Windows 7 logon takes 2 minutes -- how to troubleshoot?

3

1

I got myself a brand new laptop with Windows 7 Home Basic 64-bit.

I used it no problems for a couple of months, and then a strange thing began to happen:

  1. I press the On button.
  2. In 20 seconds or less, the Windows logon screen appears. I'm totally happy with this timing.
  3. I type in my password and press Enter.
  4. Welcome appears on the screen, and here begins the two minute pause. Nothing happens, there's almost no hard disk activity (it's my firewall writing to its log every second), the little blue circle is rotating to the left of the Welcome.
  5. Two minutes later my desktop appears, and all is well and good-performing as usual.

As you might imagine, the pause is quite irritating.
And it doesn't look like a performance problem. Rather, Windows seems to be waiting for a slow resource, without trying to do other things in the meanwhile.

I tried to figure out the reason for this but I apparently failed.
Here are some clues I had:

  1. I've got a firewall. The firewall service starts before the log in, with no pause. From firewall logs (that contain many interesting things on top of network events), I can see that there's indeed a two minutes pause within which firewall has nothing to log. Things like TASKHOST.EXE, MSCORSVW.EXE, DLLHOST.EXE, USERINIT.EXE, EXPLORER.EXE all begin to launch after the pause has ended.

  2. I've looked into the system journals (I created a view that combines all events happened around the logon time). The only interesting bit (which happens every day, on every "long" logon) is this:

    14:10:17 -- I log in, credentials accepted, session created.
    14:10:19 -- Resource-Exhaustion-Detector launched
    14:12:07 -- Error ID 7006 from Service Control Manager: 

    The ScRegSetValueExW call failed for Type with the following error:
Access denied

    14:12:07 -- An Info message from UserPnp saying that adding a tunnel service (system32\DRIVERS\tunnel.sys) for the device ROOT\*ISATAP\0000 finished with the code: 5

Can anyone suggest a way to find out what is calling ScRegSetValueExW and failing, and what device ROOT\*ISATAP\0000 is?
I'm not sure I'm going in the right direction, so any other suggestions are welcome, too.

In case anyone wonders what I had installed before this started to happen: I installed Win7 Service Pack 1 and some other updates, but the problem didn't start happening right after that, it took several days for it to manifest itself.

GSerg

Posted 2011-03-12T16:24:27.700

Reputation: 599

Try disabling the third party programs in the problem time, e.g. turn off the firewall and use the built-in firewall. HijackThis will help you find all the different ways things can be in startup. – tobylane – 2011-03-12T22:46:37.013

Answers

5

You've determined something can't write to the registry (RegSetValue) because of access denied (5). This could be many things, from disk corruption, to a failed 3rd party Explorer extension, and everything in-between. :)

The errors you are seeing in the event log may not be the problem but simply a symptom.

Just start with basic troubleshooting, like 'Safe Mode', and a read-only disk check. See how they behave, and what they tell you.

Try MSConfig to disable a few things and see what that does.

jcopenha's idea of Process Monitor is a good one as well (but may be overkill for where you are in the process for now).

There's this web company called Soluto, that is all about figuring out why your Windows boot time is slow, perhaps they can help?

From there, if you get stuck, come back and ask additional specific questions.

Ƭᴇcʜιᴇ007

Posted 2011-03-12T16:24:27.700

Reputation: 103 763

2

I would suggest using Process Monitor to log the startup and see what is going on.

jcopenha

Posted 2011-03-12T16:24:27.700

Reputation: 176

Asked: 2011-03-12T16:24:27.700

Viewed: 5 568 times

Active: 2011-03-12T20:37:29.250