2 minute logon delays via rundll32.exe

looking through userenv i get this
USERENV(438.3d8) 14:57:46:916 GetProfileType: ProfileFlags is 0
USERENV(2ac.f88) 14:57:48:360 ImpersonateUser: Failed to impersonate user with 5.
USERENV(2ac.f88) 14:57:48:360 GetUserNameAndDomain Failed to impersonate user
USERENV(2ac.f88) 14:57:48:360 GetUserDNSDomainName:  Domain name is NT Authority.  No DNS domain name available.
USERENV(5cc.5a8) 14:57:48:966 LibMain: Process Name:  C:\WINDOWS\system32\rundll32.exe
USERENV(2ac.f88) 14:59:48:211 UserPolicyCallback: Setting status UI to Applying your personal settings...
USERENV(2ac.f88) 14:59:49:112 UserPolicyCallback: Setting status UI to Applying your personal settings...
USERENV(2ac.f88) 14:59:49:112 ProcessGPOList: Extension Internet Explorer Branding returned 0x0.
USERENV(2ac.f88) 14:59:49:112 ProcessGPOList: Extension Internet Explorer Branding was able to log data. RsopStatus = 0x0, dwRet = 0, Clearing the dirty bit
USERENV(2ac.f88) 14:59:49:127 ProcessGPOs: -----------------------
USERENV(2ac.f88) 14:59:49:127 ProcessGPOs: -----------------------
USERENV(2ac.f88) 14:59:49:127 ProcessGPOs: Processing extension EFS recovery

note the excact 2 minute gap???
it doesnt always happen, it happens on every 1 of our 400 machines all being different in hardware and software. its not a virus, disabling the file for a laugh gets round the problem. and this has been going on for about a year.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

A source suspects the following:

<<start  source paste>>
That is typically dns misconfiguration. Make sure that computer is pointing only to
an AD domain controller running dns as it's preferred dns server in tcp/ip
properties. Running netdiag on it may also be helpful looking for failed tests
pertaining to dns, domain membership, dclist, and trust relationship test.
<<end source paste>>

source: http://www.tutorials-win.com/Networking/Login-delay/
QEDehAuthor Commented:
i ran a netdiag /l /debug on a machine that has this issue and the only problems that came up are;
Opening \Device\NwlnkIpx failed
[WARNING] Failed to query SPN registration on DC 'athena.int.gillingham-dorset.co.uk'.
[WARNING] Failed to query SPN registration on DC 'athena.int.gillingham-dorset.co.uk'.
[WARNING] Failed to query SPN registration on DC 'gill-sch-02.int.gillingham-dorset.co.uk'.

everything else passed with flying colours
ive attached the original log
QEDehAuthor Commented:
Ok after even more investigating using bootvis and userenv logs i came accross this.
ive attached a picture.
at the exact time of the 2 minute delay system (4) runs for 0.13 secs. and then aboslutly nothing. its like a complete freeze. the start time is 105.01, it then ends at 105.13 and then the next thing to run is rdpclip.exe at 227.36. so to me its as if its not a actual program thats taking 2 mins to delay.
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

QEDehAuthor Commented:
sry heres a better log that shows the rundll32.exe
QEDehAuthor Commented:
my feeling now is that rundll32.exe is loading a dll into memory that seems to take 2 mins / or timesout after 2 mins.
is there a way to trace and log what rundll32.exe is up to?
QEDehAuthor Commented:
ok ive tracked the problem down. when logging on the rundll32.exe loads iedkcs32.dll. however this dll causes a 2 minute delay. the brnlog shows this delay -
02/15/2008 10:22:26        Registering download URLs as safe for updating IE...
02/15/2008 10:22:26        Done.

02/15/2008 10:22:26        Refreshing browser settings...
02/15/2008 10:22:26        Broadcasting "Windows settings change" to all top level windows...
02/15/2008 10:24:25    Done processing group policy.

reinstalling the dll makes no difference. denying the system to use this dll gets over the problem but there will be knock on effects as it configurs ie7. im wondering if there is corruption in the gpo settings for internet explorer and if so anyone got any idea how to tell or fix that
also my problem is not related to kb941158 from microsoft.
QEDehAuthor Commented:
download the file for kb941158 from microsoft.
the error it states there is for a 20 dec delay but mine was 120 secs.
xp and vista currently have iedkcs32.dll version17.00.6000.16386
this problem doesnt seem to happen to vista tho.
what you want is version 17.00.6000.20668
install the update, make a reg change and walla.
im going to ring microsoft and see if i can get them to change the kb article.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
QEDehAuthor Commented:
can i have my points refunded?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows XP

From novice to tech pro — start learning today.