Mr Tweaks - Back to homepage

Shop | How to | Reg Edit Tips | Got An Error? | Mac Tips | About Us | Products Page | Tips | Cable & ADSL | News & Events | Strange Tips | Contact Us | Links | Security | Mail | Modems


Potential Registry Problems

If the Registry is severely damaged, access to hardware and software may be drastically limited, and the system may not even boot. Even in a case of a minor problem, an application may not work as it was designed, or may perform erratically.

Although Registry problems are rare, when they occur it can be devastating to the system, to applications, or even to data. The Registry is protected while it is running, so it is not possible to copy, delete, or change the contents, except through a "certified" program (installation programs, registry editing tools, and security changes through User Manager for Domains and the Explorer). Because of this protection, the Registry is quite secure--but it is not bulletproof. Problems can and do occur, and you need to be prepared to recognize them so you can fix them.

How to Recognize When You Have a Registry Problem

Most of us have heard of or felt the following symptoms, all of them characteristic of Registry problems:

  • "It worked yesterday, but it won't work today."
  • "It worked until I added this software/hardware, and now I can't use it."
  • "My system doesn't work the way it used to."
  • "When I try to shut down the computer, it just keeps beeping and beeping."
  • "My computer won't start up."
  • "Eeeeeek! It's the dreaded Blue Screen of Death!" (See Figure 3.1.)

An example of the Blue Screen of Death in Windows NT.

NOTE: The STOP message in Windows NT (lovingly called the Blue Screen of Death) identifies the type of exception. The second line qualifies the exception, showing whether it was user mode (involving user-mode operating system software) or kernel mode (involving the operating system or third-party drivers or hardware). The third and fourth lines describe which components were actually involved and at what addresses. The error in Figure 3.1 shows that it was a SCSI driver that failed. Check for compatibility and be sure you have the correct driver. It could also be that the settings were in error, meaning either they were wrong when they were added, or the Registry got corrupted and reported them incorrectly.

Each one of the symptoms or complaints listed is serious, although the seriousness of the problems varies. In any case, Registry problems will force you to take the time for repair, wasting precious productivity for your organization.

Recognizing the actual problem may not be as easy as recognizing the symptom. When problems occur, you generally assume, rightly or not, that it was something you did. That seems to be ingrained in us from our youth. For example, if a program starts acting strangely, we try to retrace our keystrokes to determine our mistakes. This is reinforced by the first question that comes from the mouths of support staff: "What did you do?" (with emphasis placed on different words based on their disposition at the time).

It might not even have anything to do with user mistakes. Problems in the Registry occur for various reasons, and often the symptoms mask the real nature of the problem.

Registry Problems

Rather than dealing with the symptoms, deal with the problems that can occur. With every type of control available through the Registry, there is a corresponding potential problem, as illustrated in Figure 3.2.

Sometimes, it feels like a whole set of dominoes falling down. One problem affects another, which limits the use of another item, and so on. An example would be the effect of a Registry error in the configuration of a network card. Without the correct information, the card cannot be activated. Without the card activated, no data can be transferred on the network, the server cannot be contacted for logon, and no user validation is possible. The user gets an error message that no domain controller can be found, and network resources may not be available. Is it really a problem with the server? Not at all.

The cascading effects of errors in the Registry.

The process can be difficult to stop, and often it is difficult to determine exactly what caused it and where it started.

It is obvious, however, where it ends: a loss of productivity for the organization, wasted time, and possibly even severe financial losses.

If the Registry gets corrupted for any reason, system or application functions may fail, and a support technician must isolate the problem and repair it.

The Registry normally works, most of the time, without any problems. It can, however, get corrupted in many ways. Programs that you add to the system, system changes and problems, and manual changes are the three main ways that errors are introduced. Of course, the results of these errors can vary in their scope and seriousness.

The three most common ways the Registry gets corrupted are

  • Applications and drivers are added to the system
  • Hardware changes from settings or failure
  • Users make changes to the Registry

It is impossible to prevent all errors from happening. If you know what can happen, it is easier to troubleshoot errors. By protecting the Registry (as outlined in Chapter 4, "Protecting the NT Registry," and Chapter 6, "Protecting the Windows 95 Registry"), you always have a safety net. By using the tools and procedures discussed in Chapter 5, "Recovering from an NT Registry Failure," and in Chapter 7, "Recovering from a Windows 95 Registry Failure," you can recover from even the most severe problems. Take a look at each of the types of problems in more depth.

Program Errors

Adding and removing programs account for the majority of errors found in the Registry. Most users add between six and seven applications, and add or upgrade drivers, four or five times per year. During initial installation and setup, the numbers are even greater.

WARNING: One of the original requirements for programs to receive the "Designed for Windows 95" logo was that the application is also compatible with Windows NT. That requirement has been reduced to "tested on Windows NT." At the very worst, if the application doesn't work with NT, it is supposed to "degrade gracefully," which means it will not damage NT. Unfortunately, that is not always the case, particularly with applications that use Plug and Play. With no support from NT for Plug and Play, many applications make unfortunate assumptions that create serious problems in the Registry. To their credit, Microsoft shipped a Software Compatibility List with the early betas of NT 4.0. Unfortunately, they did not continue that with the shipping version, assuming that all the applications in the Windows 95 list would work. Here are the most common reasons that applications cause problems with the Registry:

  • Poorly written application (bugs)--There are no applications without bugs or errors. In the best case, the errors that are there are minor, esoteric problems that you may never see, which were left alone because of time and money constraints. To a programmer, a problem may be minor, but it becomes a major problem to you if it crashes your system. With the current pace of operating-system and application-version changes and updates, it is nearly impossible to ensure that everything will work together correctly. Also, today's common practice of releasing "beta" software to allow programmers and users to prepare adequately is a two-edged sword. As an example, with NT 4.0 beta 2, Microsoft released features that did not make the final release and significantly changed other features. Applications that expected or required certain elements may not work as well as planned.
  • The widespread lack of flowcharting program logic and using only pseudo-code to program may also create severe problems. The logic may simply be flawed. A programmer may have inadvertently hit an uppercase O when a zero was called for. Many software vendors have been forced to severely slash their development budgets, and users often face the brunt of errors.

: It sounds as if I don't appreciate programmers. Actually, I do. I believe they do a tremendous job, even when faced with unbelievable deadlines, massive budget cuts, incredible hours, and more tedium than most people could ever live through. I am amazed daily that computers and software can do what is considered commonplace. Keep it up.

  • Driver incompatibility--Most drivers are tested in as many environments as possible before being shipped to the general public. The open architecture of the PC world creates significant risk because any type of eclectic combination of parts and pieces is possible. Testing all combinations and ensuring the compatibility of all the devices is impossible. The other challenge arises when drivers for Windows 95 are used for Windows NT. In all but one type of driver, the drivers are unique between the platforms. Windows 95 drivers may directly access the hardware they control, and Windows NT drivers are prohibited from doing that. The exception to the rule of unique drivers is modem drivers. The same drivers that are written for Windows 95 will work with Windows NT. NT 4.0 modem drivers will also work with Windows 95. However, NT 3.5x drivers will not.
  • Incorrect drivers used--If an incorrect driver is used to activate a device, that device may not work as designed. For example, Xircom has a great PCMCIA modem for laptop computers. It uses a specific driver that is on the manufacturer's driver diskette, and the driver also ships with NT. However, depending on the firmware version on the card, the driver may not work. There is an old version and a new version of the card, and each requires a specific driver to work correctly.

Because of the relationship between Windows 95 and Plug and Play, drivers in Windows 95 normally do not have the same problem as in Windows NT. If a driver is replaced on the hard disk by accident, or if the firmware changes, Windows 95 will simply install a new driver.

  • Incorrect entries added to the Registry by the application during installation--During installation, most applications use a file called SETUP.INF for detailed information about what disks are required, which directories should be created, where to copy files, and Registry entries that need to be made to make the application work correctly. If there is a mistake in the SETUP.INF file, the change will still be made, and there may be serious problems.
  • Incorrect associations set between applications and file types by an application--When an application is installed, default document types are recorded in the Registry. A user can then double-click to start the application and load the document. Many times, other applications use the same extension. For example, the last graphics program loaded will be the one launched when a TIF graphic is activated based on the settings in the Registry. Occasionally, completely different, non-compatible applications will use the same extensions on their document files, and the document-loading shortcut won't work. In the best of cases, you may still have to change the associated application to another.
  • Errors created during the uninstall process--Whether you remove applications through Add/Remove programs in the Control Panel, through a proprietary uninstall feature of the application, or through a third-party utility, you run a risk of damaging the Registry. Besides taking out the program, auxiliary, and data files, an uninstall routine may attempt to remove Registry entries as well. It may inadvertently remove required entries for other applications because it is nearly impossible for the system to know all the entries accessed by an application.
  • Errors in fonts--When the font ID in the Registry gets corrupted, you will see a different font than the one listed in the application. It can be annoying and may require you to remove some or all of your fonts and replace them. For an example, see Figure 3.3.

The actual font does not match the name of the font.

Unfortunately, you may find out about these problems too late, after you have lost time, money, and/or data. Also, you are almost powerless to truly solve them, because someone else wrote the program, and most people do not have the expertise required to change the application itself. The best you can do as an administrator is to repair the Registry and look for an update or replacement.


The term "bug-free applications" means that the program will work, as promised, the first time and each and every time. In order to have that, everyone would either have to have systems that are all exactly alike, or wait for every possible bug to be worked out before we got the programs. I am not sure we would like either. On the other hand, do we have to put up with error-prone, buggy, poorly designed, and poorly executed programs? No! Even the software behemoths have learned the hard way that they need to have well-designed, well-written, and extremely well-tested software to compete. Vote with your feet, and with your pen. Let them know how you feel, and then always get the best software and drivers you can. If the software and hardware/driver companies want to stay in the business, they will have to continually strive to do better.

System Problems

If the computer system itself has a problem, the Registry can become corrupted. Usually, these errors can be prevented with proper system care and management.

  • Virus--Viruses are an insidious attempt to affect our systems by changing the nature of files. Much as viruses attack the human body by replacing good cells with bad, or damaging the cells that are there, computer viruses do the same thing with files on disk drives. You get them the same way, too. Contact with infected drives allows the viruses to migrate to a clean disk. Normally, you get them from floppies that have been infected by another system, from files downloaded from online and Internet services, and very occasionally, from application installation disks.

Windows NT is actually quite resistant to most strains of computer viruses. For example, it will not allow viruses to invade the boot sector. Some of the new viruses, such as Word macro viruses, can be devastating to the Registry. A simple virus-checking program, such as those from Symantec/Norton Utilities and McAfee and Associates, works very well.

  • The actual NT Registry size is greater than the Maximum Registry Size in the Control Panel--The maximum Registry size is directly related to the size of the maximum paging file. Although it cannot get larger than 12MB, if your system has only 32MB of RAM, the maximum Registry size is 8MB. If the size of the Registry hits or tries to exceed the maximum Registry size, it will no longer be usable, and may cause a STOP error.
  • What you can do about this problem is to change the maximum Registry size with the System functions in the Control Panel. Select the Virtual Memory button in the Performance tab, and set the Maximum Registry Size as shown in Figure 3.4. If the paging file size needs to be adjusted, you will be prompted automatically.

Reducing the size of the paging file in the Virtual Memory portion of the System section of the Control Panel in NT may reduce the maximum Registry size. Even though the system will warn you, some of those warnings go unheeded, and the Registry may be in peril. It is highly recommended that you make sure the maximum Registry size is at least 2MB larger than the current size. If you are going to be adding hardware or several new user accounts, check this before proceeding.

This is not a problem in Windows 95; it always has a variable size for the Registry.

  • Electrical surges, spikes, or brownouts--Nearly all power problems can be easily avoided with good surge protectors and UPS devices (uninterruptible power supplies). Starting at less than $50 for good surge devices and less than $100 for UPS devices, it's cheap insurance against error. Not only will a UPS make your hardware last longer, but if anything is being written to or read from the hard disk at the time of the power problem, it is most likely that information will be damaged or destroyed unless a UPS keeps the system running, even without normal power.
  • Disk problems--Most of the time you will replace hard disks because of capacity limitations far sooner than you would because of hardware failure. If the whole hard drive fails, of course, you will have to restore your Registry from a backup. The other concern is the failure of individual sectors or clusters on the drive. Although it is highly unlikely with today's systems, a fault in the surface of the drive media may make parts of the disk unreadable, including those where the Registry files are located. Regular maintenance is critical, and a good backup is vital.

: Windows NT file systems include the capability to hot-fix the drive (that is, repair errors on the fly) most of the time without your even being aware that there was a problem. If you have a Registry problem resulting in the Blue Screen of Death, it may help to run CHKDSK.EXE from the \WINNT\SYSTEM32 directory.

Manual Changes

When people manually edit the Registry, they are prone to make errors because of the complexity of the data, and the errors may be significant enough to cause the system to quit working. It is very unfortunate that Microsoft has chosen to deal with the Registry and Registry editing as a "black art," leaving many people in the dark as to the real uses of all the settings in the systems.

Microsoft's refusal to adequately, and publicly, supply information about the correct settings is extremely frustrating to system administrators. Certainly, more damage has and will be done because of lack of knowledge than because of too much information. Most of the actual edited changes that are made by users are done with the Registry editors.

Copying Another Systems Registry

Copying other Registries is a very serious mistake many users make. Just because it works on the other machine doesn't mean it will automatically work on this one. Much of what is in the Registry is specific to the individual system, even if the hardware is the same. Copying the files that make up the Registry to another system will not work. Characteristically, if another system's Registry is used, most of the hardware will not work, and user and security issues may make the data and application information inaccessible.

There are some parts of the Registry items that can be used for another system, however, and the special procedure for doing that is shown in Chapter 11, "Remote Registry Editing."


If you could eliminate all the problems listed in this chapter, Windows NT and 95 would run without failure almost indefinitely. That is probably not realistic. However, knowing how the Registry can get corrupted can help you use better system-management techniques and may prompt you to take better care of it.



Click Here!