Helping people with computers... one answer at a time.

Windows registry certainly has it's issues... but causing malware is not one of them.

The internet says that the centralized Windows registry is to blame for Windows having virus problems since 1995. Macs have their settings in the program folder like DOS to me. So why doesn't Microsoft return to the idea of separate INI files? Yes, it will consume space, but with terabytes of space who would notice?

In this excerpt from Answercast #38, I look at Windows registry and it's many difficulties – but it's not causing malware.

Windows registry

Well if "The Internet" says it... it must be true.

Unfortunately in this case, I believe the internet is wrong. I know that's heresy, but that's what I believe.

I do not blame the Windows registry for Windows malware issues. I blame it for perhaps:

  • Instability in uninstall programs.

  • Maybe overall instability because it's so hard to write to, and many programs don't write to it properly.

  • I blame it for a few things related to Windows issues.

  • But I don't blame it for malware.

The registry

The registry actually attempts to solve a couple of really interesting problems. Those being that different users on the same machine need to be able to have completely different sets of settings and those users all need to be protected from each other. Windows registry actually does those things fairly well.

The problem is that it's an organizational nightmare and it's a very difficult thing for an application to actually write to, and write to properly and securely.

INI files

Now, there are definitely other ways of dealing with this collection of information. INI files are the most common one and it's the most common one mentioned by folks like myself (and perhaps you, I honestly don't know) who are very familiar and comfortable with dealing with settings, and would love to just fire up an INI file in a text editor and have it be a very quick way to make a setting change.

  • That's great. But I don't think it gives you any additional protection against malware.

Aggressive malware

Any software that was able to modify the registry to insert itself into your system could just as easily have gone in and modified the INI files that would have been in place to do the same thing.

Remember, the registry is there to perform certain functions.

It lists all the start up things that have to happen when Windows boots up. If you don't have a registry, you still have to have that information somewhere. If malware can get into the registry, it's gonna be able to get into the registry alternative.

So, I really don't see it as being a cause, or a root cause, of any virus or malware issues with Windows. Like I said, I do blame it for some of the ordinate complexity that application writers have to go through to use the registry properly.

Alternative to settings

Yes, I am absolutely with you in the sense that I would have loved to have seen a different approach to settings and settings savings. And you're right, I think the registry was an attempt at putting together a centralized database that could be efficiently managed by the system.

Had they known twenty-five years ago that we were going to have this excess of cheap hard disk space, maybe the decision would have been made differently.

Certainly, I would personally love to see registry settings be replaced by something like text files.

Change is complicated

The problem that we have today is that:

  • We have twenty-five years of inertia.

  • We have twenty-five years of applications who are all writing to the registry.

  • We have Windows itself writing to the registry.

The registry is such an inherent part of how Windows works. Changing that, actually moving away from a registry based model, would probably destabilize the operating system to the point of un-usability.

I really do believe that the only way to move away from a registry-based system is to change your system completely. In which case, it sounds like you already have.

If you're running a Macintosh, fantastic. You've got what you want. If you're running a Linux, fantastic. You've got what you want.

But I think Windows is and always will be, for better or for worse, registry based.

Article C5624 - July 26, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

July 26, 2012 4:41 PM

Actually, I use Windows, my mother just switched to a Mac(a virus got passed her paid Norton AV which was up to date). After a short learning curve, I discovered they are close enough for me to guess my way out of her problems which has subsided. The biggest one was flash. I assumed that since my IPOD touch doesn't do flash, all macs do not, in fact they do.

July 27, 2012 6:05 PM

I remember setting up dos 6.x with a different autoexec. bat and config.sys files for different users, (that's the OS I where I got my geek)
You booted into a menu and took your pick, 1-John:, 2-Jane:, 3-Joe:, etc. It seemed to work pretty good but you had to do a lot of typing in them days.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to to ask your question.