Is there such a thing as a true registry cleaner?

[jimdagys]

"Ranchhand" said he knew of one, but I wasn't able to find out which one he uses. Since I have access to computers that can't be damaged (they re-image each time they boot up), I would like to test a so called registry cleaner to see if there is such a thing that can remove the malware from the registry. Actually, maybe there isn't such a thing because, how could the registry cleaner be able to differentiate the good from the bad? "Revo" asks that you type in the string name of the malware, and it will try to remove that, but I think good malware wouldn't put itself in the registry under any identifiable name.

[MOVIEGEEK]

I use CCleaner to fix the registry and SuperAntiSpyware to get rid of the bad stuff in the memory, registry and hidden files. IMO SAS is the best program for getting rid of registry malware.

[davexnet]

Malware? AV/Spyware products such as Malwarebytes, SuperAntiSpyware, Spybot Search and Destroy, etc,etc
keep track of known registry entries related to malware and look for them specifically when they run,
as well as malware files present in the file system.

I think you would be better off running such a product. If there are any registry entries left over when a virus has otherwise been removed, it may it may not cause problems - it depends.

[ranchhand]

"Ranchhand" said he knew of one, but I wasn't able to find out which one he uses.

Sorry, I remember posting that comment, but got a nasty kidney infection so for the last few days I have been in the house and not wanting to do anything except die.
For the last 7 or so years I have been using (free) Hoverdesk REGSEEKER (name hotlinked) to search the Registry for individual entries. Although Regseeker has a generic "registry cleaner" I strongly advise you not to use it. I don't trust any software to decide what is safe to delete or stay in my register. Those programs usually end up damaging something eventually, including Regseeker. As far as finding individual entries, it is totally dependable. I have made a small tutorial as follows:

Regseeker is a register search program that can save you tons of time and aggravation trying to edit orphan register files out of your system. It will scan and list all entries in your register and hilight each entry name found in blue so you can verify that is the one you want. If you double-click on any one entry, regedit is launched and it will take you to that entry in your register in a separate window. When you are done inspecting or modifying just close that window and you are back into your listing. Be sure to follow my directions exactly, and if you have any questions post back.
Regseeker launches into memory only and there is no need to install it to your hard drive. Open a separate folder on your C: drive and move it there, then create a shortcut to your desktop for convenience.
NOTE: Do not use the "Clean The Registry" option in that menu. Never use an automatic register cleaner of any kind on your computer, even this program.

>Open Regseeker
>At the top left hand side menu listing, click Find In Registry.
>At the bottom left, verify that "Backup Before Deletion" is enabled (check mark in box).
>Enable checkboxes: HKEY USERS and HKEY CURRENT CONFIG. Leave default settings on all others.
>Note: Do NOT enable: "Search Files" and "Match Whole Word" checkboxes. Leave them cleared.

>Click once in the search box; type the word or words that you wish to search for.
NOTE: Spend a moment thinking about this, it is very critical. Keep it simple. Target as direct as possible the key word of the program or virus entries you want to find but be careful. Here's an example: say you want to remove all entries for Microsoft Onenote since you do not want to use that program. If you type only "microsoft" you will get hundreds of hits because that name appears many times for many different programs and critical system files. If you now choose to delete all those entries you will nuke your operating system. So what you want to do is target only the word "onenote" and Regseeker will pull up all the entries in the register using only that name. Now you are safe. **Make very sure that there are not multiple identical names for different programs for obvious reasons. You will nuke programs you want along with the program you do not want.

>Click "Search"
>Be patient, this may take a few minutes. Watch the progress bar at the bottom. Wait until the bar disappears, and the scan is complete. The number of entries found will be at the bottom of the screen. To delete, click the bottom entry, hold down SHIFT, scroll up to the top and click the top entry. Press Delete (or R click >Delete),Regseeker will post the name of the backup file it made, and nuke the entries.

I use Regseeker to help remove malware and it is quite effective, depending on the type of infection. The only catch is that you must know what file or name of the process that you want to find, and that can be very difficult depending on the type of infection.

[ranchhand]

[EDIT]: If you double-click on any entry regedit will launch and take you directly to that entry for editing. Very handy.

[Noahtuck]

Must.... Fight..... Satan's..... Urges......

Lol!!!

[Nelson37]

If you already know what you are looking for, RegEdit can do that.

There are probably better registry cleaners than CCleaner. There are NONE that I know of that I would feel comfortable putting in the hands of the average PC user.

I have large numbers of CCleaner installs being used by average users, for several years now. NOT ONE SINGLE problem has been caused, and several have been solved. Highly recommended.

I have seen NUMEROUS cases of problems created by other registry cleaners in the hands of average users. NWIH would I recommend such a program, for such users.

[Hoser Rob]

If you already know what you are looking for, RegEdit can do that.

There are probably better registry cleaners than CCleaner. There are NONE that I know of that I would feel comfortable putting in the hands of the average PC user.

I have large numbers of CCleaner installs being used by average users, for several years now. NOT ONE SINGLE problem has been caused, and several have been solved. Highly recommended.

I have seen NUMEROUS cases of problems created by other registry cleaners in the hands of average users. NWIH would I recommend such a program, for such users.

+1. As they say, a little knowledge is a dangerous thing.

I think the safest way to do it with windows is, when you buy and register it, immediately back up the system.

Then, download the installer programs for the stuff you want and set it up. Then back it up again. There's nothing like a clean restore point.

I don't even like using registry editors made by "professional" programmers, because I know why I put those quote marks there. No way in hell should most users ever touch the registry.

[isapc]

There are only 2 utilities I have come to TRUST.
Crap Cleaner-CC cleaner and DiskMax.
Diskmax can be found here. http://www.koshyjohn.com/software/diskmax/

Be careful with the advanced features of CCleaner. The default are all you need.

[ranchhand]

Nelson37 said:

If you already know what you are looking for, RegEdit can do that

Yes, Nelson, everybody here already knows that. I just removed Microsoft Office One Note from a client's machine. There were over 4000 entries in his register for One Note. Same for Silverlight. I removed Roxio burner and there were over 2,500 entries. This utility is designed to target and remove bulk orphan entries that over a period of years can build up to gigs of wasted space on a hard drive. Attempting to clean out orphans like this would take months trying to use regedit. In all the years I have been using Regseeker, not once have I ever damaged any register at all. In addition, it makes backups so that you can restore if there is a problem, which regedit does not do.

[Nelson37]

The "orphan cleaning" is exactly what CCleaner does. It's automated functions are exceptionally safe. What you are describing sounds similar, but not meant for the average user.

It's one thing to know how to use a chainsaw, and another to know when the other guy needs a hacksaw instead. Not necessarily because it's a better tool for the job, but because the dude should NOT be handling a chainsaw.

[jimdagys]

Question: I have heard that you have to reboot the computer after you make changes to the registry. Why is that? I mean, if I use Regseeker and tell the software to delete all instances of the string "onenote", and then I check the registry and indeed see that all 1000 instances have been deleted, why is it necessary to reboot? Unfortunately, I cannot reboot these computers ( without total re-imaging) so I can't properly test these registry cleaners. I will say, as far as I can see with my limited understanding, Regseeker is unique in the ability to seemingly erase all instances in the registry of any string that you choose ( see screenshot). It also has the ability to uninstall programs (even if the control panel is locked out) . Another point to be made is that simply deleting unwanted entries may not work, because malware may alter the folder structure tree, and I don't see how the registry cleaner/software can re-create the original folder tree ( that has been altered by malware).

[ranchhand]

I have never had to reboot any computer when using Regseeker, and I use it at least once weekly. Rebooting the computer is pointless as far as making registry changes, unless the operator wants to boot a program after registry changes have been made for some reason. As far as uninstalling programs, I have never tested Regseeker in that mode. I don't see why it wouldn't work, but I will test it when I get time.

simply deleting unwanted entries may not work

That is correct. It used to be, years ago, that approach almost always worked, but viruses have become far more sophisticated recently especially rootkits. However, some of the new nasty ActiveX infections are dependent on new registry entries and it is lethal to them when they are removed. Most viruses can be removed by using appropriate utilities. In cleaning an infected machine, one size does not fit all.
As far a being dangerous to use, if we use regedit why would regseeker be any more dangerous? It only does the same thing, only more efficiently and in far less time.