# ctrl alt delete not working at logon



## Siobhan Home

I can't logon to my home pc. If i hit ctrl alt delete it is no longer bringing up logon screen. Can it get in any other way? How can I fix if I can't get into computer. Keyboard has lights on so I don't think that is the problem?


----------



## jimmy

Hi, if this is a dekstop keyboard make sure there isn't anything stuck or any keys jammed.

You can try holding it for a few seconds instead just pressing.
Try ctrl + shift + esc.


----------



## Siobhan Home

nothing jammed 

still not doing anything

Is there any other way of getting into it?


----------



## jimmy

Switch on pc, then keep pressing f8, then choose last known good config.

If it still doesn't work, restart machine press f8 again and choose safe+safemode


----------



## AustrAlien

Siobhan Home said:


> I can't logon to my home pc.


Please describe the logon problem in more detail.


----------



## Siobhan Home

pressing ctlr+alt+del and normally login screen comes up and i put in password.

nothing at all is happening. There are lights on keyboard so i presume that is not the problem.


----------



## Siobhan Home

started it again and pressing f8 but it still does nothing


----------



## jimmy

If you have an XP disk, not a recovery disk but the XP disk with an image on it saying sp2 or sp3 etc.
Insert that disk, boot from it by pressing any key when it states. Let it load, press r at the first option to access recovery conosole, press 1 to choose installation of XP.

In there type
chkdsk C: /r
C: is replaced by the drive letter of local disk or when operating system is installed. It should be C: though.

If that doesn't work, you can try another keyboard, or finally you can use live cd to backup work and try a repair isntall or format completely.

I have read somewhere that this maybe related to a worm, did you have any protection prior to this?


----------



## jimmy

Also, again, try pressing f8 when pc is starting up, this time choose safe mode with cmd
if it allows you to login using this, then we can remove task manager.


----------



## DT Roberts

It's the keyboard. This is a desktop?


----------



## Ackdam

You keyboard is most likely dead or came loose. Check the keyboards connection to the PC. If the keyboard is wireless, check the batteries. If not and you can't get any lights to come on via pressing Caps Lock (Usually there are lights on a keyboard that light up when Caps Lock, Num Lock, etc are pressed) Then your keyboard is most likely shot.


----------



## jimmy

I would go with that also.


----------



## DT Roberts

Probably not loose. He says that he gets power to the lights. I just think that the keyboard's shot.


----------



## blandmc

I have the exact same issue.

Environment:
- Dell Latitude D616 Notebook
- WinXP SP3 OS
- Running McAffee and SPyware doctor for protection
- Always updated and always on protection

ISSUE
I was surfing a Chinese web site similar to ebay called TaoBao. They required I install something in order to view the no spam word confirmation - pretty common here.

The next day when I booted up the Notebook PC, it would not respond to Ctrl-Alt-Del sequence.
- mouse works
- keyboard is lit up
- both notebook keyboard and external keyboard have no effect
- If you go into the install menu, you can confirm the keyboards work, but this is no help as far as I can see
- I also tried the external keyboard on another PC and it worked there too, so keyboards are not the issue

SAFE MODE
- when booting into safe mode, same issue, it always starts with the login screen which requires Ctrl-Alt-Del, so you cannot boot into Safe Mode because you cannot login
- Choosing WIndows Safe mode with command prompt still just brings up the Crtl-Alt-Del required login... no help there since I cant hit Ctrl-Alt-Del to login

BOOT CD
- In trying to use the original Windows XP CD to boot, this is OK, but when you select the option to repair it just drops you into a DOS command and does nothing.
- I tried to type in the Windows Restore command:
c:\system32\restore\rstrui.exe but windows didnt recognize the command
- I tried CDing to the directory and typing the command rstrui.exe
again windows did not recognize the command.


Any other ideas? I have FAR too many applications on this machine to have to re-format it.

But if I have to reformat and lose all those Apps... anyone know a good way to grab the data from another machine?

Please help anyone!

Thanks!


----------



## AustrAlien

blandmc said:


> anyone know a good way to grab the data from another machine?


This might be what you need ... ?
Recover your files to an external USB hard drive
*Use Ubuntu Live CD to Backup Files from Your Dead Windows Computer*
http://www.howtogeek.com/howto/wind...backup-files-from-your-dead-windows-computer/
------------------

You said: "_when booting into safe mode, same issue, it always starts with the login screen which requires Ctrl-Alt-Del, so you cannot boot into Safe Mode because you cannot login_"
Does this mean that you do not get offered the chance to log into the "hidden" Administrator account at this point as well as your own account.
I wonder what happens if you hit Ctrl+Alt+Del twice instead of just once ?

Sorry, I am not too familiar with using the Ctrl+Alt+Del as a login security feature, which is what I am guessing that you are doing.

You said: "_In trying to use the original Windows XP CD to boot, this is OK, but when you select the option to repair it just drops you into a DOS command and does nothing.
- I tried to type in the Windows Restore command:
c:\system32\restore\rstrui.exe but windows didnt recognize the command
- I tried CDing to the directory and typing the command rstrui.exe
again windows did not recognize the command._"

The XP Recovery Console does look very much like a "DOS command" box. Unfortunately the "system restore" command does not work from the Recovery Console.

I have no idea whether or not this will help in your situation, but I will suggest that you do it anyway since it is the first step in trouble-shooting just about any problem. Boot from the XP CD and at the command prompt, which should be 
*C:\WINDOWS\>*
type
*chkdsk /r* and press <ENTER>
Allow it to run .... could take an hour ... could take much longer.
If there have been any errors found or repairs made then repeat chkdsk /r until there are no more errors found.
Type "exit" and press <ENTER> to restart the system.
Does that make a difference?

Edit: BTW it would have been better if you were to start a new thread of your own than to tack your topic on the end of someone else's old thread.


----------



## blandmc

why would I start a new topic when it is the same issue? That clutters the boards unnecessarily in my opinion.

In any case, thanks for your suggestions. I will give them a try. I appreciate the effort! If anything is successful, I will post back to the forum and advise.


----------



## blandmc

I tried the suggestion of running chkdsk /r.
First time: found 1 error, it said it fixed it
Second time: found no errors

I rebooted and tried to login - no change. 
Once you are on the login screen where it asks you to press Ctrl-Alt-Del, there is no response from pressing the keys on the keyboard.

If anyone else has any ideas, please do let me know.

Thanks so much!


----------



## rosiesdad

Try sfc /scannow


----------



## blandmc

Thank you for the suggestion. Just tried to use SFC, but unfortunately SFC is not a command that you can use from the restore utility.

I have no other way I know of to get a DOS prompt since I can't login.

Does anyone know how I can get to a regular DOS prompt so I can use SFC or RSTRUI?
Or any other ideas how to fix this?

In scouring the net, I see a ton of people with this issue, but I have seen no confirmed solutions.

Thanks.


----------



## AustrAlien

An off-line system restore can be accomplished using the instructions in the following link:

*System Restore from Recovery Console*
http://2pure.net/index.php?session=0&action=read&click=open&article=1150238652

It just might get you out of strife.

Edit: If a System Restore does not enable you to log in, then we should be able to edit the registry off-line using something like a BartPE boot disk, to remove the requirement to use the Ctrl+Alt+Del security feature.
That would be my next avenue of investigation, anyway.


----------



## AustrAlien

AustrAlien said:


> we should be able to edit the registry off-line using something like a BartPE boot disk, to remove the requirement to use the Ctrl+Alt+Del security feature.


Pursuing the above suggestion, I was able to find the necessary information and compile the following instructions (which I have tested on my machine). I would be most interested to see whether or not this provides a resolution to the immediate problem of accessing your system.

*Edit the Windows registry to enable/disable CAD/SAS requirement at login*
CAD = Ctrl+Alt+Del
SAS = Security Attention Sequence

Step 1
Build a BartPE bootable CD according to the following instructions:
*How to Create a BartPE Bootable CD Using PE Builder*
http://www.winhelponline.com/blog/create-bartpe-bootable-cd-using-pe-builder/

Step 2
Boot from the BartPE CD and load the registry hive as per the following instructions:
*How to edit the registry offline using BartPE boot CD ?*
http://windowsxp.mvps.org/peboot.htm

Step 3
Edit the Windows registry, using the information in the following link:
*How can I enable/disable the Ctrl-Alt-Del to enter logon information?*
http://windowsitpro.com/article/art...-ctrl-alt-del-to-enter-logon-information.html
*NOTE: This is the only information that you need use from the extracted text that follows:
_ 2. Move to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
3. Double click on DisableCAD (create of type REG_DWORD if it does not exist)
4. *Set to 1 if you don't want to have to press Ctrl-Alt-Del, and set to 0 if you do.*_

Complete extracted information is pasted below for your convenience.
_Windows NT 5.0 introduces the ability to remove the necessity of pressing Ctrl-Alt-Del, the Security Attention Sequence (SAS) to logon. By default on a workstation this is no longer needed however on a server it is still necessary but this can be configured with a single registry entry.
1. Start the registry editor (regedit.exe)
2. Move to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
3. Double click on DisableCAD (create of type REG_DWORD if it does not exist)
4. Set to 1 if you don't want to have to press Ctrl-Alt-Del, and set to 0 if you do. Click OK
5. Close the registry editor
6. Reboot the machine
Disabling this feature does not decrease the security of Windows NT. To gain access to the computer, users are required to log on to Windows NT with a valid user name and password. The Windows NT logon process suspends all other user-mode processes to protect the logon process and is the only process that can create the access tokens used by the Windows NT security system._

Step 4
_*Unload the hive*_ as per the instructions provided in the link at *Step 2*.
Extracted information is pasted here for your convenience:
_ 9. After entering the correct data, *you MUST unload the Hive*. To do so, select MyXPHive branch, and then in the File menu, choose Unload Hive. It's important to note that you'll need to *select the MyXPHive branch first*, before unloading it.
10. Quit BartPE and restart Windows. See if you're able to logon to your profile._

Remove the BartPE CD, and the computer should then start normally and display the "Log On to Windows" or "Welcome" screen according to the registry changes that were made. You should then be able to logon normally.
=====================

Other references of interest:

*Press Ctrl-Alt-Delete to Log In*
http://www.softwaretipsandtricks.com/windowsxp/articles/446/1/Press-Ctrl-Alt-Delete-to-Log-In
_I have not tested this with any version of Windows XP besides XP Pro. It might work in Home Edition or other versions.
If you do this, then you will get the "Press Ctrl-Alt-Delete to begin" box when you turn on your computer, before it asks for your username and password. It also asks for you to press Ctrl-Alt-Del before you can unlock your computer if you lock it. This is done by default in Windows 2000 Server or Windows Server 2003.
To enable the Ctrl-Alt-Delete boxes, open Regedit and go to
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
Create a new DWORD value and name it "DisableCAD"
The value should be set to "0"
That's it! Now you can log off to see the change.
(You need to disable the Welcome screen to get this)_
==============================

*Enable Ctrl+Alt+Delete through registry*
http://www.maxi-pedia.com/Enable+Ctrl+Alt+Delete+logon+screen+for+Windows+Vista
_In case accessing the Advanced User Accounts Control Panel or policy editor is not an option for you, you can modify the Ctrl+Alt+Delete setting directly in registry by changing the DisableCAD and LogonType registry keys. Go to the Start menu, click Run, type regedit, and hit ENTER. Then locate the following registry entry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
or alternatively
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
If you want to use the Ctrl+Alt+Delete windows logon screen, set the DisableCAD to 0 and the LogonType dword to 0 as well. 0 for the LogonType means Classic Mode Windows logon and 1 is for the Welcome Screen Windows logon screen._


----------



## blandmc

AustrAlien,

Thank you very much for your suggestions. 

1. I will try the System Restore from Recovery Consule from the 2pure.net site you recommended tonight when I am home from work.

2. I have also ordered a BART CD from avast and if #1 does not work then I will give that a go.

If anything I do successfully resolves my issue, I will certainly post back to let the community know what worked.

Thanks again!


----------



## blandmc

Still not working... Here's the update:

1. I did not yet try the system restore as I did purchase the avast! BART CD for $160 and I decided to give what I purchased a try first.

2. As for the avast! BART CD... here's what I did:
A. Put the CD into the drive and booted from CD.
B. I checked my entire system (several hours) with a thorough anti-virus check including archived files. avast! found 7 infections:
I. 3 x mp3 / WMA audio files my wife had downloaded
- Said the virus was "WMA:Wimad[Drp], COM & EXE infection"
- I deleted all 3 files
II. c:\hiberfil.sys 
- Said the virus was "Win32:VB-HOG[Trj], EXE infection"
- avast! failed to repair.
- I moved the file to c:\quarrantine\ for now since I assume avast! won't be able to delete it and I could do it manually later by turning off the function if I can get into my system, and then clean the machine fully, then re-enable hibernation.
III. c:\pagefile.sys 
- Said the virus was "Win32:VB-GC[Wrm], EXE infection"
- avast! failed to repair.
- I moved the file to c:\quarrantine\ for now since I assume avast! won't be able to delete it and I could do it manually later by turning off the function if I can get into my system, and then clean the machine fully, then re-enable virtual memory.
IV. C:\documents & settings\USERNAME\local settings\temp\install[1].exe
- Said the virus was "Win32:Walpak[Cryp], COM & EXE infection"
- I deleted the file
C. I used the avast! registry cleaner:
- It found 143 registry entries it wanted to clean. All were Shared DLLs or keys that it said were invlad as they pointed to nothing.
- Only option was to "Process the keys" or "Cancel" So I processed. It said it was successful.

D. I then used the avast BART CD's Regedit function to go into the registry
- Went to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
- Double clicked on DisableCAD
- Set to 1 to disable the need for Ctrl-Alt-Del. Clicked OK.

D. I also tried to have it auto-fill in my password in case the keyboard still had issues:
- Went to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
- Looked for the DefaultPassword value, but there was none
- Tried to create the value by going to Edit->New
- Unfortunately the avast! version of Regedit only contains "Find" and "Find Next" within the Edit menu. So, I could not do this.

E. I closed the Registry editor and rebooted my machine.

F. Machine rebooted into the Windows login 
- there was no need to hit Ctrl-Alt-Delete, so that worked
- my user name was correctly populated
- My USB mouse worked fine, as did the touchpad on my notebook, so I clicked into the password field
- When I tried to type my password, I found the keyboard did not respond. 
- Both the laptop keyboard and the external USB keyboard do not work.
[of course they both worked when using avast! and in the Boot Setup, etc... just don't work at the login screen]

So... the issue remains. 

i can try to do the system restore from the control console next, but before I do that I wanted to check if anyone had any other ideas.

Please let me know! Thanks!


----------



## blah789

just tossing this in. if you're using the regular windows logon (with the welcome screen), you have to press ctrl-alt-del twice to get the classic logon (where you have to type the username as well).


----------



## blandmc

The issue is not that I have to press it multiple times. No keys on the keyboard appear to be functional at login. I am now able to be in the login window, but I still can't type.

Since the keyboards (both laptop and external) both work fine in boot up, setup, dos prompts, with BART CD, and in restore console, etc... it is not a hardware problem.

My guess is that the issue is something to do with a corrupted file for the keyboard being loaded in Windows. Which file is it? Ihave no idea. If anyone knows, let me know and maybe I can copy it from a WinXP cd.

Otherwise... is there any way on WinXP to get the On Screen Keyboard to work at the Windows Login screen... if I haven't already enabled it previously? (which I haven't). For example, is there some registry key/value that enables this at the login screen? 

Any other ideas?


----------



## AustrAlien

Your external keyboard .... "the external USB keyboard"
I wonder if you would find the same thing using a keyboard wired/plugged into the PS2 port?

I believe that I have found an easy solution to your problem, but it depends on one piece of information that you have not supplied. Most computers have never had a password set on the "hidden" Administrator account. What about yours? Have you ever set an Administator account password (this is not the same thing as your own account with Administrator privileges ... it is a "hidden" one, generally seen only when logging in to Safe Mode.

If you have not ever set a password ....

*WARNING:*
(The information provided requires editing the Windows registry.)
_*Improper changes to the registry could render your computer inoperable.*_
Save a back-up copy of the registry _*before*_ making any changes.

Edit the registry using your BartPE Avast! CD according to the following ...


AustrAlien said:


> *Enable Ctrl+Alt+Delete through registry*
> http://www.maxi-pedia.com/Enable+Ctrl+Alt+Delete+logon+screen+for+Windows+Vista
> _In case accessing the Advanced User Accounts Control Panel or policy editor is not an option for you, you can modify the Ctrl+Alt+Delete setting directly in registry by changing the DisableCAD and LogonType registry keys. Go to the Start menu, click Run, type regedit, and hit ENTER. Then locate the following registry entry:
> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
> or alternatively
> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
> If you want to use the Ctrl+Alt+Delete windows logon screen, set the DisableCAD to 0 and the LogonType dword to 0 as well. *0 for the LogonType means Classic Mode Windows logon and 1 is for the Welcome Screen Windows logon screen.*_


Alter the registry entry to use the Welcome screen.

Restart the computer and choose to start in Safe Mode.
Use the mouse to click on the Administator icon at the Welcome screen and you are in!


----------



## blandmc

Thanks for the idea, AustrAlien. I appreciate your dedication in trying to help resolve this for me!

Unfortunately I always change the default "Administrator" account password on all my machines... so that won't help since it will still ask for the password.

As for the external keyboard... yes, it is USB. I don't have a PS2 keyboard, but I supposed I can go out and buy one just to try this. I have avoided doing so up to now, because my thought was that it wouldn't make a difference. Just from a 100% troubleshooting standpoint, I am now at the point where I am willing to go buy one just to eliminate it.

I will certainly let you know.

Any other ideas out there for me to try this weekend?


----------



## AustrAlien

blandmc said:


> I don't have a PS2 keyboard, but I supposed I can go out and buy one just to try this.


A simple little adapter ... USB-PS2 ..... can be bought, and this will do the same job as having a keyboard with PS2 fitting on the end of the cable.

It would be interesting from the trouble-shooting perspective.

Ah, well, back to the drawing board for me, to see what I can come up with: I can't resist a challenge, and this is just starting to get interesting. No doubt, I will be getting back to you.


----------



## AustrAlien

You have tried this .... 

You said: "_D. I also tried to have it auto-fill in my password in case the keyboard still had issues:
- Went to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
- Looked for the DefaultPassword value, but there was none
- Tried to create the value by going to Edit->New
- Unfortunately the avast! version of Regedit only contains "Find" and "Find Next" within the Edit menu. So, I could not do this._"

..... but ....
Did you try right-clicking on the "*Winlogon*" key .... and in the menu that _should_ appear .... choosing "*Add*"

*Windows XP Auto Login - Registry Entry*
http://iluvjohn.com/2009/01/18/windows-xp-auto-login-registry-entry/

*How to turn on automatic logon in Windows XP*
http://support.microsoft.com/kb/315231

Otherwise ....
Make yourself your own *BartPE* disk ... instructions already given, or ...

*How to build UBCD4Win bootable CD*
http://www.ubcd4win.com/howto.htm


----------



## David Lundin

If you can't create AutoAdminLogin settings in BartPE there's another option.

If the system is accessible on the network, you could connect to and edit the registry from another computer. On the file menu you have the option "Connect to remote registry" (or something like that, on a different language OS at the moment).


----------



## blandmc

AustrAlian - 
Yes, I tried that. As stated, only "Find" and "Find Next" are available. There is no "New" and no "Add" option. So, no luck there.

Also, I bought a PS2 keyboard on the way home from work.. only $7, so no big financial loss to confirm I was right - this was not the issue. Tried the external keyboard in the PS2 port. Exact same issue - works in the bootup and setup screens, does not work for Windows Login. No luck there.

David - 
COmputer is not properly set up on the network, so no network access. No luck there.


RESOLVED
The good news is that in my own hunting around I did see a suggestion on a Microsoft Support forum of all places where some other user was complaining their logitech keyboard no longer worked. 

The suggestion from Microsoft was to use RegEdit and;
1. navigate to:
HKLM\System\Current Control Set\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}
2. Double click on UpperFilters value
3. check if there is anything before or after "kbdclass" - if so, delete any data before or after that.

So, I used my avast! BART CD and the registry edit tool on it to check that... in my case, there was a:
HKLM\System\Current Control Set\*Control 1*\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}

and a

HKLM\System\Current Control Set\*Control 3*\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}

So, I checked both.

The UpperFilter value in one was:
TfKbMon
kbdclass
alidvc

The UpperFilter value in the other one was:
TfKbMon
kbdclass


So, I did as the instructions said and deleted any data before or after the kbdclass.

I closed out the registry edit feature from the avast! BART CD, and rebooted.

Upon Windows login, my keyboards both worked. I have rebooted several times and it seems fixed. My PC is currently undergoing a lot of virsu scanning to try to clean up, but hopefully the situation is resolved.

Thanks to everyone for their suggestions and advice. Hopefully if some other user finds this thread it will help them, too.


----------



## AustrAlien

Very good: Thank you for posting with that information. I am sure that it will be of use to those who come upon this thread when searching for an answer, as you have done.

Googling "alidvc" brought up no results at all, making this entry very suspicious and possibly malware-related.
"TfKbMon" on the other-hand, is likely related to the use of ThreatFire: Do you use or have you used ThreatFire?

*code 39 keyboard win XP* .... & Vista: Error message seen in Device Manager
http://www.siliconguide.com/qa/forum/messages/340.shtml

*blandmc* wrote: "_So, I used my avast! BART CD and the registry edit tool on it to check that... in my case, there was a
HKLM\System\*Current Control Set\Control 1\*Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}
and a
HKLM\System\*Current Control Set\Control 3*\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}_"

I think perhaps you have written this from memory, after the event ? and that you would have meant to write ....
HKLM\System\*ControlSet001*\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}
and a
HKLM\System\*ControlSet003*\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}

The HKLM\System\*CurrentControlSet* key is present when Registry Editor is used from within Windows, but not seen booting from and using the remote registry editor from a bootable CD.
There may be any number of *ControlSetxxx* keys listed.
One of them will be used as "Current" and "Default" settings: One will be used as "LastKnownGood".
This information is seen within the key HKLM\System\*Select*

If your issue has been resolved satisfactorily, please mark this thread as "*Solved*" by using the Thread Tools drop-down menu (above your first post) and selecting "Mark this thread as solved".

Thank you, once again. Good luck and take care.


----------



## blandmc

Yes - I wrote it partially from memory... meaning I jotted down some notes and then replied from another PC so I couldn't copy & paste... but I was pretty close.

That may also be why "alidvc" returned no results... it may have been alidevice" or some other combination. 

As for ThreatFire, I have never heard of it and never used it. No idea what it is.

YES - this is solved. I have logged back in several times from both reboot and hibernation. Everything seems fine. I have run avast!, McAffee, and Spyware doctor... none of them find anything more wrong with the PC... so either it is fine, or there is nothing obviously wrong with it. Seems fine.

Thanks again for your help.


----------

