Vista/S2008 Registry Corruption Recovery Trick #1001

The other day I wrote about a power outage in my office that resulted in Server 2008 registry corruption and a no-start condition, requiring the restoration of the system state from a backup. However, what if you don’t have a relatively recent system state backup? First, make a new year’s resolution to learn a little about WBADMIN and put it to work for you. Second, please read on, for here are two related tricks for recovering from registry corruption. The registry does have a transaction log file mechanism that Windows can use to attempt to repair damage. The problem is that Server 2008 has no convenient way to use that repair mechanism if you can’t boot your server into Safe Mode. What you can probably do, however, is boot your server into the Windows Recovery Environment (WinRE), either by using the Windows installation DVD, or a purpose-built CD, DVD, or flash drive that you may have created using the freely downloadable Windows Automated Installation Kit (WAIK). Once in the WinRE, first do a CHKDSK to make sure you don’t have physical disk problems. Next, open a command prompt and run REGEDIT. You’ll be working with the WinRE registry, however, not the one on your C: drive, so you’ll have to perform a “Load Hive” command with the registry files on the C: drive. (They’re typically located in the %systemdir%\system32\config folder, and most of the time it’s the SYSTEM file that’s damaged.) Interestingly, when you load the hive that’s suffering from corruption, REGEDIT can sometimes detect the problem and fix it from the transaction log files. You’ll typically see a notification to that effect. If so, all you have to do next is unload the hive (which saves it back out to disk) and you’re done. Try rebooting normally and see if everything is now copacetic. If you can’t lay your hands on a WinRE boot device, then you may be able to perform a similar operation by physically removing the drive and hanging it off an existing workstation. (Obviously if you’re using RAID then this method won’t work.) Use one of those wonderfully convenient USB-to-IDE/SATA adapters that you can get from your favorite hardware supplier for $30 or so. The methodology is pretty much the same: check the drive for errors, then run REGEDIT, load and unload the hives, and see if you get a message indicating that the corruption has been handled.