Having run Vista 64 Ultimate for 4 months without a problem I recently restarted the machine after installing and running Diskeeper 2008. Upon restart I was, as usual, prompted to enter my password only to receive the following message:
The user profile service service failed the login. User profile cannot be loaded.
I restarted the system several times attempting to boot in any of the other ‘modes’ such as ‘safe mode’, to no avail. The system would seem to crash out whenever hitting the ‘crcdisk.sys’ file causing the system to subsequently restart and round the wheel spun.I would like to add that I have never had any problems relating to the startup of Windows Vista since my initial setup and having been a heavy windows user for 9 years, thought I had just about finally clocked how to avoid these kind of heart-sinking problems. No such luck.
Having checked online for solutions to this problem I discovered that although not widespread, it was all the same a recurring problem for others. It seemed as though it was caused by the user profile file being given a .bak extension, meaning one could theoretically log-in as another user, update the file by deleting the extension and rebooting, which was not an option for me as I had only 1 profile. Altogether, it seemed to clearly indicate that the error was directly linked to the user data file. I will quote Nigel’s Blog where you can read more on this:
After much googling I found out that the critical files are under
c:\users\MYUSER\ntuser* . Crucially the “ntuser.dat” file is actually a registry hive, so my running “REGEDIT”, selecting HKEY_USERS in the nav, then “load hive” from the menu, I could browse my settings. So the file was not corrupt, it was there.
What now? Well I found additional registry entries with REGEDIT under:
There was 1 line for each profile. Crucially if a profile is bad there are 3 things worth checking
a) Ensure the key name doesn’t end in “.bad”
b) Ensure the RefCount value is 0
c) Ensure the State value is 0
Having done the above, the profile then worked fine, and I’m now back up and running with all settings intact.
I had noticed when looking at the profiles on the machine, that one of them was in Backup state. Never heard of that, no way to change it in the GUI, and nothing came up on a Google search. I went to HKLM\Software\Microsoft\Windows NT\Current Version\ProfileList\, and State was set to 0x8000. The other account that I could log in with had a state of 0x0, so I changed this one to the same, and I could finally login.
Neither of these solutions were a possibility for me because after attempting to start-up in ‘safe mode’ (third restart) I could neither get to the login screen nor could I login as another user even if I were to reach it. So I went for the ‘Repair’ with the Installation disk. The Vista installation was not found?? None-the-less, I pressed ‘next’ and ran the ‘Startup Repair’ option all the same (though I may have been able to repair the profile file using command prompt off the installation disk too).
All tests performed absolutely fine but at the end of the report was an entry displaying the ‘Root cause’ of the problem which was ‘System Volume on Disk is Corrupt’. The ‘repair action’ taken was ‘File System Repair’ (CHKDSK) and was completed successfully.
Ironically, it was only after CHKDSK ran that this problem popped up as Diskeeper 2008 wanted to run CHKDSK before it could manage the Vista volume (c:).
No joy, the system boots without crashing and restarting, but now freezes before reaching the login screen without disk activity. What next (after 2 attempts)? Let’s try ‘Safe Mode’ again…
Freezes at the same point. Grrrr… Ok… back to the recovery disk I guess. The last thing I want to do is reinstall!
Well at least the Vista installation is recognised this time around. I leave it highlighted and continue. Once again I am presented with the same 5 options:
- Startup Repair
- System Restore
- Windows Complete PC Restore (from backup)
- Windows Memory Diagnostic Tool (memory hardware errors)
- Command Prompt
I know it’s not a memory problem as I happened to do a memory test only a couple of days ago, I don’t have a Vista backup and Command Prompt is scary (too much jargon!) :-p I want to try the Startup Repair again because restoring my PC to an earlier date can also be a little scary. I have heard of strange things happening when restoring a system even though I have never had such problems. I can always come back to it if the problem is not resolved with another ‘Startup Repair’.
‘Boot status indicates that the OS booted successfully’
I guess I’ll have to go for the restore…
‘No restore points have been created’.
This must be diskeeper’s doing!
Only 1 option left for me. I must somehow figure out how to use ‘Command Prompt’ to edit that blasted registry entry. But the login screen does not display any longer… Will that even help?
Entering Command prompt and typing ‘regedit’ was magical; an actual graphical interface version of the program opened, just as you would have had you been logged into windows itself! My RefCount was set to 1, so as I had read that this should be set to 0 (zero)(as quoted above) I changed this entry, exited the registry editor and I am now restarting…
As I was afraid, no luck, a black screen before displaying the login screen remains.
Google tells me this may be a virus hijacking the ‘winlogon.exe’ file and replacing the original with ‘winlogon2.exe’. Let’s see if these 2 files exist… Back to the CD…
I could not browse the c: drive so I located the file on the installation CD and just went ahead and overwrote the winlogon.exe file on the c: drive with the file on the CD (because it happened to be in the same location) by typing the following in the command prompt:
copy winlogon.exe c:\windows\system32\
Exit. Restart. No change. Same black screen before logon/login. I’m getting desperate here… Maybe It’s not that file that’s corrupted or hijacked. I found the following entry elsewhere:
Normally I’d suggest connecting the hard drive to another computer and access it that way, but without knowing what malware we’re dealing with it’s possible it would self-propagate to the other computer. Thus, I’d suggest using another computer to download/burn a Linux distro LiveCD, such as Ubuntu. You can boot to it, and then use a Linux-compatible antivirus application, such as Avira AntiVir, to scan your hard drive. After you’ve removed any malware found you can try running SFC again from the Vista DVD’s command prompt, hoping it works out this time. If not you may have to turn to file recovery and prepare for a hard drive wipe as Vista lacks XP’s convenient repair installation feature, but you will be able to get your files back, provided the malware hasn’t destroyed them.
Lucky me… My Ubuntu CD won’t startup with my ATI X800 graphics card neither normally or in VGA mode!! This is getting just ridiculous now. I even had the software downloaded and ready to install from pen drive.
I’m going to try and run SFC.exe (Microsoft Windows Resource Checker) anyway…
Command prompt from the route directory (get there by typing ../../ and pressing enter):
Windows Resource Protection could not perform the requested operation
How about a verification only? Same response.
I’m about to pull my hair out.
sfc /scanfile=c:\windows\system32\kernel.dll /offbootdir=c:\ /offwindir=c:\windows
Fed me with:
Windows resource Protection did not find any integrity violations.
I’m running out of options fast here and fear a reinstall may be lingering on the horizon.
1 hour later and almost 6 hours since the problem started, I give up. I’m reinstalling. I’m so glad I had just backed everything up. All that I’ll lose are the installations and settings.
If anyone has any suggestions for what I could have done otherwise, please, for the sake of any others out there who face the same problem, post a reply 😀
Quote from Windows Vista’s Installation presentation whilst it checks performance:
Spend less time fixing problems and enjoy a faster, more secure online experience.
It’s not funny anymore Microsoft.