Procedure for Recovering Missing SYSTEM32 Folder

  • Thread starter Thread starter Will
  • Start date Start date
W

Will

Guest
I posted over many different threads a problem I had on a Windows system
where the SYSTEM32 folders suddenly disappeared, taking out the registry
with them. I recovered from this situation today as follows. I am
including this in a server thread because the recovery procedure would be
essentially the same (except for the lack of system restore points with
Windows 2003), and I am documenting for posterity.

1) I restored an old backup of the file system to a portable drive.

2) I restore an old backup of the system state to the same drive.

3) I booted the down system with ERD Commander and the portable drive
attached.

4) I copied over first the missing system files from several subfolders
under Windows including SYSTEM32.

5) I then copied over the system state files, except I did NOT copy over the
registry.

6) Finally, I used ERD Commander to inspect through the system restore
points hidden on the boot device, and I copied over the latest registry
files from the system restore. These all needed to be renamed, but thank
God they were not compressed or encrypted in some unique way to system
restore, and Windows was able to work with them on next boot.

7) I was at that point able to reboot the system.

8) I downloaded Windows XP SP3 and manually applied it. Windows Update was
NOT able to detect that the system state was older probably because I had
used an inconsistent (much more recent) registry in my recovery.

9) I ran Windows Update and applied all more recent updates.

10) I uninstalled and re-installed any device drivers that were complaining
on startup.

So far so good. The only casualty remaining is my Creative Soundblaster,
which refuses to uinstall without doing a blue screen, but that looks like
par for the course for Creative's drivers, which are generally way too
bloated and a nightmare to work with. I'm sure I'll overcome that one as
well if Creative ever responds to my request for a manual uninstall
procedure.

At this point I treat the system as suspect, and I'll plan on getting a
different system and doing a new install in the next six months. But for
now I have recovered enough functionality I can use the computer
productively and get another few months of service out of it.

Overall, this was a living nightmare to deal with. I would really
recommend to Microsoft that they expand the ERD Commander tool and give us a
much more robust environment for recovering failed systems. You shouldn't
have to do this much work to recover a computer.

I'd also recommend that Microsoft think more clearly about its licensing.
Windows operating systems are very fragile, overly complicated environments
in which one bad device driver install can render the whole OS unusable.
One Trojan that takes out a SYSTEM32 folder can make it impossible to boot.
It is not reasonable to only give people two reinstalls of one OS license
when the product fundamentally isn't up to the level of stability that such
an honerous license requires.

--
Will
 
Re: Procedure for Recovering Missing SYSTEM32 Folder

Thanks for the info!

JS

"Will" <westes-usc@noemail.nospam> wrote in message
news:RPidnRRZuelz2_XVnZ2dnUVZ_gGdnZ2d@giganews.com...
>I posted over many different threads a problem I had on a Windows system
> where the SYSTEM32 folders suddenly disappeared, taking out the registry
> with them. I recovered from this situation today as follows. I am
> including this in a server thread because the recovery procedure would be
> essentially the same (except for the lack of system restore points with
> Windows 2003), and I am documenting for posterity.
>
> 1) I restored an old backup of the file system to a portable drive.
>
> 2) I restore an old backup of the system state to the same drive.
>
> 3) I booted the down system with ERD Commander and the portable drive
> attached.
>
> 4) I copied over first the missing system files from several subfolders
> under Windows including SYSTEM32.
>
> 5) I then copied over the system state files, except I did NOT copy over
> the
> registry.
>
> 6) Finally, I used ERD Commander to inspect through the system restore
> points hidden on the boot device, and I copied over the latest registry
> files from the system restore. These all needed to be renamed, but thank
> God they were not compressed or encrypted in some unique way to system
> restore, and Windows was able to work with them on next boot.
>
> 7) I was at that point able to reboot the system.
>
> 8) I downloaded Windows XP SP3 and manually applied it. Windows Update
> was
> NOT able to detect that the system state was older probably because I had
> used an inconsistent (much more recent) registry in my recovery.
>
> 9) I ran Windows Update and applied all more recent updates.
>
> 10) I uninstalled and re-installed any device drivers that were
> complaining
> on startup.
>
> So far so good. The only casualty remaining is my Creative Soundblaster,
> which refuses to uinstall without doing a blue screen, but that looks like
> par for the course for Creative's drivers, which are generally way too
> bloated and a nightmare to work with. I'm sure I'll overcome that one as
> well if Creative ever responds to my request for a manual uninstall
> procedure.
>
> At this point I treat the system as suspect, and I'll plan on getting a
> different system and doing a new install in the next six months. But for
> now I have recovered enough functionality I can use the computer
> productively and get another few months of service out of it.
>
> Overall, this was a living nightmare to deal with. I would really
> recommend to Microsoft that they expand the ERD Commander tool and give us
> a
> much more robust environment for recovering failed systems. You
> shouldn't
> have to do this much work to recover a computer.
>
> I'd also recommend that Microsoft think more clearly about its licensing.
> Windows operating systems are very fragile, overly complicated
> environments
> in which one bad device driver install can render the whole OS unusable.
> One Trojan that takes out a SYSTEM32 folder can make it impossible to
> boot.
> It is not reasonable to only give people two reinstalls of one OS license
> when the product fundamentally isn't up to the level of stability that
> such
> an honerous license requires.
>
> --
> Will
>
>
 
Re: Procedure for Recovering Missing SYSTEM32 Folder


| I'd also recommend that Microsoft think more clearly about its licensing.
| Windows operating systems are very fragile, overly complicated
environments
| in which one bad device driver install can render the whole OS unusable.
| One Trojan that takes out a SYSTEM32 folder can make it impossible to
boot.
| It is not reasonable to only give people two reinstalls of one OS license
| when the product fundamentally isn't up to the level of stability that
such
| an honerous license requires.

Uhm... If you bought the retail version, you can install it on as many
machines as you want as long as you remove it from the previous machine.

If you bought OEM, that version is specifically registered to that PC and is
not permitted to be moved. That's why OEM is cheaper.
 
Re: Procedure for Recovering Missing SYSTEM32 Folder

On Sun, 29 Jun 2008 19:37:33 -0700, "Will" <westes-usc@noemail.nospam>
wrote:


> I'd also recommend that Microsoft think more clearly about its licensing.
> Windows operating systems are very fragile, overly complicated environments
> in which one bad device driver install can render the whole OS unusable.
> One Trojan that takes out a SYSTEM32 folder can make it impossible to boot.
> It is not reasonable to only give people two reinstalls of one OS license
> when the product fundamentally isn't up to the level of stability that such
> an honerous license requires.


I'd recommend that you make an effort to understand Microsoft's
licensing rules much better than you do. There is *no* limit of "two
reinstalls of one OS license." In fact, you can reinstall Windows as
many times as you want to. The only limits are

1. It may never be installed on more than one computer at the same
time.

2. If it's an OEM copy, not a retail one, it is permanently tied to
the original computer it's installed on, and may never be moved to
another. But even with an OEM copy, it can be reinstalled on the same
computer as often as desired.

--
Ken Blake, Microsoft MVP - Windows Desktop Experience
Please Reply to the Newsgroup
 
Re: Procedure for Recovering Missing SYSTEM32 Folder

"Will" <westes-usc@noemail.nospam> wrote in message
news:RPidnRRZuelz2_XVnZ2dnUVZ_gGdnZ2d@giganews.com...
<snippage>

> Overall, this was a living nightmare to deal with. I would really
> recommend to Microsoft that they expand the ERD Commander tool and give us
> a
> much more robust environment for recovering failed systems. You
> shouldn't
> have to do this much work to recover a computer.

Nor do you have to. There are plenty of backup and imaging utilities
available that make this kind of effort completely unnecessary.

<snippage>

> I'd also recommend that Microsoft think more clearly about its licensing.

Well, that's certainly something that they do.

> Windows operating systems are very fragile,

Not in my experience. But I don't allow my systems to become infected or
attacked, and I don't use hardware that comes with questionable drivers
unless I am being paid to test. And in that case, I image before
installation.

> overly complicated environments

All modern OS's are complicated environments, Windows is no different.

> in which one bad device driver install can render the whole OS unusable.

Backups are very useful things, yes. Especially if you are prone to
installing poorly written or test software.

I generally find a properly set up and maintained Windows system to be very,
very reliable. I have a number that run for years without reinstallation,
with a very high degree of reliability and minimal maintenance. These
systems *have* to be reliable, and they are.

> One Trojan that takes out a SYSTEM32 folder can make it impossible to
> boot.

Well, one might say that this system was not properly protected or
maintained - or backed up. What you are describing goes a long way
towards things that are the user's responsibilty, regardless of the OS.

And if you allow major damage to *any* OS, well, results won't be good.

> It is not reasonable to only give people two reinstalls of one OS license

Could you explain where you get the idea that you can install only two or
three times? It certainly isn't true.

Perhaps you misunderstand the difference between installation and
activation.

At worst, if you reinstall "too many times" you just have to make a
toll-free phone call for activation, and that takes about five minutes.

> when the product fundamentally isn't up to the level of stability that
> such
> an honerous license requires.

Again, I have a number of XP systems that are extremely stable and reliable.
And if I have to reinstall, I can do so with no problems.

I can also restore from my system backups.... in under half an hour.

I don't find the license onerous; yes, OEM licenses are limited to
installation one physical set of hardware, but there's no limit to how many
times it can be reinstalled on that hardware. Retail or VL versions don't
even have that restriction.

At any rate, thanks for describing another approach.

HTH
-pk


>
> --
> Will
>
>
 
Back
Top