3
   

Registry File Failure - Won't Boot

 
 
cjhsa
 
Reply Wed 25 Feb, 2004 02:13 pm
When we booted up the home machine last night, we got this:

Stop: C0000218 {registry file failure}
The registry cannot load the hive (file)
\systemroot\system32\config\software
or its log or alternate.
It is corrupt, absent, or not writeable.
Beginning dump of physical memory.
Physical memory dump complete.
Contact your system admin....

Well, that would be me. So, I contacted someone with more Windows XP knowledge (XP Home). We wound up booting off of the XP CD and trying to run a recovery. When it booted, it asked for the admin password. I simply hit enter, and it let me in to the C:\WINDOWS> prompt. The two of us then messed with the files SAM, SECURITY, SOFTWARE, and a couple others, first making backup copies of the existing ones. We copied in replacements from C:\WINDOWS\REPAIR. Now, when the system tries to boot, it is complaining about a mismatched password and simply looping. If I boot from the XP CD, it's also asking for a password and it's no longer just "Enter". What the heck?
  • Topic Stats
  • Top Replies
  • Link to this Topic
Type: Discussion • Score: 3 • Views: 3,872 • Replies: 6
No top replies

 
cjhsa
 
  0  
Reply Wed 25 Feb, 2004 02:39 pm
Help! Anybody??????
0 Replies
 
safecracker
 
  1  
Reply Wed 25 Feb, 2004 03:18 pm
I'm not sure about which problem to comment on but heres how to fix the password problem.

First you will need 3 programs:

Knoppix (STD version will work fine) = Knoppix
LC4 = LC4
SAMInside = SAMInside

Once you have all these programs then here is what you will need to do.

1. Boot up knoppix and copy the SAM and SYSTEM file off of remote machine. You will probably have to burn them to a CD.
2. Boot up windows on local machine and run SAMInside. If you have full version of SAMInside you will not need LC4 but LC4 is, well you know.
3. Import the SAM file into SAMInside and it will then tell you to import the SYSTEM file.
5. Now Export the results to a PWDUMP file.
6. Run LC4 and import the PWDUMP file you just created.
7. Begin Restore process.
8. You should now have all passwords to the users on the remote machine.

Now the reason why you have to have the SYSTEM file.

Windows 2000 and XP has what is called SYSKEY which is basically encryption that is used on the passwords hashes. If you were to load up LC4 and import the SAM file you would see the users and it would try to restore the passwords but it would fail. The SYSKEY is stored in the SYSTEM file therefore SAMInside takes the SYSKEY out of the SYSTEM file and uses it to get the corrent hashes from the SAM file.
0 Replies
 
cjhsa
 
  1  
Reply Wed 25 Feb, 2004 03:21 pm
Sounds like it might just be easier to reinstall from scratch!
0 Replies
 
Monger
 
  2  
Reply Wed 25 Feb, 2004 10:00 pm
much easier way to reset the admin password:

go to www.pchelplive.com
go to the downloads page
download the NTFS Boot disk for password recovery/reset

if you have trouble using it lemme know
0 Replies
 
safecracker
 
  1  
Reply Wed 25 Feb, 2004 10:13 pm
Ya my way is more for doing it rogue style.
0 Replies
 
cjhsa
 
  1  
Reply Thu 26 Feb, 2004 11:36 am
Wound up reinstalling. But thanks for the tips, I'll keep them under my hat. Using Windows, it's likely they'll be needed again.
0 Replies
 
 

Related Topics

Clone of Micosoft Office - Question by Advocate
Do You Turn Off Your Computer at Night? - Discussion by Phoenix32890
The "Death" of the Computer Mouse - Discussion by Phoenix32890
Windows 10... - Discussion by Region Philbis
Surface Pro 3: What do you think? - Question by neologist
Windows 8 tips thread - Discussion by Wilso
GOOGLE CHROME - Question by Setanta
.Net and Firefox... - Discussion by gungasnake
Hacking a computer and remote access - Discussion by trying2learn
 
  1. Forums
  2. » Registry File Failure - Won't Boot
Copyright © 2024 MadLab, LLC :: Terms of Service :: Privacy Policy :: Page generated in 0.09 seconds on 12/03/2024 at 11:07:27