The Blue Screen of Hive Death

Summary: Strangely, Microsoft's solution is to run software on a PC that won't run...


  • This is photograph of the PC that won't boot. The message says:"Stop: c0000218 {Registry File Failure} The registry cannot load the hive (file): \SystemRoot\System32\Config\SOFTWARE or its log oralternate. It is corrupt, absent, or not writable.Beginning dump of physical memory Physical memory dump complete Contact your system administrator or technical support group for further assistance"There isn't much time to read this message which is why I took a picture of it. Within a second or two of this flashing on the screen, the message disappears and the computer attempts to restart itself. So, I Googled the error message which led to a Microsoft knowledge-base entry(seen in the next image)

  • Here is the knowledge-base article Microsoft has on its Web site. At first, I thought the Guided Help section was a joke because it talks about installing software on a PC where you have administrative privileges while the title clearly acknowledges that the PC can't be booted. But it wasn't a joke. In case it meant "Install it on another PC," I went along with it and did exactly that.

  • Fix for blue screen of hive death


    With a BartPE CD, you can copy a recent set of registry hive files from system Volume information directly to \windows\system32\config (after backing up of course) - so you never restore the originals. Have used this successfully hundreds of times.

    You could do it from recovery console if you'd set the policy that enables access to whole of C: drive (rather than just root and \windows folder and below) - or by slaving drive in another machine.
  • You must know your DOS commands

    The reg hives are all hidden files, so to even see them you must
    use dir /a to see hidden files in a directory. Before copying the files you must remove the -R -S -H attributes.
    -R = Read only
    -S = System
    -H = Hidden
    You do this by typing at the command prompt.
    c:\attrib -r -s -h c:\windows\system32\config\software
    Removes read only, system, and hidden attributes.

    This will enable you to rename or copy or move, else you can't manipulate these files.

    I have recovered systems using this method.
    Good luck!
