Emergency Repair Process and NTOSKRNL.EXE
murat@muratyildirimoglu.com
If you have a problem with your NT system, for example a
crucial file is
missing or corrupt, Repair process can repair NT installations. Repair
process use an emergency repair disk (ERD), but if you don't have an ERD,
don't panic: Repair process can use the \repair folder also to repair such a
system.
Repair process scans the disks, finds the NT installations
and
locate the \repair folder under the \%systemroot%\ folder. But how does
Repair process determines that a folder includes an NT installation? NT can
be installed to any folder. Repair process tries to locate the microkernel
file, ntoskrnl.exe, under the folders, and if it finds one, it determines
the location of the NT installation. What if the missing file is this file?
Then, Repair process can not find an installation.
But there is a solution in
this case if your boot partition has the FAT file system. Simply
boot the system from a DOS or Win9x system disk, change to the NT folder and
then
to the system32 folder and create an ordinary file with a ntoskrnl.exe name.
Then repeat the repair process. This time Repair process can locate the
ntoskrnl.exe, checks it and determines that it is corrupt and replaces it
together with the other missing or corrupt files. If your file system is
NTFS you can't use this procedure: a DOS or Win9x system disk can not read
NTFS partitions. That's why it is a good practice to use FAT system in
system and boot partitions in NT.
In Win2K, Windows File Protection (WFP) monitors the ntoskrnl.exe and the
other crucial files and if it finds them missing or corrupt it replaces them
from the file cache in real time avoiding a repair process. And Recovery
Console in Win2K gives the reading and writing capability from a command
prompt even on the NTFS partitions.
Murat Yildirimoglu
MCSE, MCT