Archived from groups: microsoft.public.windowsxp.configuration_manage (
More info?)
Thank you, MC, for posting back.
I love learning something new every day!
and it is nice to learn about these steps as a 'way out'.
george
"MC" <m.straver@removethis.chello.nl> wrote in message
news:TpQCd.67532$Lv.8453@amsnews02.chello.com...
> OK,
>
> Even if I didn't get ANY feedback from this newsgroup I'm posting what I
> found out anyway, just so it will benefit others in the community.
>
> It seems that at that size for a user registry (I still don't know what
> bloated it that much, but have some suspicion now), windows itself runs
> out of resources to handle it. Things like saving branches into hive
> files, even just loading the hive from a backup file, results in errors
> (by windows itself). This is most likely the cause for the
> defragging/shrinking tools to fail as well since they use the basic
> registry read/write interface normally.
>
> I worked together with the author of NTREGOPT and ERUNT to try and find a
> solution (thanks a lot Lars!), and after some pointers I managed to fix it
> the following way:
>
> 1) I logged on with my regular user (A), opened regedit, en exported the
> whole HKEY_CURRENT_USER branch to a .reg text file
> 2) I logged on next with a different account with admin privileges, and
> created a new account (B) with the same rights my (A) account
> 3) I logged in once with the (B) account to initialise all the directories
> and settings to default values.
> 4) I opened up the .reg file I created in a text editor (capable of
> handling huge files) and did a search and replace for all the paths that
> contained c:\\documents and settings\\(A)\\ to change it to (B) --
> repeated this replace with the canonical short names c:\\docume~1\\(A)~1\\
> for the entries that use 8.3 path names in there.
> 5) I copied over all the directories from c:\documents and settings\(A)\
> to c:\documents and settings\(B)\ -- but NOT any of the registry files of
> course (no ntuser.dat .ini .pol .log etc), to retain my stored application
> data for programs that need it.
> 6) Still in the (B) account, I opened up regedit and imported the .reg
> file. Some keys were in use, but that was fine, it imported the rest
> anyway.
> 7) logged off, and logged back on with (B). ta da, all my settings were
> there again, including start menu, program registrations, etc.
> 8) What was left was deleting the old user and user directory to clean up.
>
> ** I had to recreate a few profiles for some programs (among others my
> browser) but could edit/copy the files from the old profiles over to get
> the settings back.
>
> result: ntuser.dat back to 2.6MB, and my account looks and feels and works
> exactly the same as the old one.
>
> In the process of messing with the huge file trying to load/save/unload
> the hive which failed, I found 2 keys it would refuse to delete, so I'm
> suspicious about those two being the culprit for the bloat. this is only a
> suspicion, I have no way to verify it since I don't have a tool to analyse
> the .dat file that I saved a copy of.
>
> The keys were:
>
> Software\Microsoft\Protected storage system provider
> Software\Microsoft\Systemcertificates\TrustedPublisher
>
> even with protected storage service turned off and all registry
> permissions forcefully set, it refused to delete these keys or unload the
> hive.
>
>
>
> M. Straver wrote:
>> Hi everyone,
>>
>> I've been running into bootup time problems and I've gone in and checked
>> what the problem might be. To my amazement, my user's registry hive
>> ntuser.dat is a whopping 140MB !!
>>
>> I've already gone in and fixed any errors there might have been and
>> compressed/defragged (tried 2 different tools for that) but the size
>> remains about the same. I have no idea where this bloat comes from but it
>> causes a serious logon delay (I'm not talking just a few seconds here)
>> which is really inconvenient.
>>
>> Does anyone know how to track what takes so much space in the registry
>> file? I've tried exporting the HKEY_CURRENT_USER branch but it creates a
>> much smaller file so whatever it is isn't in the normally exported
>> keys...
>>
>> Unfortunately, the tools ERUNT and NTREGPT don't seem to work either,
>> they give errors on trying to access the hives.
>>
>> Any suggestions/help appreciated! Thanks
>>
>> Mark.
Facebook
Twitter
Instagram