Secondary Logon (seclogon) Service Defaults in Windows 7
Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Default Settings
| Startup type: | Manual |
| Display name: | Secondary Logon |
| Service name: | seclogon |
| Service type: | share |
| Error control: | normal |
| Object: | LocalSystem |
| Path: | %SystemRoot%\system32\svchost.exe -k netsvcs |
| File: | %SystemRoot%\system32\seclogon.dll |
| Registry key: | HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\seclogon |
| Privileges: |
|
Default Behavior
Secondary Logon is a Win32 service. In Windows 7 it won't be started if the user doesn't start it. When the Secondary Logon service is started, it is running as LocalSystem in a shared process of svchost.exe. Other system components, such as drivers and services, may run in the same process. If Secondary Logon fails to start, Windows 7 attempts to write the failure details into Event Log. Then Windows 7 startup should proceed and the user should be notified that the seclogon service is not running because of the error.
Restore Default Startup Configuration of Secondary Logon
1. Run the Command Prompt as an administrator.
2. Copy the command below, paste it into the command window and press ENTER:
sc config seclogon start= demand
3. Close the command window and restart the computer.
The seclogon service is using the seclogon.dll file that is located in the C:\Windows\system32 directory. If the file is removed or corrupted, read this article to restore its original version from Windows 7 installation media.