It has been reported that in certain circumstances the system will shutdown instead of rebooting itself when the user restarts it while Private Disk is running and an encrypted disk is mounted(Sony VGN-FZ38 battery).
This was a problem difficult to trace; while it repeats itself 10/10 times on a "problematic" machine, on "non-problematic" ones everything is working correctly and it is impossible to simulate the problem(Sony Vaio VGN-FZ31J battery ).
This is what makes it of reason to make an educated guess that this is caused by a third-party component present on the system, which somehow alters the standard behaviour of Windows. The tough part is that even when you think you have disabled all the non-standard programs, there is a myriad of low-level components that one can't see with the naked eye(Sony Vaio VGN-FZ31B battery).
Follow up:
Here is how programs usually start automatically (this list is handy when you are trying to catch a rootkit like amvo.exe - no matter how many times you remove it, it's still there) (Sony VGN-FZ18L battery):
Start\Programs\Startup
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, see Userinit(Sony VGN-FW11M battery)
system services (run "services.msc")
drivers (enable "show hidden devices" in the device manager, this one is also called "show non plug and play devices")
The easiest way to manually go through all these entries is using Autoruns, a great tool by Sysinternals(Sony Vaio VGN-FZ18S battery).
Well, it turned out this was not a problem caused by a third-party application, because the system behaved that way even when nothing else except Private Disk was there. Eh...
How the Windows shutdown procedure works(Sony Vaio VGN-FZ210CE battery)
When the system is shutdown or restarted, each program is notified by Windows: "the system is shutting down, are you OK with that?"
Each program must send a reply, if everyone says "Yes", the system is shut down
If one of the programs says "No", the process is interrupted(Sony Vaio VGN-FZ21S battery)
A program can interrupt the process when it still has work to do (ex: save unsaved data, remove temporary files, save its settings, etc)
When it is done, the program should re-initiate the shutdown procedure, this time there will be no barriers(Sony Vaio VGN-FZ21E battery )
There are several key details:
when Windows tells a program that it is about to shutdown, the program does not know whether what follows is a restart, a shutdown, a stand-by or a hibernate
when the program re-initiates the process, it has no clue which particular flavour of the process is actually needed(Sony VGN-FZ190 battery)
however, there is a place in the registry which contains the type of the action that was about to be performed: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer, Shutdown Setting(Sony VGN-FZ15G battery)
the only problem is that for some reason, on some systems, this registry key does not exist and is not updated
On this systems Private Disk will shut the system down when you restart it while a disk is mounted(Sony VGN-FZ11L battery).
Why Private Disk defaults to a restart
Because this is the less evil option of all the evil options. If you're leaving the office and shut the system down - it will actually reboot; but the door is already closed and you'll be on your way home, there is nothing you can do about it, unless you accidentally return(Sony Vaio VGN-FZ31S battery).
A different flavour of this scenario - you're going on a vacation, so the computer will remain on for a couple of weeks; the electricity bill will be pumped up - not good.
A different scenario - you want to restart (which implies you'll be at the computer when it is fully loaded), you notice that it shut down instead of restarting(Sony Vaio VGN-FZ38M battery), so you hit the power button and you're back to work. In this case you spot the problem quickly and you can intervene immediately. Of course, the annoying part is that you have to press the power button (this is "especially uncool" if your computer is somewhere under the desk) (Sony VGN-FZ19VN battery).
A different flavour of this scenario - you have one of those slow machines, you pressed restart and went to the kitchen to make yourself a cup of tea. You take your time, hoping that when you're back everything is ready... But no... annoying indeed(Sony Vaio VGN-FZ31Z battery)...
When choosing between "annoying" and "bigger bill + security risk" (leaving the system on unattended), we chose "annoying".
Why is there a need to choose anything in the first place? Because if we don't cancel the shutdown procedure, there is a chance that some data on the encrypted disks will be corrupted, because the volumes were disconnected immediately, without any clean-up routines (dump the cache, update the file table, etc) (Sony Vaio VGN-FZ31M battery).
Back to choices - which one do you prefer: "data corruption" or "annoyance"?
Some might argue, "but a similar program from ACME works flawlessly in such circumstances!". It is true, but do you want to be the lucky one who loses data in "such circumstances"(Sony VGN-FZ11M battery)?
Solution
It turns out that the registry key that contains details about the type of shutdown procedure is not updated if you use the "Welcome screen" of Windows XP. So, you can fix the problem by disabling the "Welcome screen"(Sony VGN-FZ11Z battery):
Control Panel\Users
Uncheck "use welcome screen"
You might be worried that without the welcome screen, you can't make the system log on automatically, without typing a password. Here is how to deal with that(Sony VGN-FZ220E battery):
run "control userpasswords2" (this is how you can call the classic user management applet, which was replaced in Windows XP with a simple, less flexible version)
select the user from the list(Sony VGN-FZ29VN battery)
uncheck "users must enter a password to use this computer"
enter the credentials and press OK
No comments:
Post a Comment