Source by arunl (corrected!)
I had the same problem. Machine would not boot because \WINDOWS\SYSTEM32\CONFIG\SYSTEM was missing.
Windows
XP Restore did not help. On booting with the XP disk, it would not give
a list of OS to choose. Instead it gave a Windows prompt.
The drive C: was shown as empty. Though I had a RAID-1 disk.
Chkdsk could not help because the disk was not recognized (or something to the effect).
Some
people have suggested that under this situation you have to essentially
reformat dis and reinstall the OS (thus losing all the data).
After some experimentation I found an alternative to chkdsk which was a big help. Here is a summary.
My machine had three problems:
1. My C drive was configured as an NTFS filesytem. This filesystem was corrupted. (See below how I found this out).
2. The five registry files mentioned in the following Microsoft article were corrupted.
http://support.microsoft.com/kb/307545
3. My machine was infected.
I
will describe my solution for #1 and #2 because that is relevant for
this thread. But to complete the recovery one has to clean the machine
too.
* Restoring NTFS filesystem
Normally chkdsk does
this. But as discussed above, chkdsk was not helpful in my case.
I
restored the NTFS filesystem using ntfsfix available with Knoppix (and
may be other Linux based recovery CDs).
- Download and burn a Knoppix CD (on another machine)
- Boot using Knoppix CD
- The desktop will have icons showing the disks recognized by Knoppic.
Since I had RAID drives using ISW format, I had four icons on my desktop named "isw..."
- Double click on the drive icons. The drive will be mounted in READONLY mode (if our drive can be mounted then its good news)
The icon will now be replaced by another icon showing the mounted drive.
- Browse through the filesystem of each drive, and find the one containing your WINDOW directory.
- Rightclick on the icon for the mounted drive. Convert it to 'READ-WRITE' (from READONLY).
At
this stage, Knoppix is likely to give an error that it cannot change
the drive to RW mode because the NTFS filesystem is corrupted.
The
message also says that you need to use chkdsk (on Windows) or else
use ntfsfix. This is how I learned that the NTFS filesystem was
corrupted.
- Now rightclick on the drive and unmount it.
- Open a terminal window (with the shell promt)
-
Use the command "ntfsfix". Use the command "man ntfsfix" to learn how
to use ntfsfix. In my case I had type the following command.
# ntfsfix isw
Notice the "isw" when I was discussing the desktop icons. The name of
the icon should give you some hint on the right parameter for you.
Don't
forget to read the disclaimer given by ntfsfix. Before you go further,
think whether you need to save any data from your disk.
If your disk is
mounted correctly by Knoppix, its your chance to backup data you need.
If ntfsfix goofs up, you'd lose this opportunity.
* Restoring Registry Files
I tried rebooting after doing ntfsfix, but still received the same error message about the SYSTEM32/... file not found.
At this point I could have tried using Windows XP Recovery and followed the steps in this MS article http://support.microsoft.com/kb/307545.
I
didn't attempt it. Once my boot failed, I went back to Knoppix and did
what is recommended in the MS article, but using Knoppix. Of course, to
make changes to the filesystem, it should be mounted in RW mode
(following the steps listed before).
I used another external drive to make backup of the registry files.
After restoring the four registry files, I was able to reboot.
* Caution when you reboot, if your machine is infected
-
Make sure you reboot in safe mode. If the infection was the cause of
your problem, it is likely to get repeated. Who knows what else would
happen this time.
- Use "hijackthis" to find problematic configuration entries, and clean up.
- Look up other articles that can help further.
Windows
XP Restore did not help. On booting with the XP disk, it would not give
a list of OS to choose. Instead it gave a Windows prompt.
The drive C: was shown as empty. Though I had a RAID-1 disk.
Chkdsk could not help because the disk was not recognized (or something to the effect).
Some
people have suggested that under this situation you have to essentially
reformat dis and reinstall the OS (thus losing all the data).
After some experimentation I found an alternative to chkdsk which was a big help. Here is a summary.
My machine had three problems:
1. My C drive was configured as an NTFS filesytem. This filesystem was corrupted. (See below how I found this out).
2. The five registry files mentioned in the following Microsoft article were corrupted.
http://support.microsoft.com/kb/307545
3. My machine was infected.
I
will describe my solution for #1 and #2 because that is relevant for
this thread. But to complete the recovery one has to clean the machine
too.
* Restoring NTFS filesystem
Normally chkdsk does
this. But as discussed above, chkdsk was not helpful in my case.
I
restored the NTFS filesystem using ntfsfix available with Knoppix (and
may be other Linux based recovery CDs).
- Download and burn a Knoppix CD (on another machine)
- Boot using Knoppix CD
- The desktop will have icons showing the disks recognized by Knoppic.
Since I had RAID drives using ISW format, I had four icons on my desktop named "isw..."
- Double click on the drive icons. The drive will be mounted in READONLY mode (if our drive can be mounted then its good news)
The icon will now be replaced by another icon showing the mounted drive.
- Browse through the filesystem of each drive, and find the one containing your WINDOW directory.
- Rightclick on the icon for the mounted drive. Convert it to 'READ-WRITE' (from READONLY).
At
this stage, Knoppix is likely to give an error that it cannot change
the drive to RW mode because the NTFS filesystem is corrupted.
The
message also says that you need to use chkdsk (on Windows) or else
use ntfsfix. This is how I learned that the NTFS filesystem was
corrupted.
- Now rightclick on the drive and unmount it.
- Open a terminal window (with the shell promt)
-
Use the command "ntfsfix". Use the command "man ntfsfix" to learn how
to use ntfsfix. In my case I had type the following command.
# ntfsfix isw
Notice the "isw" when I was discussing the desktop icons. The name of
the icon should give you some hint on the right parameter for you.
Don't
forget to read the disclaimer given by ntfsfix. Before you go further,
think whether you need to save any data from your disk.
If your disk is
mounted correctly by Knoppix, its your chance to backup data you need.
If ntfsfix goofs up, you'd lose this opportunity.
* Restoring Registry Files
I tried rebooting after doing ntfsfix, but still received the same error message about the SYSTEM32/... file not found.
At this point I could have tried using Windows XP Recovery and followed the steps in this MS article http://support.microsoft.com/kb/307545.
I
didn't attempt it. Once my boot failed, I went back to Knoppix and did
what is recommended in the MS article, but using Knoppix. Of course, to
make changes to the filesystem, it should be mounted in RW mode
(following the steps listed before).
I used another external drive to make backup of the registry files.
After restoring the four registry files, I was able to reboot.
* Caution when you reboot, if your machine is infected
-
Make sure you reboot in safe mode. If the infection was the cause of
your problem, it is likely to get repeated. Who knows what else would
happen this time.
- Use "hijackthis" to find problematic configuration entries, and clean up.
- Look up other articles that can help further.
LibreOffice
Firefox
No comments:
Post a Comment