Administrator Password Rejected BSOD

I am trying to fix one of my Work laptops, It is getting a stop error on start up and reads as:

STOP: c0000218 {Registry File Failure}
The Registry cannot load the hive (file):
\System\System32\Config\SOFTWARE or its log or alternate.
It is corrupt, absent, or not writable.

Beginning dump of physical memory
Physical memory dump complete.
Contact your system administrator or majorgeeks.com for further assistance. :cool

So I was going to try:

md tmp
copy C:\windows\system32\config\system C:\windows\tmp\system.bak
delete C:\windows\system32\config\system
copy C:\windows\repair\system C:\windows\system32\config\system

or

md tmp
copy C:\windows\system32\config\software C:\windows\tmp\software.bak
delete C:\windows\system32\config\software
copy C:\windows\repair\software C:\windows\system32\config\software

in the Recovery Console, but now.. when I try to enter the drive to do so, it is prompting me for a password, I am pretty sure it is not the windows account login password, because I've tried that, and it does not work.

The laptop is Dell Latitude D620 and it has Windows XP OEM.

Any Ideas? Please help me, because if I don't get this fixed, then I won't be able to hang out at the water cooler anymore. :cry

 

Hello,
Can you go into safe mode and then do a system restore to a previous date?

 

Sorry, I forgot to mention that, it gives the same error when attempting to get into safemode as well.

 

Have you tried leaving the password blank? And just pressing ENTER?

 

Yes, I have.. I've tried all weekend trying to guess what it may be, including leaving it blank. I am starting to wonder if it has something to do with Dell's installation of the OS.

I will give you a more detailed description of the screen right now, I am booting it up.

 

Also, I think this the article you're reading, if not, you may want review it:

http://support.microsoft.com/kb/307545

 

Ok

 

If you can't remember the password, Remove it!

Here's a free tool BootCD that can do it

direct download : http://www.hirensbootcd.org/files/Hirens.BootCD.10.5.zip

Burn this from a working computer.

Active Password Changer 3.0.420: To Reset User Password on windows NT/2000/XP/2003/Vista (FAT/NTFS).

This is the program you're going to need to use
It's in the DOS Tools programs section
..Password Tools
...Active Password Changer 3.0.420
....Select logical drive: (your windows installation directory)
.....Search SAM Databases..
......Found (yay)
.......Highlight Administrator and press Y to clear its password

Something like this.. I'm just doing it off my head right now


Make sure you download the 10.5 version. I think they stopped including that password remover in the 11.0+ versions

 

http://img825.imageshack.us/img825/299/1000386o.jpg

 

K, will try that now and tell you how it goes, thank you

 

I have these options within the DOS tools section:
1 Partition tools
2 Backup tools
3 Password & Registry tools
4 Recovery tools
5 Testing tools
6 Hard Disk Tools
7 System Info Tools
8 Custom Menu

-

When I go into the password and reg tools it has
1 offline password changer
2 kon-boot (to bypass password)
3 atapwd 1.2 hdd password utility
4 NTPWD
5 Registry Viewer/Editor 4.2

any ideas?

 

Also, is there a way for me to recover the registry or do the recovery console commands I had posted in my previous post

in WindowsXP mini? or another cd mounted OS?

 

I think you have the incorrect version of Hiren.

http://www.hirensbootcd.org/hbcd-v105/
Towards the bottom, Right mouse click Hirens.BootCD.10.5.zip
Save As.
Don't left mouse click it, it tends to want to redirect you to the 14.0 Download page. ;\

And yes, you can recovery registry from MiniXP.

 

So I found out something, and it may prove to be a challenge, I don't know if any of you had encountered this problem before.

 

Did Hiren 10.5 not work for you :confused

 

It worked, I just got it working, but now I am getting this:

copy C:\windows\system32\config\software C:\windows\tmp\software.bak
"This file could not be copied."

any ideas?

 

Is it possible to do a system restore the regular way within mini-XP? I am not familiar with mini-XP but I know you can do a system restore using a UBCD4 Windows disk.

http://www.icompute.info/repair_windowssystem32config.htm

 

Why not just try getting a SOFTWARE file from the c:\system volume information folder? Sort the folder by details and date modified, and pick a folder from 2-3 days from your newest folder.

Open the snapshots folder inside
Copy the SOFTWARE file to c:\windows\system32\config folder. You will have to rename it to just "SOFTWARE". I can't remember what prefix it comes with in the snapshots folder.

If SOFTWARE is already in that folder, overwrite it.

This is done from miniXP btw.

My guess on why this command isn't working is because software.bak doesn't EXIST in that folder. Sometimes when they get "corrupt", they are in fact even missing from the folder.

 

Not that I know of. I've only just manually replaced snapshot files, not a complete restore like you're most likely thinking.

 

I fixed it, after I got the error that the Software.bak file could not be copied, I decided to try chkdsk /r, I sat there staring at it for like an hour after it cycled through the percentages several times, I ended up falling asleep waiting for it, when I woke back up, it said it was complete, and I typed /exit, it rebooted the computer and Windows started.

Thank you for your help thisisu :drool:drool:drool

 

Good news

You're welcome

 

I'm encountering a more trivial but annoying problem now though, I am getting a crash error stating: "Windows Genuine Advantage Notification has encounter a problem and needs to close." etc.

The OS is genuine, I am positive about that, but why am i getting this error? D:< and how do I fix it?

 

There is WGA Validation and Windows Genuine Advantage Notification which is something different. WGA Notification is not required and can lead to problems and on top of that, it is always phoning home to Microsoft at startup. Try this utility to remove it.

http://majorgeeks.com/RemoveWGA_d5170.html

Edit: I would recommend that you create a restore point before you do this. I did this on my machine and did not run into any problems but it always pays to be careful.