Friday, February 27, 2009

WINXP - Windows Registry

The Windows Registry, all you need to know is in the link, but in summary it is where Windows keeps information about your system and individual users.

The following is from the link article:



Advantages and disadvantages

The Windows centralized Registry has a number of advantages over legacy INI files:
  • Strongly-typed data can be stored in the Registry, as opposed to only textual information in INI files.

  • Separation of machine configuration from user configuration. When a user logs into a Windows NT/2000/XP/Server 2003 computer, the user-based registry settings are loaded from a user-specific path rather than from a read-only system location. This allows multiple users to share the same machine, and also allows programs to work for a least-privilege user.

  • Group Policy allows administrators on a Windows-based computer network to centrally manage program and policy settings. Part of this involves being able to set what an entry in the registry will be for all the computers on the network, and affect nearly any installed program — something almost impossible with per-program configuration files each with custom layouts, stored in dispersed locations.

  • Standardization of the method of storing configuration data across diverse applications.

  • The registry can be accessed over a network connection for remote management/support, including from scripts, using the standard set of APIs, as long as the Remote Registry service is running and firewall rules permit this.

  • The entire registry can be backed up more easily as it is just a small number of files in specific locations. However, it is much harder to back up and restore configuration of a specific application.

  • Since accessing the registry does not require parsing, it can be read from and written to more quickly than a text file can be. However, the registry becomes a large file to process once per boot.

  • Portions of settings like any subset of an application configuration can be saved in a text-based .REG file, which can be edited with any text editor later. .REG files can easily be merged back into the registry both by unattended batch file or by the user just double-clicking on the file without harming any setting that is not explicitly stated in the .REG file. This is very useful for administrators and support personnel who want to pre-set or pre-configure only a few options like approving the EULA of a certain application.

  • The registry is constructed as a database, and offers DB-like features such as atomic updates. If two processes attempt to update the same registry value at the same time, one process's change will precede the other's, so one will only last a short time until the second gets written. With changes in a file system, such race conditions can result in interleaved data that doesn't match either attempted update. Windows Vista provides transactional updates to the registry, so the atomicity guarantees can be extended across multiple key and/or value changes, with traditional commit-abort semantics. (Note that NTFS provides such support for the file system as well, so the same guarantees could be obtained with traditional configuration files.)

However, the centralized Registry introduces some problems as well:

  • Centralizing configurations makes it difficult to back up and recover individual applications.

  • The structure is complex and hard to manipulate in practice, particularly with the use of GUIDs to link entries together.

  • In practice manual manipulation of the registry is still required to do slightly unusual tasks, such as to move the data folders of an installed application.

  • Because the Registry structure is contained in binary files, damage to it is difficult to repair. In some cases, a damaged registry may even prevent a Windows system from booting successfully.

  • Increased memory overhead, leading to inevitable system slowdown as more software is installed on a particular system.

  • Any application that does not uninstall properly, or does not have an uninstaller, can leave entries in the registry. Over time the computer suffers "Software Rot" as the registry fills with left-over and possibly malfunctioning entries.

  • Installers and uninstallers become complex, much more than just copying files into a folder.

  • Applications that make use of the registry to store and retrieve their settings are unsuitable for use on portable devices used to carry applications from one system to another.

The last item on the above list is of special concern because of application installs that do NOT fully include changes to the Registry in the Uninstall data. Therefore when you choose to remove the software via Add/Remove Programs, or their Uninstall, Registry entries remain.

Though the article includes manual editing using the Registry Editor (RegEdit) I do not recommend its use unless you are an experienced technical user.

Having said that, a Registry that has errors can cause big problems, including system crashes. So the quandary is how do you keep the Registry error-free?

NOTE: Be aware that many Microsoft MVPs do not like Registry Cleaners. They have the opinion that they do more harm than good, or are unnecessary.

One solution is to find a good Registry Cleaning Utility. By good, I mean one that safely cleans your Registry by:

  1. Backing up changes so you can undo them
  2. Warning you of entries that are Unsafe to Delete

Here are 3 Registry Cleaning Utilities I have used:


  • TweakNow (freeware Standard & shareware Pro versions)

  • See the version comparison table on the page. Both versions include an excellent notification system; Safe to Delete, Not Fully Safe to Delete, Unknown.
    Unknown entries are further diagnosed by a Deep Scan.
    We use the Standard version at work on WinXP Pro SP3 desktop systems.

  • COMODO System Cleaner (freeware, includes Registry Clean module)

  • This is one that works with Windows 2003 Server as well as all other versions, we use it at work on our server.

  • RegCure (subscription shareware)

  • This is the one I use at home, but it lacks the user-friendly notification system of TweakNow. I recommend this only for knowledgeable users.

No comments: