Before I get started, some resources:
I’m looking at a friend’s laptop for him. It boots, gets past the progress bar, but before login or a desktop, the screen goes black with a cursor present which can be moved. There are multitudes of threads and posts about this issue over the internet, ranging as far back as 2006 and as recently as last month (May 1010). Although the symptoms are similar, from what I can see there are several causes each with different fixes.
For example, if the login screen comes up and there is a black screen after, it may be possible to hit Ctrl+Shit+Esc together to bring up Task Manager, from there do File->New Task (Run…), explorer.exe. This will bring up the desktop etcaetera, from where you can run other tools to repair the issue.
Advanced Startup Options Menu
Hit F8 while the computer is booting to bring up this menu. It has a number of potentially useful options, and is probably the easiest and lowest-impact to try first. The following options from that menu have been reported to work for some:
- Safe Mode (with Networking / Command Prompt)
- Enable low-resolution video (seems to help with nVidia driver update issues)
- Last Known Good Configuration
- Disable Driver Signature Enforcement (helps with some other driver errors in HP laptops, if I remember correctly)
It may also help to choose the Enable Boot Logging option, which should create a file called ntbtlog.txt containing info that might point to the driver or component that is causing issues.
Using the Windows System Recovery tool
The first option on the advanced startup menu listed above is “Repair your computer”. This starts a graphical interface with a number of options which may help.
You should try to do a system restore first, if it is enabled. If it isn’t enabled, make sure to enable it when you fix the problem! Click the “System Restore” option on the menu (second item) and choose a restore point from when you believe your computer was previously functional.
It may be a registry issue. In some cases, it would appear the Shell entry is corrupted. You can sort it by doing the following:
- Turn on the computer
- As it boots, press F8 to bring up the advanced boot options menu
- Select “Repair Your Computer”
- From there, login to an admin account (eg Administrator)
- Select the bottom option to launch a command prompt
- type regedit and hit enter
- Navigate through the following keys:
- One you are at
Winlogon, there should be an item on the right panel that says “
Shell“. Right click this, and select edit.
- Change the value to explorer.exe. If this is already present, this is not your issue!
NOTE: If you try this from the “Repair Windows” option on a Windows Vista install DVD or recovery DVD it won’t work, as that seems to edit the registry on the disc (you will see
cmd.exe /k start cmd.exe or similar for the Shell key). For me the “load hive” option was greyed out, if isn’t for you, you can open C:\Windows\system32\config and edit the local registry).
It might be a long shot, but the startup repair option might help. It is the first option on the System Recovery menu.
It is unlikely that your RAM is causing this problem, but it is useful to know that Vista does have a tool to check memory, and it can be accessed through the System Recovery tool. I didn’t know this until today, having previously used memtest+ x86 included on Ubuntu LiveCDs.
Chkdsk / SFC (Updated 2011-07-16)
From the command prompt provided by the System Recovery tool, you can also try running
chkdsk /r C: to run a disk check. Running
sfc /scannow /offbootdir=c:\ /offwindir=C:\windows should do a verification of ‘critical windows files and components’, but I could not get this to run as it complained about needing to reboot with an active recovery ongoing – I guess it can’t be run via the system recovery tool.
Renaming Event Viewer Log Folder / Prefetch Folder
(See the good post by ubman on technet here)
There are reports that a problem with the event viewer service can cause this black screen on login. To work around this, start up a command prompt through the recovery tool as above. Then execute:
ren Logs LogsBad
Another report claims PreFetch can cause the issue. Now, the folder for PreFetch can be deleted as Windows will recreate its contents as needed. However, should you wish to keep a backup, start p a command prompt as above and run:
ren Prefetch PrefetchBad
Apologies for the brevity here, these items I quickly jotted down but I am not able to try some of them myself.
Also on technet, zorglub1789 claims broken file permissions were the cause of his woes. Using
icacls C:\* /grant builtin\users:(RX) /T
to grant read and execute permissions to all users.
If you can start safe mode, it may be worthwhile temporarily disabling UAC. If the security centre won’t run in safe mode from the control panel, I think it is accessible via the management console. Hold the windows key + R, then type in
mmc. I think you may need to add the Group Policy plugin / manager to MMC.
Another file to check on is
C:\wialog.txt. This may contain useful information for troubleshooting what is causing the problem.
Again, if safe mode works, msconfig may prove useful. Hold windows key + R, and type
msconfig. Then try disabling services, startup options and so forth until you get a working startup. From there you can work back to the cause of the problem. Apparently one to try is “Low Graphics Boot” (or similar), although I don’t know if there is a difference between this and the advanced startup (F8) option.
Basic Command-line Backup
If you have an external hard drive, and want to back up the C:\ drive, the following command will do that from a command prompt (see above for how to get a command prompt).
xcopy /h /i /c /k /e /r /y C: E:\backup
Where E: is the drive letter for your external hard drive.
Reset Administrator or other Windows Passwords
There is a tool at http://pogostick.net/~pnh/ntpasswd/ which is very handy for resetting Windows passwords should you not know them. I had to do it in this case as there was no documentation on the default password for this laptop (an Acer), and I can vouch for its utility. Note that you don’t need to know the password for this tool to work.