• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 591
  • Last Modified:

Registry leaks

After installing the latest round of Win updates (WIN7/64), I'm getting registry leaks. The same leak but different processes.

Here's the latest:

Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.  

 DETAIL -
 1 user registry handles leaked from \Registry\User\S-1-5-21-2987587682-1074968332-1067063631-1001:
Process 760 (\Device\HarddiskVolume3\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-2987587682-1074968332-1067063631-1001

At every shutdown or restart, I get a message that Win Explorer has not closed. Then after startup, I get the 1530 single registry leak in my admin events,. The message is the same save the processes. Above is 760. Today with many restarts and a shutdown, I've gotten process 1920, 752, 748 AND Others.

I know these are warnings. I know in a general sense what's causing them - some process with winlogon.exe

I've had registry leaks before but they usually resolve themselves. Not this time. Seems like every time MS sends out its updates, something gets screwed up. I spend more time resolving those conflicts that I do working some days.

What's you best guess - and fix - on this one.
Thank you.
0
normanml
Asked:
normanml
  • 2
  • 2
1 Solution
 
SStoryCommented:
You mean besides moving to Linux or Mac? ;)

I did find the following on Microsoft's own site about Windows "Exploder", aka Explorer:

This behavior occurs because Windows automatically closes any registry handle to a user profile that is left open by an application. Windows Vista does this when Windows Vista tries to close a user profile.
Note Event ID 1530 is logged as a Warning event. The application that is listed in the event detail is leaving the registry handle open and should be investigated.
(emphasis mine)
https://support.microsoft.com/en-us/kb/947238
At the end it says it is "by design."

So it sounds like Windows Explorer is doing what it frequently does--exploding.  Since Windows sees a handle to the registry--probably registry file, but I'm not sure-- that isn't closed, it closes it and logs the warning.

I don't think I'd worry about the warning.  As to Explorer, I don't know how you can fix it.
0
 
SStoryCommented:
More info: On Microsoft's Technet I found this:

Cause

This event can be caused by apps that do not release their Registry keys before shutting down. This most often occurs when an app runs in the background and does not release its Registry keys when a user signs off, in which case Windows forces the Registry to unload. There is no impact to users, though in rare cases recent configuration changes in the app might not be saved.
Resolution

No user action is required - this is an acceptable condition.

In Windows 8.1 we changed this to an Information message to help reduce confusion and alarm. This event was a Warning event in prior versions of Windows.
(emphasis mine)
(source:http://social.technet.microsoft.com/wiki/contents/articles/3134.user-profile-service-event-1530-the-windows-operating-system-detected-that-your-registry-file-is-still-in-use-by-other-applications-or-services.aspx)

So it appears to not be a big deal. I probably wouldn't worry about it.
0
 
normanmlAuthor Commented:
Talked to a tech I use for serious problems - crashes etc - and he suggested the cause is likely a new shared external hard disk on my intranet. He said much of the code for sharing is kind of a work-around on the original Win7, rather than a rebuild of XP, which had a special utility for registry leaks problems. This was supposed "built into" Win 7, which many techs take to me cobbled on. Any way, I have tried everything save creating another profile. I use a one user admin setup and everything about it seemed fine. So since the computer seems to be running okay. I'll ignore it . . . until the Win decides to go kaflooey again.
0
 
normanmlAuthor Commented:
Thanks.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now