Error "winlogon.exe (...) unknown software exception" after final reboot when installing Sophos SafeGuard Disk Encryption

  • Article ID: 109295
  • Updated: 28 May 2009


Product
Sophos SafeGuard Disk Encryption 4.60

Client OS

Windows 2000 Professional SP4, Windows XP SP3

Server OS

None

Question

How to solve this issue?

Answer

Having Sophos SafeGuard Disk Encryption installed, the initial encryption process runs fine. During the final reboot, the operating system loads, but eventually displays an application error referring to winlogon.exe. Confirming this error typically results in a bluescreen.

In most cases, the BSOD stop code is STOP: c000021a [Fatal System Error} or, less common: STOP: 00x0000007e
Most likely, this error is due to a recent feature which is called Data Execution Prevention (DEP).

Two methods of implementation are possible:

a) Hardware-enforced DEP (allows DEP to be (de-)activated in the BIOS of the machine)
b) Software-enforced DEP (DEP can be (de-)activated via the BOOT.INI)

Solution I
Data Execution Prevention is at this time not supported by current Sophos SafeGuard Disk Encryption versions. To allow smooth operation of Sophos SafeGuard Disk Encryption, DEP needs to be deactivated.

In case of hardware-enforced DEP, this can be done via the BIOS. Depending on the manufacturer, this feature is called differently:

AMD: no-execute page-protection (NX) processor feature
Intel: Execute Disable Bit (XD) feature

Solution II
Alternatively, DEP can be disabled by adjusting the BOOT.INI. Please follow the instructions which are given in the README of Sophos SafeGuard Disk Encryption 4.60. Search for "boot.ini" and "/noexecute=AlwaysOff". This setting is valid also for Intel machines.

Example:
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=AlwaysOff

If you have a machine affected by this behaviour, boot in safe mode (press F8 during boot up) and change the BOOT.INI.

Beginning as of XP SP2 (respectively SP1 for Windows 2003 Server), Microsoft Windows has introduced support of this feature, which is designed to help prevent damage from viruses and from other security threats.

For more information on what DEP does and how to disable it, please search the Microsoft knowledge base for the article which describes how to "Turn off the DEP feature in Windows XP SP2".

The version Sophos SafeGuard Disk Encryption 4.60 is compatible with DEP enabled.

keywords: NX XD Dell HP Compaq Fujitsu Siemens Sony Samsung IBM D610 21a sde

 
If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent

Comments