What to use instead of NTREGOPT?

[bizzybody]

It appears that some recent "security" update to Windows 7 was aimed squarely at blocking good old NTREGOPT from being able to access the Registry.

 

I disabled Avast and turned off UAC and ran ntregopt as Administrator, while logged in with an account with administrator rights. No go, it's still completely blocked.

 

Is there another utility, free of ads and nags for $ for a "pro" version that does the same thing as ntregopt, but hasn't been blocked by Microsoft and anti-virus/malware?

[dencorso]

Try to run NTREGOPT as the "Trusted Installer", instead of as Administrator.

[bizzybody]

Not working. I got the runassystem and runastoken and the SetACL and the batch file to change the CLSIDs just sits there doing nothing after displaying its first line.

http://vorck.com/windows/ntauth.html

Edit: removed the -silent options and now it's visibly doing things...

Edit2: Still going, repeatedly saying setacl finished successfully

Edit3: Oh F this. Been running that batch file for about 45 minutes.

 

I put the runas and set acl exes in the same folder as ntregopt. When I run this batch file from an elevated command prompt, it stops and starts trusted installer then flashes another window and quits.

net stop trustedinstallernet start trustedinstallerrunassystem64.exe "runfromtoken64.exe trustedinstaller.exe ntregopt.exe"

@ECHO OFFECHO Processing CLSID permissionsREM SET SETACLX64=C:\windows\system32\setaclx64.exeFOR /F "tokens=1,2,3,4,5 delims=\" %%A IN ('REG.EXE query HKLM\SOFTWARE\Classes\CLSID\') DO (    SETACLX64 -on "%%A\%%B\%%C\%%D\%%E" -ot reg -actn setowner -ownr "n:S-1-5-32-544;s:y" -rec yes -silent    SETACLX64 -on "%%A\%%B\%%C\%%D\%%E" -ot reg -actn ace -ace "n:S-1-5-32-544;p:full;s:y;i:so,sc;m:set;w:dacl" -rec yes -silent    SETACLX64 -on "%%A\%%B\%%C\%%D\%%E" -ot reg -actn ace -ace "n:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464;p:full;s:y;i:so,sc;m:revoke;w:dacl" -rec yes -silent)FOR /F "tokens=1,2,3,4,5 delims=\" %%A IN ('REG.EXE query HKCR\CLSID\') DO (    SETACLX64 -on "%%A\%%B\%%C\%%D\%%E" -ot reg -actn setowner -ownr "n:S-1-5-32-544;s:y" -rec yes -silent    SETACLX64 -on "%%A\%%B\%%C\%%D\%%E" -ot reg -actn ace -ace "n:S-1-5-32-544;p:full;s:y;i:so,sc;m:set;w:dacl" -rec yes -silent    SETACLX64 -on "%%A\%%B\%%C\%%D\%%E" -ot reg -actn ace -ace "n:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464;p:full;s:y;i:so,sc;m:revoke;w:dacl" -rec yes -silent)FOR /F "tokens=1,2,3,4,5,6 delims=\" %%A IN ('REG.EXE query HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\') DO (    SETACLX64 -on "%%A\%%B\%%C\%%D\%%E\%%F" -ot reg -actn setowner -ownr "n:S-1-5-32-544;s:y" -rec yes -silent    SETACLX64 -on "%%A\%%B\%%C\%%D\%%E\%%F" -ot reg -actn ace -ace "n:S-1-5-32-544;p:full;s:y;i:so,sc;m:set;w:dacl" -rec yes -silent    SETACLX64 -on "%%A\%%B\%%C\%%D\%%E\%%F" -ot reg -actn ace -ace "n:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464;p:full;s:y;i:so,sc;m:revoke;w:dacl" -rec yes -silent)FOR /F "tokens=1,2,3,4,5,6 delims=\" %%A IN ('REG.EXE query HKCR\Wow6432Node\CLSID\') DO (    SETACLX64 -on "%%A\%%B\%%C\%%D\%%E\%%F" -ot reg -actn setowner -ownr "n:S-1-5-32-544;s:y" -rec yes -silent    SETACLX64 -on "%%A\%%B\%%C\%%D\%%E\%%F" -ot reg -actn ace -ace "n:S-1-5-32-544;p:full;s:y;i:so,sc;m:set;w:dacl" -rec yes -silent    SETACLX64 -on "%%A\%%B\%%C\%%D\%%E\%%F" -ot reg -actn ace -ace "n:S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464;p:full;s:y;i:so,sc;m:revoke;w:dacl" -rec yes -silent)ECHO Complete

Edited May 1, 2015 by bizzybody

[jaclaz]

Wait a minute.
 
Try EXACTLY the example given by Joakim
http://reboot.pro/files/file/237-runassystem-and-runfromtoken/
 
 

On one of my systems I have this simpel batch on my desktop to get quick access to my special power cmd:
 

net start trustedinstaller
C:\windows\system32\runassystem_x64 "C:\windows\system32\runfromtoken_x64 trustedinstaller.exe 1 cmd"

 

 
jaclaz

[cannie]

I use since long ago the freeware "Wise Registry Cleaner" for the same purpose. You may try it. Maybe it would be enough for your needs.

 

HTH

Edited May 1, 2015 by cannie

[xpclient]

Sad. Thankfully ERUNT still works!!

Edited May 3, 2015 by xpclient

[NoelC]

It appears that some recent "security" update to Windows 7 was aimed squarely at blocking good old NTREGOPT from being able to access the Registry.

 

I'm just curious...  Why do you think you need to "optimize your registry"?  What goes wrong if you don't?

 

-Noel

[jaclaz]

I'm just curious...  Why do you think you need to "optimize your registry"?  What goes wrong if you don't?

 

NTREGOPT (JFYI) does not really-really "optimize" anything.

 

If you see the Registry as a Filesystem, NTREGOPT is the correponding to the DEFRAG command.

If you see the Registry as a Database, NTREGOPT is corresponding to the COMPACT or ZAP command.

 

The net effect of using regopt is to have a smaller size of the files composing the Registry and, since the entries in it are re-organized it will be (in theory) a tadbit faster (in practice I doubt that it is noticeable on modern machines).

 

@bizzibody

Completely UNLIKE tested (and lesser known):

http://www.winmend.com/registry-defrag/

a list of similar apps to test:

http://alternativeto.net/software/puran-registry-defrag/

 

jaclaz

[NoelC]

Well, I'm all for maximizing performance.  I just do it in different ways.  It really seems to me mucking around with the structure of the central database that runs everything is just asking for trouble - especially since Microsoft does a lot of its own maintenance at various times (go through the big list of scheduled jobs in a brand new system some time).

 

I'm particularly sensitive to the whole "registry cleaner" genre, because it's the kind of thing that has made its own market where no need really existed.  It's certain that more people have gotten themselves into trouble than have tuned up their systems with such junkware (not applying that to any particular product).  Microsoft is admittedly evil, but in this particular case I don't think they're actively trying to block people from using "registry optimization" software for no reason.

 

Do yourself a favor:  Ignore registry cleaners and invest in SSD storage if you want to see REAL performance gains.  Many things will become much more responsive. 

 

I'm here to tell you from a lot of experience that you really, really don't need to "defrag", "optimize", or "clean" your registry in order to have an efficient running Windows system virtually for forever.

 

-Noel

[xpclient]

NTRegOpt is not a Registry cleaner. Registry cleaners are a truly useless trashware/snake oil that everyone should stay away from just like "OS tuning/optimizing tools". NTRegOpt merely rewrites the Registry in a single contiguous way.

 

According to its description "The program works by recreating each registry hive "from scratch", thus removing any slack space that may be left from previously modified or deleted keys. Note that the program does NOT change the contents of the registry in any way, nor does it physically defrag the registry files on the drive (as the PageDefrag program from SysInternals does). The optimization done by NTREGOPT is simply compacting the registry hives to the minimum size possible."

 

But on modern machines and OSes (post Windows XP SP2 where Registry is loaded in the system cache and has built-in optimizations to reduce fragmentation), it wouldn't make much difference even if you don't use it. Windows 2000 and earlier would benefit from NTRegOpt. Remember that Windows 2000 also had a pretty low Registry Size Limit for the system hive. Windows XP and later - negligible benefits to using NTRegOpt.

 

Now I would be seriously p***ed off if they broke ERUNT.

Edited May 8, 2015 by xpclient

[jaclaz]

@NoelC

You completely missed the point.

Too bad .

 

NTREGOPT IS NOT a "Registry cleaner", it IS NOT a "Registry optimizer", it is a Registry defragmenter or a Registry compacter.

 

A filesystem (from time to time) is likely to work better if defragmented.

A database (from time to time) is likely to work better if compacted.

 

Whichever way you like to see the Windows Registry, it is better to do some maintenance on it (from time to time).

 

Then, we may want to discuss the opportunity of using an actual "Registry cleaner", which may be better discussed here:

http://www.msfn.org/board/topic/171889-is-ccleaner-safe-to-run-on-windows-7-81/

 

 

jaclaz

[NoelC]

People keep telling me I'm missing points.  I'm not missing anything.

 

I'm telling you that - based on my experience running Windows operating systems for years and maintaining stability and performance - you don't need to compact, defragment, or otherwise optimize your registry in order for it to continue to work and continue to deliver reasonable performance.

 

Thus, in my view a registry defragger is no different than a registry cleaner.  It's simply unnecessary and it comes with substantial risk.

 

-Noel

Edited May 5, 2015 by NoelC

[jaclaz]

As long as you don't mix "defragmenting" or "compacting" with "optimizing" or "cleaning" your opinion is as good as anyone else's , but it's not like you having run Windows Operating Systems for several years is any different or better qualification than that of anyone else having run Windows Operating Systems for several years .

 

Just as an example I have recklessly used Registry defragmenting as a periodical maintenance task and till today the "substantial risk" you depict has proved to be (at least in my case) equal exactly to 0.

 

You don't like or think unnecessary to defragment the Registry? Good .

Is it a "substantial risk"? :

How do you know if you never did it?

 

I have done it many times over the years and never lost a system, nor ever needed to reinstall any OS - EVER - if not due to hardware failure (in which case - to be accurate - I did not reinstall but rather restored a backup image).

 

But obviously this is my anecdotal evidence which is anyway m00t, still it has the same dignity as your anecdotal evidence. 

 

You could well become a good Linux guy and assert how Ext2/3/4 need not defragmenting, or follow MS stating that while a database needs compacting, there is no need on Windows NT to defragment a hard disk (actually file system):

https://support.microsoft.com/en-us/kb/288631

With the exception of the Microsoft Windows NT operating system, if you do not defragment your hard disk, the operating system may have to go to several physical locations on the disk to retrieve the database file, making file access slower.

 

 

jaclaz

 

[NoelC]

My experience may be deeper than most, but hey, if it makes you feel good to do useless things to files on your computer, who am I to criticize?  Knock yourself out.  I do a lot of things because I like to as well.

 

-Noel

[jaclaz]

Sure , and still people may exist with an even deeper experience than you have , but what I do (or not do) while it may well be useless^[1], it is seemingly not particularly risky, let alone substantially, or at least never caused issues to me, and since still seemingly you never attempted doing it (because it's useless) you have exactly 0 experience about the level of risk it may represent (which was actually tested by me and ended up being coincidentally also exactly 0).

 

However, and JFYI :

https://support.microsoft.com/en-us/kb/2498915

 

 

jaclaz

 

^[1] better than useless I would prefer "of limited practical benefit, particularly on modern machines and recent MS OS's", but they are just lexical nuances.

Edited May 5, 2015 by jaclaz