Repairing Corrupted Windows XP on Lenovo Laptop
I have a client with a Lenovo 3000 V200 laptop. Originally it came with Windows Vista installed, but client retrograded back to Windows XP Pro soon after purchasing the laptop. Today the computer started crashing at boot time. Trying to boot into Safe Mode also crashes the system.
I tried booting from a Windows XP Pro CD in order to do a repair re-installation of Windows XP. However, I never get an option to reinstall the OS. It will show the NTFS partition there with the options to delete that partition or reformat it before installing. I told Windows to install w/o altering the partition. As expected this installed Windows into a separate folder (Windows.0). I can now boot with no problem into that 2nd Windows. Once at the desktop, I installed and ran MalwareBytes and ComboFix to rule out malware as the cause of the crashes. ComboFix did remove some files and directories. However, I still can't boot into the first Windows install.
I'm guessing that there a corrupt driver file or Windows startup file that is causing the crashes. I do see a BSOD before the system crashes, but it flashes off in less than a second before the system reboots, so I can't read which file or driver is causing the crashes.
Would appreciate advice on how to proceed with this. How can I check the crash/error reports from that 1st install?
I tried booting from a Windows XP Pro CD in order to do a repair re-installation of Windows XP. However, I never get an option to reinstall the OS. It will show the NTFS partition there with the options to delete that partition or reformat it before installing. I told Windows to install w/o altering the partition. As expected this installed Windows into a separate folder (Windows.0). I can now boot with no problem into that 2nd Windows. Once at the desktop, I installed and ran MalwareBytes and ComboFix to rule out malware as the cause of the crashes. ComboFix did remove some files and directories. However, I still can't boot into the first Windows install.
I'm guessing that there a corrupt driver file or Windows startup file that is causing the crashes. I do see a BSOD before the system crashes, but it flashes off in less than a second before the system reboots, so I can't read which file or driver is causing the crashes.
Would appreciate advice on how to proceed with this. How can I check the crash/error reports from that 1st install?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Here is another odd thing. I tried running SFC /scannow and I keep getting prompted for the Windows XP Professional SP3 CD, which is what I used to install Windows. Well, that CD is already inside the drive! So why is telling me I have the wrong version of the CD installed?? Is it maybe b/c it doesn't match the CD that was used to originally install Win XP years ago (the version that is corrupt, not the one on Windows.0)?
Actually nevermind, the link is invalid.
Edit:
The download location for the boot CD got truncated. Of course, it needs to read: http://partedmagic.com
The download location for the boot CD got truncated. Of course, it needs to read: http://partedmagic.com
Sorry, I did not notice that you could actually boot the machine. In this case, ignore the first part of my answer.
You might as well get the dump files from the other installation, and post them here.
You might as well get the dump files from the other installation, and post them here.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
rrjmin0, I followed your instructions, then rebooted into the 1st Windows and it crashed. Now I do see *.dmp files in that directory, but there are none from today. They range in date from 3/10/09 to 6/24/11.
I don't understand how that can be? Seems like the crash info is not being written at all?
I don't understand how that can be? Seems like the crash info is not being written at all?
The first one may not have the setting to collect the dump files set. Copy the last one from the original and the ones from the second install so that we can see whats happening.
ASKER
The 2nd install doesn't show a Minidump folder. Guessing that's b/c it's not crashing. There are 6 files under Minidump in the 1st install, all of which I zipped and attached in post 37012259. Thanks.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Wipe & reinstall is not an option. Client needs laptop back soon and no way I have time to back up, wipe & reinstall inside of 2 hrs. Not to mention all the programs loaded on there.
Anyone have other suggestions for me?
Anyone have other suggestions for me?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Torimar, that seems like a pretty good idea. However, replacing the registry of the original windows install will mean that all the application programs installed on there will no longer work, right?
Would there be a way to re-import just the application registry entries so that they will still be accessible?
Would there be a way to re-import just the application registry entries so that they will still be accessible?
ASKER
Oh wait. I just read your post more carefully, Torimar. I only need to import the SYSTEM hive, right?
Yes, that was my suggestion.
This way, you would not touch the software settings, only hardware and driver related keys would be replaced by a known working configuration.
No guarantee that this will work, but pretty good chances, given the fact that almost 80-90% of such boot crashes turn out to be registry related.
In your case, because of the malware cleaning, the crashes could also be caused by a deleted required system file, that's true. But maybe you will obtain at least a readable error output.
This way, you would not touch the software settings, only hardware and driver related keys would be replaced by a known working configuration.
No guarantee that this will work, but pretty good chances, given the fact that almost 80-90% of such boot crashes turn out to be registry related.
In your case, because of the malware cleaning, the crashes could also be caused by a deleted required system file, that's true. But maybe you will obtain at least a readable error output.
ASKER
Can I just copy & paste the new SYSTEM file into c:\Windows\system32\config
Or do I need to import that in using REGEDIT?
Or do I need to import that in using REGEDIT?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You can just copy and paste.
But you cannot do it directly, since the registry on a running system is locked. That's one of the reasons why you would have to use EruNT. It applies shadow copy to copying a registry in active use. You may then copy the copy made by EruNT.
But you cannot do it directly, since the registry on a running system is locked. That's one of the reasons why you would have to use EruNT. It applies shadow copy to copying a registry in active use. You may then copy the copy made by EruNT.
And don't forget to backup the original hive on the old system first.
ASKER
Thanks. Understood. I copied the entire c:\Windows\system32\config
i would run a ram and disk disk diag in this case, just to be sure about the basics - doing repairs on a bad disk is asking for more trouble
i suggest to download ubcd, and run memtest86+ for ram, and the disk diag for your diak brand
http://www.ultimatebootcd.com/
then we can proceed running a chkdsk on the drive to correct system problems
i suggest to download ubcd, and run memtest86+ for ram, and the disk diag for your diak brand
http://www.ultimatebootcd.com/
then we can proceed running a chkdsk on the drive to correct system problems
ASKER
Copying & pasting the backup of SYSTEM into the original Windows install did not solve the problem, although the boot process do go considerably farther. But in the end still resulted in a BSOD.
Nobus, that's a good point and something I thought of last night. So I ran Spinrite overnight to analyze/fix the HDD and it did find one unrecoverable sector. That's probably where the critical system file was located that is now causing the crash. Thanks Murphy's Law!!
Nobus, that's a good point and something I thought of last night. So I ran Spinrite overnight to analyze/fix the HDD and it did find one unrecoverable sector. That's probably where the critical system file was located that is now causing the crash. Thanks Murphy's Law!!
ASKER
Since copying & pasting the backup of SYSTEM into the original Windows install didn't work, how about if I copied and pasted the SOFTWARE section of the original Windows install into the current working Windows install. Would this allow me to run all the apps that are already installed on this system?
i have used spinrite also - try the free trial of HDDRegenerator, to see if it repairs it : http://www.dposoft.net/hdd.html
i found it repairs more than Spinrite does
i found it repairs more than Spinrite does
ASKER
Andrewmcc, your point is well taken (as well as others who suggested it)...9 out of 10 times, I just back up all the data, wipe the HD and reinstall the OS and all apps from scratch. Almost always the best solution in the long run. But now I'm obsessed with seeing if I can get the system working with these registry manipulations.
ASKER
Thanks, Nobus. Running HDDRegenerator now.
Hi,
Its cool re options.
Would suggest for speed and time wise, pull the harddisk if you an external caddy use to.
Do a chkdsk with /f /r on it.
Make sure the drive is physically intact and ok.
Quickly ghost the drive.
Then rename both the documents and settings, windows & windows.0 plus the program files folders to .bak or something similar.
Do a clean install into a new windows (c:\windows) install, as any other apps you might try to install will probably screw up if they detect more than one instance of a windows folder on the root.
Also, have you tried a safe mode boot via system log, ie. loading the services and drivers etc one by one, to see what is actually causing the original install to crash / bsod?
Ghost it now and you'll have time to play around with the image on another system later if need be.
Its cool re options.
Would suggest for speed and time wise, pull the harddisk if you an external caddy use to.
Do a chkdsk with /f /r on it.
Make sure the drive is physically intact and ok.
Quickly ghost the drive.
Then rename both the documents and settings, windows & windows.0 plus the program files folders to .bak or something similar.
Do a clean install into a new windows (c:\windows) install, as any other apps you might try to install will probably screw up if they detect more than one instance of a windows folder on the root.
Also, have you tried a safe mode boot via system log, ie. loading the services and drivers etc one by one, to see what is actually causing the original install to crash / bsod?
Ghost it now and you'll have time to play around with the image on another system later if need be.
ASKER
Thanks Andrew. How do I force a a safe mode boot via system log?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If the objective is to get a working laptop with os running, basic apps installed and gives the client time to do what they need to do, then I would suggest using a licensed copy of ghost, image the old drive, install ghost onto the laptop, then make a complete image of the old drive and copy that image onto the laptop, so you should be able to both access the data at the same time as being able to possibly restore what you can in the mean time.
(Had the same predicament some time back, ended up doing that as client refused to buy another drive)
(Had the same predicament some time back, ended up doing that as client refused to buy another drive)
any results from HDDReg ?
ASKER
Nobus, HDDReg scanned the entire HDD and reported 0 bad sectors, which I thought was odd b/c Spinrite did find 1 unrecoverable sector ealier. Maybe b/c Spinrite marked that bad sector off the FAT and so HDDReg didn't see it??
In any case, I had to get the laptop back to the client yesterday as he was leaving the country. The Windows.0 boots up with no problems. I created a shortcut on the desktop to his data. He will have to reinstall his applications.
So this was pretty much another case where backing up data, wiping and reinstalling from scratch would have been the best solution if there had been enough time.
Thank you to everyone who contributed their advice.
In any case, I had to get the laptop back to the client yesterday as he was leaving the country. The Windows.0 boots up with no problems. I created a shortcut on the desktop to his data. He will have to reinstall his applications.
So this was pretty much another case where backing up data, wiping and reinstalling from scratch would have been the best solution if there had been enough time.
Thank you to everyone who contributed their advice.
>> which I thought was odd b/c Spinrite did find 1 unrecoverable sector ealier << it probably repaired it
and yes, fresh install is always the best
and yes, fresh install is always the best
Hi
Hope advice was helpful.
All the best.
Hope advice was helpful.
All the best.
ASKER
Nobus, is HDDReg your first choice for repairing HDs? Spinrite has a great reputation but it has yet to come through for me in all the times I've used it to try to repair a HD or recover data.
Brother, Remove the hard drive and do a manual system restore, that fixed the issue many times for me.
If you need to know how to get it done let me know.
you will need a sata or IDE to USB adapter and a working computer do so...
If you need to know how to get it done let me know.
you will need a sata or IDE to USB adapter and a working computer do so...
Yes it is; i used to have spinrite - but found HDDrge faster, and repairing more than spinrite
hddreg repaired up to now about 6 drives of the dozen or so i tried it on - zilch with spinrite (but it can be a coincidence) - i still use it for maintenance
hddreg repaired up to now about 6 drives of the dozen or so i tried it on - zilch with spinrite (but it can be a coincidence) - i still use it for maintenance
ASKER
Crackx2008, how does one do a "manual system restore"?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Crackx2008. That sounds like it could be useful next time I come across this type of situation. I would also need to copy over the entire "Program Files" folder from the old HDD as well, in order to avoid having to reinstall all the applications on the new HDD, right?
That is right my friend... You got it :) good luck man!
That is right my friend... You got it :) good luck man!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
My initial post is my final recommendation. Thanks!
ASKER
Sorry for the delay, guys. I will assign points & close. Thanks.
Unfortunately, XP does not have a startup repair option, from boot or by CD. However, this link shows a Microsoft diagnostic utility (30- day trial) that might help. It should enable to you activate System restore which may fix the problem by rolling back the machine to a workable time.
http://www.winhelponline.com/blog/perform-system-restore-rollback-on-non-bootable-xp-computer/