So anyway, despite being a Linux fan, I still use Windows 2000 and XP on my desktop and laptop computers respectively. Maybe it’s because Linux’ Suspend-to-RAM doesn’t work on my desktop, and STR is a great feature: 5, maybe 10 seconds to return to the desktop you left a few days ago.
But as it is Windows, sometimes you need to reboot. The last few months (has it been a year already?), my Windows 2000 has failed to boot properly, with consistency. It blue-screens after the splash screen with IRQL_NOT_LESS_OR_EQUAL, saying ntoskrnl.exe did it. Not even safe-mode saves me from it.
The fix was hard to find, but easy to apply. Restore the WINNT\Config\SYSTEM from the backup, a file called SYSTEM.ALT. This can be best done on my xubuntu installation.
After wondering how the the 2 files differ, I did a diff, and figured out it’s mostly in the first 10 bytes. The SYSTEM file begins with regf (to signify that it’s a registry hive?), 2 bytes, 2 null bytes, and a repeat of the first 2 bytes after regf. The difference usually is those 2 non-null bytes. Replacing SYSTEM with SYSTEM.ALT – which has different magic bytes – almost always saves the Windows installation.
So my question is, what the hell is Windows doing? Why does it write bad bytes into the SYSTEM hive file, that makes it fail to boot. Or is it doing that on boot? WTF is wrong with you, Windows?