What is The Registry?

keyboard with toolsThe registry is a huge database on Windows computers that stores information essential for running Windows and the individual programs that are installed. It also stores information such as the lists of “most recently used” documents that are often available in programs such as word processors and spreadsheets. This database is automatically updated by Windows and the programs using it. The registry is absolutely essential for the running of a Windows computer and the integrity of its structure is also absolutely essential. Never mess with the registry unless you know what you are doing and what the consequences might be.

Why clean it?

Cleaning the registry used to be just a part of “housekeeping” to keep a Windows computer running smoothly and as fast as possible. Nowadays, though, users often encounter registry cleaners when surfing the web to find solutions to problems involving malware and viruses. In this context, the registry is a place that can harbour nasty things, so cleaning it is intended as a way of removing these.

What are Registry Cleaners?

Genuine registry cleaners are programs that scour the registry looking for, and fixing, problems with individual items such as orphans items (settings that refer to programs that are no longer installed) and redundant items (such as those referring to previous versions of installed programs). They now also claim to search the registry looking for (and removing) entries that enable malware to run. These are all tasks that are very difficult, if not impossible, to carry out manually on account of the sheer size of the registry and the difficulty for humans in deciphering just what the individuals entries are.

Why not use Registry Cleaners?

Even if they do any good at all, the benefit is an insignificant drop in the ocean. I have been unable to find any evidence whatever that there is any measurable improvement to a system that has had its registry cleaned. Also, as the hardware resources have improved (size and speed of memory, hard drive space, processing speed and power), the effects of having a marginally sub-optimal registry database have probably become less significant. Indeed, Microsoft don’t even provide any method of cleaning the registry. They used to have a product called Windows Live OneCare that included a registry cleaner but support for that ceased in April 2011 and I don’t know of any successor.

Even if the registry cleaner is “well meaning” and is trying to do nothing but good to your system it may break it. And when I say “break it” I mean “really break it” – from rendering individual programs unusable to rendering the entire system unbootable. Short of a hard drive failure, this is just about as serious as it gets. Even if the risk of breaking the registry is low, the consequences of breaking it are very high so the potential marginal benefits are just not worth seeking out.

Moreover, a lot of so-called registry cleaners are not only ineffective and/or incompetent, they are also intent on doing harm. This usually takes the form of trying to convince you that your registry is full of problems and that you must pay for the program to clean the system up. This “persuasion” (by what is usually called a “scareware” program) can even extend to hijacking your system and holding you to ransom. In this case, the “registry cleaner” is out-and-out malware. The program takes control of your computer and holds it to ransom – you must buy the program to get control back. It gets much worse than that, of course, as buying their program does not guarantee that that will be the end of the issue and you have now given your credit card details to extortionists. Not wise.

What are the alternatives?

As far as optimising the registry is concerned, forget it. Life’s too short. It’s not worth worrying about and not worth taking the risk of breaking it.

As far as malware removal is concerned, use a free reputable malware removal tool such as MalwareBytes and/or SpyBot.

You are browsing the web when a popup message box suddenly appears suggesting that you have been infected with something, or are at risk of something, or you are being offerred something unexpectedly (and suspiciously).

You don’t know whether it’s genuine or not and you may or may not be familiar with the website that you are visiting.

The options it seems to offer may be clear or ambiguous, attractive or unappealing, well-written or illiterate. Actually, none of that matters very much. What matters is whether you think that the message is genuine or is something you would prefer hadn’t popped up and which you’d like to get away from as quickly as possible. If you think that the message is benign and you are prepared to go along with what it suggests then the rest of this article does not apply.

If you are still reading, then you are concerned about the situation and you do not trust the message.

What do you do?

My advice is straightforward:

DO NOT

  • Click on the option that seems to offer a solution to a problem you didn’t have 30 seconds ago (and which you probably don’t have now)
  • Spend five minutes agonising over the potential consequences of the different options.
  • Try to work out the motivation of the perpetrators
  • Click on the “X” at the top righthand corner of the box to close it. Note: I just said DO NOT click on the “X” ……….

DO

  • Get out of the situation ASAP

    Clicking on any button in the box – even the “close” button – can have any consequence that the perpetrator has designed. All (s)he is interested in is getting you to click on something so that the master plan is triggered into action. I repeat, do not click on ANYTHING in the box – even the close button.

    Instead, close the browser (Internet Explorer, Firefox etc) immediately using the Task Manager. This is achieved as follows:

    Task Manager window with browsers loaded

    1) Right-click on the clock at the bottom right-handcorner of the screen.
    2) Left-click on the “Task Manager” option.
    3) Left-click on the “Applications” tab.
    4) Look for the line(s) in the list that relate to your internet browser. In the example here I have four different browsers running – Chrome, Opera, Firefox, and Internet Explorer. Note that the description against each browser icon is the title of the web page that is being displayed in that browser window at the moment (eg I am looking at the BBC website in my Chrome browser). In this example, I have no programs loaded other than the four browsers. You would normally see the entry for your browser amongst entries for other open programs (eg Word, Excel).
    5) Click on the line for the browser in which the popup has just occurred.
    6) Click the “End Task” button.
    7) If you happen to have that browser open in several windows, such that there are several lines for it in the Task Manager, then I would recommend closing all of them.
    8) Close the Windows Task Manager by clicking on the “X” (top right-hand corner).

  • Run the “on demand” scanner of your antivirus program to check whether you machine has been infected

    As far as I know, all antivirus programs have the ability to run a complete scan of your computer “on demand”. If you can find that option and run it then it will provide some peace of mind. If you can’t find this option then your antivirus program is probably set to run a complete scan automatically once a day anyway so you will probably know in 24 hours if you did, in fact, “catch” something.
  • Consider downloading and running an antimalware program

    Be very very careful if downloading any other antimalware program as some of the offerings are exactly the opposite – malware disguised as antimalware.

If you need more help, remember that my remote control support service is available – see http://www.davidleonard.net/remote-support/

© 2011-2017 David Leonard
Computer Support in London
Privacy Policy Suffusion theme by Sayontan Sinha