How to Repair Corrupted Windows Registry

The Windows Registry is a hierarchically systematic database which stores low-level settings in Microsoft Windows OS and for applications that utilize the Registry so as to work properly. The Windows Registry has two main essential elements called “keys” and “values”. The Registry keys are container objects alike to folders even the values are non-container objects similar to files. Once a new program is installed, a new subkey is added to the Windows Registry. The subkey contains details about program’s version, its location, and settings how to start the program.

Normally, once activated on the computer unwanted software or malware modify the entries in the Windows Registry Editor. The changes may have low-impact on the computer system like changed appearance of the desktop wallpaper, screensaver and added buttons in the drop-down menus. By the way, some changes may expose the complete system at stake and result in system disruption.

The most frequently used registry keys you can see when you open the Windows Registry Editor are:

  • HKEY_LOCAL_MACHINE or HKLM – This key contains specific information about the type of the software, hardware and other preferences for your computer. All users on a given computer who log on the system use this information.
  • HKEY_CLASSES_ROOT or HKCR – This key is for all your windows shortcuts and the core aspects of the Windows user interface.
  • HKEY_USERS or HKU – This key collects all information about the preferences of each user who has a login account for a given computer. Each user is identified in a SID subkey under the main key.
  • HKEY_CURRENT_USER or HKCU – This key contains details about the login names, Start menu settings, and desktop settings of the currently logged on user.

Let’s guess that a malicious process has set a module “virus.exe” in %AllUsers% profile directory. Here you could see the following registry entry in the Windows Registry:

→→HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\”cry” = “%AllUsers%\virus.exe”

Each value in the keys performs a different function from the other values. For its malicious purposes, the unwanted application or the malware can modify the current Windows values or create new values.

In this article, we aim to show you how to fix Windows Registry errors caused by unwanted applications and malware. Once you’re ready, all adverse effects should be gone. Please have in mind that making changes in the Windows Registry Editor is a tricky process. Using the Windows Registry Editor inaccurately can cause serious problems requiring the reinstallation of your OS.

Note! You should first remove the unwanted program or the malware from your computer. It is not recommended to clean the registries without getting rid of the viruses that modify and create them. You could use an advanced anti-malware tool for the best results. It can detect and fix all malicious registry entries automatically.

SpyHunter anti-malware tool will detects all current threats on the computer. By purchasing the license version, you ‘ll be able to remove all malware threats instantly. Know More about SpyHunter / How to Uninstall SpyHunter

Repair Corrupted Windows Registry by Resetting Permissions

You can manually fix your Windows Registry by resetting permissions by following the steps below.

STEP 1: Back up Your Data.

As we mentioned an error during the Registry cleanup process can have a serious impact on the complete system, especially when it’s infected. Once we begin, our advice is to backup all your data. For this purpose, you can use USB, external drive, Memory Stick, etc. Other options are using cloud platform and using Windows Backup in the Control Panel.

backup-data-windows-bacup-control-panel-removevirusinfection

STEP 2: Back up the Data of the Current Windows Registry Entries.

1) Hold Windows button + R to start the Run Dialog box

Windows-key-plus-R-button-launch-Run-Box-in-Windows-removevirusinfection

2) In the field type “regedit”

run-box-command-regedit

3) When Registry Editor Opens, go to File drop-down menu
4) Then choose “Export” option

registry-editor-export-removevirusinfection

5) Select a location and a name for the backup and save it. We will name our “preventivemeasure.reg”.

STEP 3: Download and Install SubInACL Provided by Microsoft to Reset Registry Permissions.

1) Download SubInACL.

Download link for SubInACL provided by Microsoft

2) Install SuInACL in the default directory.

install-SubInACL

STEP 4: Make Registry Fixing Script.

1) We need to make a .txt file. Press Windows button and start typing Notepad. Then click the app to open it. Paste the following script in the text document:

subinacl /subkeyreg HKEY_LOCAL_MACHINE /setowner=Administrators
subinacl /subkeyreg HKEY_CURRENT_USER /setowner=Administrators
subinacl /subkeyreg HKEY_CLASSES_ROOT /setowner=Administrators
subinacl /subdirectories %SystemDrive% /setowner=Administrators
subinacl /subkeyreg HKEY_LOCAL_MACHINE /grant=system=f
subinacl /subkeyreg HKEY_CURRENT_USER /grant=system=f
subinacl /subkeyreg HKEY_CLASSES_ROOT /grant=system=f
subinacl /subdirectories %SystemDrive% /grant=system=f

2) Save the file as a .bat file. Click on File drop-down menu and select “Save As” option.

notepad-save-file-as-removevirusinfection

Then select find “Safe as type” option and choose “All Files” instead of “Text Documents(*.txt)“. In the field for the file name type “fix.bat” and save it in “C:\Program files\Windows Resource Kits\Tools”.

how-to-save-bat-file-removevirusinfection

STEP 5: Clean up Your Registries.

1) Hold on “Windows button” and type “Command Prompt“. Right-click on it and choose “Run as Administrator“.
2) In the Command Prompt window type one of those two commands and press “Enter“:

→cd “C:\Program Files\Windows Resource Kits\Tools” or
cd “C:\Program Files (x86)\Windows Resource Kits\Tools”

Your choice depends on where the “Windows Resource Kits” folder is located.
In our situation, it is in Program Files. Then, you should see the following:
command-prompt-removevirusinfection

3) Now type “fix.bat” and press “Enter“.

Once cleanup is ready, all of your registry permissions will be restored back to normal. You should also view a report of how many registries have failed or contained syntax errors.