Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Win2003 InitiateSystemShutdownEx() question

Posted on 2006-06-15
10
955 Views
Last Modified: 2013-12-03
InitiateSystemShutdownEx() has dwReason parameter which is saved somewhere in the Registry. I need to know this place in the Registry
0
Comment
Question by:alex1234
10 Comments
 
LVL 86

Expert Comment

by:jkr
ID: 16916233
See http://msdn.microsoft.com/library/en-us/sysinfo/base/system_shutdown_reason_codes.asp ("System Shutdown Reason Codes"):

"You can also define your own shutdown reasons and add them to the registry. Each reason code should be stored as a registry value in the following key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Reliability"
0
 
LVL 2

Expert Comment

by:mannujam
ID: 16918036
You can find it yourself , download regmon from www.sysinternals.com.
and execute regmon and your exe which is using the API , it will show you which process is accessing which registry value in whole system.
0
 
LVL 1

Author Comment

by:alex1234
ID: 16921133
mannujam,

thanks a lot for the excellent utility, however I can't use it in my case because InitiateSystemShutdownEx() terminates the utility before I have any chance to examine its output

jkr,

"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Reliability" does not store 'dwReason' code that I supply to InitiateSystemShutdownEx(), so my question is still opened because I need to know where this value is saved after InitiateSystemShutdownEx() is executed.

0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 1

Author Comment

by:alex1234
ID: 16921233
What I'm doing is restoring the registry and at the end of the restore I call InitiateSystemShutdownEx() with a 'planned' flag to re-start the PC. When it is re-started it displays "Unplanned shutdown" message because it loads the restored registry which did not contain the 'planned' reboot flag

So, if I knew where the 'planned' stamp goes, I would 'fake' the stamp at the time of restore and place it to the restored registry so the reboot would not have the "Unplanned shutdown" message
0
 
LVL 3

Expert Comment

by:griffin36
ID: 16940828
The reason parameter isn't actually stored in the registry; it is stored in the event log located at: C:\WINDOWS\system32\config\SysEvent.Evt

It's possible that the problem could be due to not including reason codes (you only mentioned the planned flag, so I'm not sure if you have others). Windows wants to have major and maybe minor codes in the dwReason parameter, the planned flag is just a toggle to be used in addition to these. If you omitted these codes, the message may appear because Windows wants to be able to store some code. In your case, the following combination of flags may be appropriate:
SHTDN_REASON_MAJOR_OPERATINGSYSTEM | SHTDN_REASON_MINOR_RECONFIG | SHTDN_REASON_FLAG_PLANNED

Hope this helps!
0
 
LVL 1

Author Comment

by:alex1234
ID: 16941817
griffin36, I didn't ommit the reason codes. Also, if the 'planned' shutdown was stored in the event log, I wouldn't have this problem because I don't replace the event log. Event log stores these events, this is true, but for the information purposes only
0
 
LVL 3

Accepted Solution

by:
griffin36 earned 250 total points
ID: 16944672
I thought it might be worth a shot, like I said, I didn't know if you included the reason or not.

At any rate, I found the following document useful:
http://technet2.microsoft.com/WindowsServer/en/Library/5c6e30b2-6803-418d-a7b5-e4eb79323db51033.mspx?mfr=true

The document describes the mechanism by which the shutdown event tracker knows whether to appear at startup. I had to find the registry values that are used myself, they are:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Reliability
->LastAliveStamp
->LastAliveUptime

If you remove these values from the restored registry without allowing the Event Log service to write them back, then you'll be fine. If restoring the backup consists of copying all the "software" and other files back to C:\windows\system32\config, then you can simply load the software registry hive into the active registry at an alternate location such as software.old and then remove the values from that hive. Then, just unload the hive and you should be good to go.
0
 
LVL 1

Author Comment

by:alex1234
ID: 16944733
Thanks, griffin36, I'll try your suggestion in a day or so..
0
 
LVL 1

Author Comment

by:alex1234
ID: 16954771
LastAliveStamp is the one, LastAliveUptime seems to be not involved.

Thanks!!
0
 
LVL 3

Expert Comment

by:griffin36
ID: 16957272
Glad I could help!
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This tutorial is about how to put some of your C++ program's functionality into a standard DLL, and how to make working with the EXE and the DLL simple and seamless.   We'll be using Microsoft Visual Studio 2008 and we will cut out the noise; that i…
For a while now I'v been searching for a circular progress control, much like the one you get when first starting your Silverlight application. I found a couple that were written in WPF and there were a few written in Silverlight, but all appeared o…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question