Win2k/XP procedure, but see below for links for other
OS's (This for Win2k w/msconfig - you can obtain msconfig for Win2k here:
http://www.3feetunder.com/files/win2K_msconfig_setup.exe ):

1. StartRun enter msconfig.

2. On the General tab, click Selective Startup, and then clear the 'Process
System.ini File', 'Process Win.ini File', and 'Load Startup Items' check
boxes. Leave the 'boot.ini' boxes however they are currently set.

3. In the Services tab, check the "Hide All Microsoft Services" checkbox,
and then click the "Disable All" button. If you use a third party firewall
then re-check (enable) it. For example, if you use Zone Alarm, re-check the
True Vector Internet Monitor service (and you may also want to re-check
(enable) the zlclient on the Startup tab.) Equivalent services exist for
other third party firewalls. An alternative to this for XP users is to
enable at this time the XP native firewall (Internet Connection Firewall -
ICF). Be sure to turn it back off when you re-enable your non-MS services
and Startup tab programs and restore your normal msconfig configuration
after cleaning your machine.

4. Click OK and then reboot.

For additional information about how to clean boot your operating system,
click the following article links to view the articles in the Microsoft
Knowledge Base:

310353 How to Perform a Clean Boot in Windows XP
http://support.microsoft.com/kb/310353
281770 How to Perform Clean-Boot Troubleshooting for Windows 2000
http://support.microsoft.com/kb/281770/EN-US/
267288 How to Perform a Clean Boot in Windows Millennium Edition
http://support.microsoft.com/kb/267288/EN-US/
192926 How to Perform Clean-Boot Troubleshooting for Windows 98
http://support.microsoft.com/kb/192926/EN-US/
243039 How to Perform a Clean Boot in Windows 95
http://support.microsoft.com/kb/243039/EN-US/
#########IMPORTANT#########

 

[S.]

Thanks Jim,



To tell you the truth I've been doing computer support for the last 12 years or so, starting with OS/2, Windows 3.1 and MAC... and I am very comfortable with the registry. This all started after receiving complaints from many of my clients that their machines are slow. One of them ran Registry Mechanic on his machine and used the results to justify the slowness and maybe try to get a faster machine. I think I'm going to remove his admin rights!



This got me thinking that he may have been on to something but I can't prove it. I work for an IT company that supports a bigger company with about 45K users and everything is used in terms of computer and OS. That particular group went from NT4 on IBM A40's (1Ghz) with 256mg of RAM to win2K and they all complain that their machines is about 30% slower than before. We install, of course, a corporate image and we are not allowed to modify it in any way or to run such tools (registry mechanic) by the corporate security group. So we looked at the apps they run, what starts on boot, etc, the hole troubleshooting thing but can't find what may cause the machines to run slowly. Everything is clean! I'm beginning to think that it's win2K, plain and simple, that run at that speed on that particular hardware setup.



Any ways, we are going to upgrade one machine to 512mg of RAM and have the network tested for potential performance problems. It's another company that supports the network itself and we have no access to it.


Thanks again!

S.

 

[Dan Seur]

S - have you checked all the basic stuff? You probably have, but it's
worth asking. I've not heard of registry garbage having a noticeable effect:
- if corp W2k image created via NT4 upgrade (not clean install),
probably a bad idea.
- standard pagefile size/placement OK?
- firewall settings, other security function settings crippling traffic?
- process priorities?
You might try on a spare machine a fresh W2k install, do the necessaries
to compare apples-apples with standard image machine, observe any
noticeable differences...?

 

[S.]

Hi Dan,

The process of changing an NT4 image to win2K or XP, here any ways, wipe
everything and installs fresh.

Everything is clean on our images. We know since its installed on thousands
of machines without complaints. This particular group however went from an
NT4 platform to 2K. They were used to work in that environment for years
until the change to win2k. Everybody noticed a change in performance.

What's puzzeling is that they all have the same basic image but don't use
the same apps. The majority of them uses a home application, wich we
suspected was the culprit, but the other half or so don't. So what next? We
looked at everything on their machines from the firewall to anti virus to
remote control tools to network printers to video drivers, etc, etc, etc and
find nothing relevent to the slow performance. The only thing left would be
the network itself... even though they had no problems under NT4. Could it
be the card drivers? they were updated and even downgraded without any
change in performance. If you think about something that could be done we
probably did it!

They are in a location fairly far from downtown and it could be the network
itself that's in fault. We'll see. There are unfortunatly no funding for a
test machine so it's not an option.

Thanks!

S.

 

[Jim Byrd]

Hi S. - I would certainly be suspicious of only 256MB in any Win2k system. That could definitely be marginal in a Win2k system if even a moderate amount of multi-tasking/networking is going on.

Also as an experiment, I'd try a Clean Boot w/firewall (unless you're using a corporate firewall) and then activating apps one at a time as they are needed to see if the slowdown is specifically app-related in the Win2k enviro and occurs with some specific activation.

Then - I assume you've already checked, but "malware" is always a first suspect in any slowdown situation and even if you think they started out clean could even conceivably have been incorporated into the "install image". I would run a one-time extensive set of tests - see my Blog and run ALL of the programs there - and also run Root Kit Revealer, here: http://www.sysinternals.com/Utilities/RootkitRevealer.html (Be cautious with the results.)

Lastly, Win2k is somewhat sensitive to the TCP/IP parameters used, and you might want to check these if the performance degradation appears to be network related. This site provides a good speed test: http://www.speakeasy.net/speedtest/ (Note the speed dependence on the geo distance of the servers, BTW.) Look for any substantial difference between your nominals for your network and what you're actually getting from a _local_ server, testing repeatedly at different times of day. You'll very probably get some improvement if you install and use the Win2k parameter set (from the Add-on package) here: http://www.cablenut.com/ for the nominal up/down speeds of your network vice the defaults. (Be sure to also get the Add-on package at the bottom. In my experience, you can often go to even larger Default Receive Window sizes for even more improvement depending on the quality of your connection to your Default Gateway if you want to experiment with this.)

Probably more than you wanted to know, but see if any of this helps.

--
Regards, Jim Byrd, MS-MVP
My Blog, Defending Your Machine, here: http://defendingyourmachine.blogspot.com/
Thanks Jim,



To tell you the truth I've been doing computer support for the last 12 years or so, starting with OS/2, Windows 3.1 and MAC... and I am very comfortable with the registry. This all started after receiving complaints from many of my clients that their machines are slow. One of them ran Registry Mechanic on his machine and used the results to justify the slowness and maybe try to get a faster machine. I think I'm going to remove his admin rights!



This got me thinking that he may have been on to something but I can't prove it. I work for an IT company that supports a bigger company with about 45K users and everything is used in terms of computer and OS. That particular group went from NT4 on IBM A40's (1Ghz) with 256mg of RAM to win2K and they all complain that their machines is about 30% slower than before. We install, of course, a corporate image and we are not allowed to modify it in any way or to run such tools (registry mechanic) by the corporate security group. So we looked at the apps they run, what starts on boot, etc, the hole troubleshooting thing but can't find what may cause the machines to run slowly. Everything is clean! I'm beginning to think that it's win2K, plain and simple, that run at that speed on that particular hardware setup.



Any ways, we are going to upgrade one machine to 512mg of RAM and have the network tested for potential performance problems. It's another company that supports the network itself and we have no access to it.


Thanks again!

S.