Ntoskrnl.exe problem

Unfortunately, I am back.

Started a thread, that I can't find, a while ago here. I was having a hard time logging into a buddy's computer. Kept getting the message that the ntoskrnl.exe was missing or corrupt. This was after he opened the attachment from 'UPS' about his package. Yeah, he did.

Using the XP sp3 cd, I ran chkdsk /r, then did a repair install of windows off the disk. Got in, ran the anti-malware routine and came up clean.

He takes it home, fires it up, and same darn message.

Brings it back. I say the heck with this. I had grabbed all his personal files off while I was in there running the malware stuff, so I tell him let's just do a clean install.

So we do. I ran the long format option reinstall. Boots up. Run all the updates. Load a bunch of software. He takes it home.

Yup, the ntoskrnl.exe is missing or corrupt again. Huh? Really? Wow man.

So I am thinking that something about a full shutdown and cold restart is involved.

Perhaps something is hiding in the bios? Does anything survive a xp install disk format on the drive?

I am considering, as my next attempt, to remove his hard drives (raid 1), hook each to a computer independently, and format each one. Then reassemble the computer and re-install windows.

Could this be hardware related?

Any thoughts appreciated. I am about to start pulling my hair out......

Thanks

Slider

 

Did know if you used the recovery partition or if you deleted all existing partitions OFF the hard disk before reinstalling Windows XP?

What software did you load?

Could be a BIOs infection.

If you delete all partitions first, then no.

Sounds like a better idea.

Yes, perhaps one of both hard drives are failing, especially if you are certain you wiped out all partitions off both drives before reinstalling Windows.

 

I deleted all partitions before installing XP sp3.

Software I loaded was Office 2010, which we own. MSE. Java, Adobe Reader X, Adobe Air, and Adobe Flash. Loaded the Internet driver of course. Installed all the updates that Windows Updated wanted, through the Control Panel - Windows Update. Also loaded a specialty Autocad we own, from CD. I am confident our software isn't compromised, as I have several other computers running it with no issues.

As to the hard drives failing, the setup is a raid 1, so even if one is tanking, shouldn't be an issue. Both tanking at the same time? Man I hope not. And don't think so. I was starting to figure out a pattern to get in. Pattern is this.

Load the recovery consule from the slipstreamed XP cd with the raid drivers on it. It would load me into drive D. CD C: and then run chkdsk /r from there. Sometimes it hangs at 50% complete, but that didn't seem to matter. Then, next time I would load in, the computer would see C instead of a problematic C and a D, basically it would see the drive pair as one disk. Then I load the windows repair install and run it, and boom, I am back in. Soft boots seem to work ok at that point. Run a bunch of anti-virus stuff and it is clean and give it back, which involves turning it off, and he gets home and - - - ntoskrnl is corrupt or missing again.

Unreal.

So thoughts on a way to proceed? I don't know how hard it is to reset the bios, or how to make sure it is done in a way that would hose an infection off the bios. If it isn't too hard, I am leaning towards doing that to be on the safe side. Then pulling the disks, and formatting them on another computer before reinstalling and reloading xp. Have viruses ever been able to hop off an infected disk when it is hooked to another computer like I am thinking about? I would hate to infect MY computer just hooking his drives to try to format them...

Thanks

Slider

 

Thinking more about the dying drives angle.

When he brings me the computer, I boot it several times trying to get in without going through the hassle. Inevitably I end up in one of two places. Each boot ends with either an auto-reboot loop, or that ntoskrnl error. And the two don't overlap. But that has always been from soft-boots. I haven't done a bunch of hard boots in a row.

Anything I can do to test the drives? Perhaps if they are hooked to my computer? IF that's safe.....