Slow windows 10 boot before opening cdd.dll

1

1

My Windows 10 installation boots very slowly, taking around 5 minutes. Therefore I used the Sysinternals Process Monitor to record the boot log, and in that log I discovered the following lines. The long pauses don't make any sense to me.

How can I analyze (and maybe understand) this issue in more detail, or better yet, just make it boot faster?

22:14:35,6565020    svchost.exe 824 ReadFile    C:\Windows\System32\bisrv.dll   0.0002591   SUCCESS Offset: 440.832, Length: 4.096, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Normal
22:14:37,4067777    lsass.exe   736 ReadFile    C:\Windows\System32\advapi32.dll    0.0005144   SUCCESS Offset: 492.032, Length: 16.384, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Normal
...
22:14:44,0683771    svchost.exe 872 RegOpenKey  HKLM    0.0000083   SUCCESS Desired Access: Maximum Allowed, Granted Access: Read
22:14:44,0684055    svchost.exe 872 RegQueryKey HKLM    0.0000049   SUCCESS Query: HandleTags, HandleTags: 0x0
22:14:44,0684309    svchost.exe 872 RegOpenKey  HKLM\Software\Microsoft\Rpc\SecurityService 0.0000215   SUCCESS Desired Access: Read
22:14:44,0684705    svchost.exe 872 RegCloseKey HKLM    0.0000039   SUCCESS 
22:14:44,0684945    svchost.exe 872 RegQueryValue   HKLM\SOFTWARE\Microsoft\Rpc\SecurityService\DefaultAuthLevel    0.0000044   NAME NOT FOUND  Length: 144
22:14:44,0685170    svchost.exe 872 RegCloseKey HKLM\SOFTWARE\Microsoft\Rpc\SecurityService 0.0000034   SUCCESS 
(first pause)
22:15:25,6683843    services.exe    728 ReadFile    C:\Windows\System32\services.exe    0.0001271   SUCCESS Offset: 160.768, Length: 4.096, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Normal
22:15:25,6686346    services.exe    728 ReadFile    C:\Windows\System32\services.exe    0.0002019   SUCCESS Offset: 160.768, Length: 24.576, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Normal
22:15:25,6691729    services.exe    728 ReadFile    C:\Windows\System32\services.exe    0.0001007   SUCCESS Offset: 263.168, Length: 4.096, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Normal
22:15:25,6693949    services.exe    728 ReadFile    C:\Windows\System32\services.exe    0.0001945   SUCCESS Offset: 263.168, Length: 32.768, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Normal
22:15:25,6699703    services.exe    728 RegQueryKey HKLM    0.0000068   SUCCESS Query: HandleTags, HandleTags: 0x0
22:15:25,6700021    services.exe    728 RegOpenKey  HKLM\System\CurrentControlSet\Control   0.0000166   REPARSE Desired Access: Read
22:15:25,6700343    services.exe    728 RegOpenKey  HKLM\System\CurrentControlSet\Control   0.0000132   SUCCESS Desired Access: Read
22:15:25,6700641    services.exe    728 RegQueryValue   HKLM\System\CurrentControlSet\Control\DisableServiceStartupMonitor  0.0000044   NAME NOT FOUND  Length: 144
22:15:25,6700910    services.exe    728 RegCloseKey HKLM\System\CurrentControlSet\Control   0.0000035   SUCCESS 
(second pause)
22:15:44,6999614    csrss.exe   664 RegOpenKey  HKLM\System\CurrentControlSet\Enum\PCI\VEN_1002&DEV_9647&SUBSYS_1663103C&REV_00\3&2411e6fe&0&08\Device Parameters   0.0001193   SUCCESS Desired Access: Read
22:15:44,7002025    csrss.exe   664 RegQueryValue   HKLM\System\CurrentControlSet\Enum\PCI\VEN_1002&DEV_9647&SUBSYS_1663103C&REV_00\3&2411e6fe&0&08\Device Parameters\VidPnLkgTopology  0.0001598   SUCCESS Type: REG_BINARY, Length: 27.520, Data: 01 00 00 00 01 00 00 00 01 00 00 00 40 06 00 00
22:15:44,7005114    csrss.exe   664 RegCloseKey HKLM\System\CurrentControlSet\Enum\PCI\VEN_1002&DEV_9647&SUBSYS_1663103C&REV_00\3&2411e6fe&0&08\Device Parameters   0.0000128   SUCCESS 
...
22:15:44,8945520    csrss.exe   664 CreateFile  C:\Windows\System32\cdd.dll 0.0424086   SUCCESS Desired Access: Execute/Traverse, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened

Roland Illig

Posted 2016-08-27T20:45:02.860

Reputation: 260

cdd.dll appears to be a display driver. We need more information – Ramhound – 2016-08-27T21:28:55.280

1

Install the WPT (part of the Win10 SDK: https://dev.windows.com/en-us/downloads/windows-10-sdk), run WPRUI.exe, select First Level, DiskIO, FileIO, Registry IO and under Performance Scenario select Boot. Number of iteration can be set to 1 and click to start. This reboots Windows and captures all activity during boot. After the reboot let the countdown tick to 0 to capture 2 minutes of activity after boot. Zip the large ETL file into zip/RAR file, upload the zip (OneDrive, dropbox, google drive) and post the share link here.

– magicandre1981 – 2016-08-28T07:31:17.607

No answers

Asked: 2016-08-27T20:45:02.860

Viewed: 216 times

Active: 2016-08-27T20:45:02.860