bryanchandler
asked on
WINLOGON.EXE high cpu usage
Winlogon.exe is running at 25% CPU on my Windows SBS 2k3 SP2 server. Researching here & the google, I found some related posts:
https://www.experts-exchange.com/questions/24312555/Winlogon-exe-High-CPU-Usage-Safe-Mode.html?sfQueryTermInfo=1+cpu+high+userenv.dl+winlogon.ex
AND
http://blogs.msdn.com/ntdebugging/archive/2008/04/10/closing-the-loop-cpu-spike-in-winlogon-exe.aspx
Process Explorer shows different threads, such as USERENV.DLL eating up the CPU for this thread.
I noticed that when I login locally to my usual domain admin account I use, that it seems to get worse, but when I login as administrator it's not as bad.
I've applied a MS hotfix mentioned in the 2nd link (http://support.microsoft.com/kb/927182) and will be rebooting at 12:15 today.
Am I on the right track with this?
https://www.experts-exchange.com/questions/24312555/Winlogon-exe-High-CPU-Usage-Safe-Mode.html?sfQueryTermInfo=1+cpu+high+userenv.dl+winlogon.ex
AND
http://blogs.msdn.com/ntdebugging/archive/2008/04/10/closing-the-loop-cpu-spike-in-winlogon-exe.aspx
Process Explorer shows different threads, such as USERENV.DLL eating up the CPU for this thread.
I noticed that when I login locally to my usual domain admin account I use, that it seems to get worse, but when I login as administrator it's not as bad.
I've applied a MS hotfix mentioned in the 2nd link (http://support.microsoft.com/kb/927182) and will be rebooting at 12:15 today.
Am I on the right track with this?
ASKER
Installing the hotfix (http://support.microsoft.com/kb/927182) looks to have done the trick. Winlogon.exe no longer pegs the CPU.
ASKER
Unfourtunetly, WINLOGON.EXE went back to running high CPU. I need further assistance with this.
ASKER
This seems to be happening when I log in via the console. I.E. when I VNC into the server or am standing in front of it.
When I log in via Remote Web Workplace, winlogon.exe doesn't seems to have a problem.
When I log in via Remote Web Workplace, winlogon.exe doesn't seems to have a problem.
Use process monitor to see what exceptions are generated with winlogon process and report back, that can lead to some result.
Did you try clearing prefetch logs?
Shabhi
Did you try clearing prefetch logs?
Shabhi
Does the winlogon.exe always eat the cpu, or only during console logons/remote client logons? Does it settle down after no logon activity?
ASKER
@shabhi:
I did clear the prefect logs.
@johnb6767:
It only seems to occur when a specific username (mine) is logged into a local console session. TDP sessions don't seem to be a problem, whatever username is being used.
HOWEVER...
I had be using the new LogMeIn Rescue feature that runs an agent continuously & allows unattended access anytime. I observed today that when WINLOGON.EXE was acting up, the unattended agent was also pegging the CPU.
The agent ran as my username. When I revoked unattended access & the agent stopped running, WINLOGON.EXE stopped acting up.
This has only been for the past few hours, but it seems to have been the problem.
I'll report back tomorrow.
I did clear the prefect logs.
@johnb6767:
It only seems to occur when a specific username (mine) is logged into a local console session. TDP sessions don't seem to be a problem, whatever username is being used.
HOWEVER...
I had be using the new LogMeIn Rescue feature that runs an agent continuously & allows unattended access anytime. I observed today that when WINLOGON.EXE was acting up, the unattended agent was also pegging the CPU.
The agent ran as my username. When I revoked unattended access & the agent stopped running, WINLOGON.EXE stopped acting up.
This has only been for the past few hours, but it seems to have been the problem.
I'll report back tomorrow.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
1) clear the prefetchs log and then see if winlogon behaviour is the same, if not, it can be related to hardware/drivers.
2) review the following link
https://www.experts-exchange.com/articles/OS/Microsoft_Operating_Systems/Server/2003_Server/Troubbleshooting-Slow-Logons.html
shabhi