Hi,

last week a customer had the problem that its PC won’t start, The computer performs a reboot loop into the recovery environment

Within the recovery environment I disabled the boot to WinRE to see what’s the root cause.

List all enties. Usually there Windows boot loader entry:

X:\> bcdedit /enum
...

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows Server 2016
locale                  en-US
...

and disable WinRE for this entry

X:\> bcdedit /set {current} recoveryenabled No

During the next boot a Bluescreen occurs:
\windows\System32\config\system “The operating system couldn’t be loaded because the system registry file is missing or contains errors.”

After booting with Windows PE I took a look in the “\windows\System32\config” folder. The registry hives (files) DEFAULT, SAM, SECURITY, SOFTWARE and SYSTEM only have a size of 8192 Bytes and there were Files with a 1, 001 and 002 suffix.

C:\windows\System32\config > dir
...
DEFAULT001
DEFAULT002
DEFAULT1
...
SAM001
SAM002
SAM1
...


On a reference system these files does not exists and these files had a greater size. Seems there went something wrong:

I used the ShadowCopyViewer and copied from the latest restore point all files


DEFAULT
DEFAULT.LOG1
DEFAULT.LOG2
DRIVERS.LOG1
SAM
SAM.LOG1
SAM.LOG2
SECURITY
SECURITY.LOG1
SECURITY.LOG2
SOFTWARE
SOFTWARE.LOG1
SOFTWARE.LOG2
SYSTEM
SYSTEM.LOG1
SYSTEM.LOG2


back and deleted the DEFAULT001, DEFAULT002, DEFAULT1 and so on.

Michael