Nach Benutzeranmeldungen nur Hintergrundbild ohne oder mit Icons aber Rechner hängt (wuauclt.exe?)

Guten Morgen Allerseits!

Wir haben seit meheren Tagen ein merkwürdiges Problem. Wenn sich die Benutzer (mich als Admin eingeschlossen) anmelden, dann kommt es sporadisch vor, dass man nur sein Hitergrundbild ohne Icons sieht und der Rechner hängt. Falls man seinen Desktop mit Icons sieht kann man diese nicht anklicken. Wenn man den Taskmanager öffnen will wird dieser gar nicht mehr angezeigt. Es sieht aus als wenn der komplette Explorer hängt.

Habe nun mal das Startlog aktiviert welches man unter "C:WINDOWSDebugUserModeuserenv.log" einsehen kann.

Dies kann man mit folgendem Registry Key aktivieren:

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]
"UserEnvDebugLevel"=dword:00010002  

Hier mal das Log:

USERENV(e8.ec) 08:18:23:105 UnloadUserProfile: Entering, hProfile = <0x120>
USERENV(e8.ec) 08:18:23:105 UnloadUserProfile: In console winlogon process
USERENV(e8.ec) 08:18:23:105 UnloadUserProfileP: Entering, hProfile = <0x120>
USERENV(e8.ec) 08:18:23:105 GetExclusionListFromRegistry: Policy list is empty, returning user list = <Lokale Einstellungen;Temporary Internet Files;Verlauf;Temp;Lokale Einstellungen\Anwendungsdaten\Microsoft\Outlook>
USERENV(e8.ec) 08:18:23:121 CSyncManager::EnterLock <S-1-5-21-2110330705-2278029354-3900480542-1502>
USERENV(e8.ec) 08:18:23:121 CSyncManager::EnterLock: No existing entry found
USERENV(e8.ec) 08:18:23:121 CSyncManager::EnterLock: New entry created
USERENV(e8.ec) 08:18:23:121 CHashTable::HashAdd: S-1-5-21-2110330705-2278029354-3900480542-1502 added in bucket 15
USERENV(e8.ec) 08:18:23:121 UnloadUserProfileP: Wait succeeded. In critical section.
USERENV(e8.ec) 08:18:23:427 MyRegUnLoadKey: Returning 1.
USERENV(e8.ec) 08:18:23:443 UnloadUserProfileP: Succesfully unloaded profile
USERENV(e8.ec) 08:18:23:443 MyRegUnLoadKey: Returning 1.
USERENV(e8.ec) 08:18:23:443 UnLoadClassHive: Successfully unmounted S-1-5-21-2110330705-2278029354-3900480542-1502_Classes
USERENV(e8.ec) 08:18:23:443 UnloadUserProfileP: Successfully unloaded user classes
USERENV(e8.ec) 08:18:23:460 UnloadUserProfileP: Impersonated user
USERENV(e8.ec) 08:18:23:460 UnloadUserProfileP: Writing local ini file
USERENV(e8.ec) 08:18:23:460 UnloadUserProfileP: Reverting to Self
USERENV(e8.ec) 08:18:23:460 UnloadUserProfileP: exitting and cleaning up
USERENV(e8.ec) 08:18:23:460 CSyncManager::LeaveLock <S-1-5-21-2110330705-2278029354-3900480542-1502>
USERENV(e8.ec) 08:18:23:460 CSyncManager::LeaveLock: Lock released
USERENV(e8.ec) 08:18:23:460 CHashTable::HashDelete: S-1-5-21-2110330705-2278029354-3900480542-1502 deleted
USERENV(e8.ec) 08:18:23:460 CSyncManager::LeaveLock: Lock deleted
USERENV(e8.ec) 08:18:23:460 UnloadUserProfileP: Leave critical section.
USERENV(e8.ec) 08:18:23:460 UnloadUserProfileP: Leaving with a return value of 1
USERENV(e8.ec) 08:18:23:460 UnloadUserProfile: UnloadUserProfileP succeeded
USERENV(e8.ec) 08:18:23:460 UnloadUserProfile: returning 1
USERENV(11c.d68) 08:18:27:336 UnloadUserProfile: Entering, hProfile = <0x3dc>
USERENV(11c.d68) 08:18:27:336 GetInterface: Returning rpc binding handle
USERENV(e8.260) 08:18:27:336 IProfileSecurityCallBack: client authenticated.
USERENV(e8.260) 08:18:27:336 DropClientContext: Got client token 00000524, sid = S-1-5-18
USERENV(e8.260) 08:18:27:336 MIDL_user_allocate enter
USERENV(e8.260) 08:18:27:336 DropClientContext: load profile object successfully made
USERENV(e8.260) 08:18:27:336 DropClientContext: Returning 0
USERENV(11c.d68) 08:18:27:336 UnLoadUserProfile: Calling DropClientToken (as self) succeeded
USERENV(e8.118) 08:18:27:336 IProfileSecurityCallBack: client authenticated.
USERENV(e8.118) 08:18:27:336 UnloadUserProfileP: Entering, hProfile = <0x570>
USERENV(e8.118) 08:18:27:336 UnloadUserProfileP: ImpersonateUser <00000524>, old token is <00000000>
USERENV(e8.118) 08:18:27:336 GetExclusionListFromRegistry: Policy list is empty, returning user list = <Lokale Einstellungen;Temporary Internet Files;Verlauf;Temp>
USERENV(e8.118) 08:18:27:336 CSyncManager::EnterLock <S-1-5-19>
USERENV(e8.118) 08:18:27:336 CSyncManager::EnterLock: No existing entry found
USERENV(e8.118) 08:18:27:336 CSyncManager::EnterLock: New entry created
USERENV(e8.118) 08:18:27:336 CHashTable::HashAdd: S-1-5-19 added in bucket 12
USERENV(e8.118) 08:18:27:336 UnloadUserProfileP: Wait succeeded. In critical section.
USERENV(e8.118) 08:18:27:336 UnloadUserProfileP: Didn't unload user profile, Ref Count is 2
USERENV(e8.118) 08:18:27:336 UnloadUserProfileP: Reverted back to user <00000000>
USERENV(e8.118) 08:18:27:336 CSyncManager::LeaveLock <S-1-5-19>
USERENV(e8.118) 08:18:27:336 CSyncManager::LeaveLock: Lock released
USERENV(e8.118) 08:18:27:336 CHashTable::HashDelete: S-1-5-19 deleted
USERENV(e8.118) 08:18:27:336 CSyncManager::LeaveLock: Lock deleted
USERENV(e8.118) 08:18:27:336 UnloadUserProfileP: Leave critical section.
USERENV(e8.118) 08:18:27:336 UnloadUserProfileP: Leaving with a return value of 1
USERENV(e8.118) 08:18:27:336 UnloadUserProfileI: returning 0
USERENV(11c.d68) 08:18:27:336 UnloadUserProfile: Calling UnloadUserProfileI succeeded
USERENV(e8.100) 08:18:27:336 IProfileSecurityCallBack: client authenticated.
USERENV(e8.100) 08:18:27:336 ReleaseClientContext: Releasing context
USERENV(e8.100) 08:18:27:336 ReleaseClientContext_s: Releasing context
USERENV(e8.100) 08:18:27:336 MIDL_user_free enter
USERENV(11c.d68) 08:18:27:336 ReleaseInterface: Releasing rpc binding handle
USERENV(11c.d68) 08:18:27:336 UnloadUserProfile: returning 1
USERENV(e8.ec) 08:19:10:734 InitializePolicyProcessing: Initialised Machine Mutex/Events
USERENV(e8.ec) 08:19:10:765 InitializePolicyProcessing: Initialised User Mutex/Events
USERENV(e8.ec) 08:19:10:765 LibMain: Process Name: \??\C:\WINDOWS\system32\winlogon.exe
USERENV(e8.ec) 08:19:11:375 Entering CUserProfile::Initialize ...
USERENV(e8.ec) 08:19:11:375 CUserProfile::Initialize called by winlogon
USERENV(e8.ec) 08:19:11:375 CUserProfile::Initialize: critical section initialized
USERENV(e8.ec) 08:19:11:375 CSyncManager::Initialize: critical section initialized
USERENV(e8.ec) 08:19:11:375 CUserProfile::Initialize: registry key Software\Microsoft\Windows NT\CurrentVersion\ProfileList opened
USERENV(e8.ec) 08:19:11:375 CUserProfile::Initialize: Proccessing S-1-5-21-2110330705-2278029354-3900480542-1502
USERENV(e8.ec) 08:19:11:375 CSyncManager::EnterLock <S-1-5-21-2110330705-2278029354-3900480542-1502>
USERENV(e8.ec) 08:19:11:375 CSyncManager::EnterLock: No existing entry found
USERENV(e8.ec) 08:19:11:375 CSyncManager::EnterLock: New entry created
USERENV(e8.ec) 08:19:11:375 CHashTable::HashAdd: S-1-5-21-2110330705-2278029354-3900480542-1502 added in bucket 15
USERENV(e8.ec) 08:19:11:375 CUserProfile::CleanupUserProfile: Enter critical section.
USERENV(e8.ec) 08:19:11:375 CUserProfile::GetRefCountAndFlags: Ref count is 0, state is 00000100
USERENV(e8.ec) 08:19:11:375 CSyncManager::LeaveLock <S-1-5-21-2110330705-2278029354-3900480542-1502>
USERENV(e8.ec) 08:19:11:375 CSyncManager::LeaveLock: Lock released
USERENV(e8.ec) 08:19:11:375 CHashTable::HashDelete: S-1-5-21-2110330705-2278029354-3900480542-1502 deleted
USERENV(e8.ec) 08:19:11:375 CSyncManager::LeaveLock: Lock deleted
USERENV(e8.ec) 08:19:11:375 CUserProfile::CleanupUserProfile: Leave critical section
USERENV(e8.ec) 08:19:11:375 CUserProfile::Initialize: Proccessing S-1-5-21-1409082233-1229272821-839522115-500
USERENV(e8.ec) 08:19:11:375 CSyncManager::EnterLock <S-1-5-21-1409082233-1229272821-839522115-500>
USERENV(e8.ec) 08:19:11:375 CSyncManager::EnterLock: No existing entry found
USERENV(e8.ec) 08:19:11:375 CSyncManager::EnterLock: New entry created
USERENV(e8.ec) 08:19:11:375 CHashTable::HashAdd: S-1-5-21-1409082233-1229272821-839522115-500 added in bucket 13
USERENV(e8.ec) 08:19:11:375 CUserProfile::CleanupUserProfile: Enter critical section.
USERENV(e8.ec) 08:19:11:375 CUserProfile::GetRefCountAndFlags: Ref count is 0, state is 00000100
USERENV(e8.ec) 08:19:11:375 CSyncManager::LeaveLock <S-1-5-21-1409082233-1229272821-839522115-500>
USERENV(e8.ec) 08:19:11:375 CSyncManager::LeaveLock: Lock released
USERENV(e8.ec) 08:19:11:375 CHashTable::HashDelete: S-1-5-21-1409082233-1229272821-839522115-500 deleted
USERENV(e8.ec) 08:19:11:375 CSyncManager::LeaveLock: Lock deleted
USERENV(e8.ec) 08:19:11:375 CUserProfile::CleanupUserProfile: Leave critical section
USERENV(e8.ec) 08:19:11:375 CUserProfile::Initialize: Proccessing S-1-5-20
USERENV(e8.ec) 08:19:11:375 CSyncManager::EnterLock <S-1-5-20>
USERENV(e8.ec) 08:19:11:375 CSyncManager::EnterLock: No existing entry found
USERENV(e8.ec) 08:19:11:375 CSyncManager::EnterLock: New entry created
USERENV(e8.ec) 08:19:11:375 CHashTable::HashAdd: S-1-5-20 added in bucket 4
USERENV(e8.ec) 08:19:11:375 CUserProfile::CleanupUserProfile: Enter critical section.
USERENV(e8.ec) 08:19:11:375 CUserProfile::GetRefCountAndFlags: Ref count is 2, state is 00000000
USERENV(e8.ec) 08:19:11:375 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(e8.ec) 08:19:11:375 CSyncManager::LeaveLock <S-1-5-20>
USERENV(e8.ec) 08:19:11:375 CSyncManager::LeaveLock: Lock released
USERENV(e8.ec) 08:19:11:375 CHashTable::HashDelete: S-1-5-20 deleted
USERENV(e8.ec) 08:19:11:375 CSyncManager::LeaveLock: Lock deleted
USERENV(e8.ec) 08:19:11:375 CUserProfile::CleanupUserProfile: Leave critical section
USERENV(e8.ec) 08:19:11:375 CUserProfile::Initialize: Proccessing S-1-5-19
USERENV(e8.ec) 08:19:11:375 CSyncManager::EnterLock <S-1-5-19>
USERENV(e8.ec) 08:19:11:375 CSyncManager::EnterLock: No existing entry found
USERENV(e8.ec) 08:19:11:375 CSyncManager::EnterLock: New entry created
USERENV(e8.ec) 08:19:11:375 CHashTable::HashAdd: S-1-5-19 added in bucket 12
USERENV(e8.ec) 08:19:11:375 CUserProfile::CleanupUserProfile: Enter critical section.
USERENV(e8.ec) 08:19:11:375 CUserProfile::GetRefCountAndFlags: Ref count is 2, state is 00000000
USERENV(e8.ec) 08:19:11:375 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(e8.ec) 08:19:11:375 CSyncManager::LeaveLock <S-1-5-19>
USERENV(e8.ec) 08:19:11:375 CSyncManager::LeaveLock: Lock released
USERENV(e8.ec) 08:19:11:375 CHashTable::HashDelete: S-1-5-19 deleted
USERENV(e8.ec) 08:19:11:375 CSyncManager::LeaveLock: Lock deleted
USERENV(e8.ec) 08:19:11:375 CUserProfile::CleanupUserProfile: Leave critical section
USERENV(e8.ec) 08:19:11:375 CUserProfile::Initialize: Proccessing S-1-5-18
USERENV(e8.ec) 08:19:11:375 CSyncManager::EnterLock <S-1-5-18>
USERENV(e8.ec) 08:19:11:375 CSyncManager::EnterLock: No existing entry found
USERENV(e8.ec) 08:19:11:375 CSyncManager::EnterLock: New entry created
USERENV(e8.ec) 08:19:11:375 CHashTable::HashAdd: S-1-5-18 added in bucket 11
USERENV(e8.ec) 08:19:11:375 CUserProfile::CleanupUserProfile: Enter critical section.
USERENV(e8.ec) 08:19:11:375 CUserProfile::GetRefCountAndFlags: Ref count is 1, state is 00000000
USERENV(e8.ec) 08:19:11:375 CUserProfile::CleanupUserProfile: Ref Count is not 0
USERENV(e8.ec) 08:19:11:375 CSyncManager::LeaveLock <S-1-5-18>
USERENV(e8.ec) 08:19:11:375 CSyncManager::LeaveLock: Lock released
USERENV(e8.ec) 08:19:11:375 CHashTable::HashDelete: S-1-5-18 deleted
USERENV(e8.ec) 08:19:11:375 CSyncManager::LeaveLock: Lock deleted
USERENV(e8.ec) 08:19:11:375 CUserProfile::CleanupUserProfile: Leave critical section
USERENV(e8.ec) 08:19:11:375 CUserProfile::Initialize: RpcServerRegisterIfEx successful
USERENV(e8.ec) 08:19:11:375 Exiting CUserProfile::Initialize, successful
USERENV(11c.120) 08:19:11:406 LibMain: Process Name: C:\WINDOWS\system32\services.exe
USERENV(12c.130) 08:19:11:437 LibMain: Process Name: C:\WINDOWS\system32\lsass.exe
USERENV(e8.ec) 08:19:11:468 IsSyncForegroundPolicyRefresh: Asynchronous, Reason: NoNeedForSync
USERENV(208.20c) 08:19:11:968 LibMain: Process Name: C:\WINDOWS\system32\svchost.exe
USERENV(11c.120) 08:19:12:093 LoadUserProfile: Yes, we can impersonate the user. Running as self
USERENV(11c.120) 08:19:12:093 =========================================================
USERENV(11c.120) 08:19:12:093 LoadUserProfile: Entering, hToken = <0x2c4>, lpProfileInfo = 0x7fcf8
USERENV(11c.120) 08:19:12:093 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(11c.120) 08:19:12:093 LoadUserProfile: lpProfileInfo->lpUserName = <NetworkService>
USERENV(11c.120) 08:19:12:093 LoadUserProfile: NULL central profile path
USERENV(11c.120) 08:19:12:093 LoadUserProfile: NULL default profile path
USERENV(11c.120) 08:19:12:093 LoadUserProfile: NULL server name
USERENV(11c.120) 08:19:12:093 GetInterface: Returning rpc binding handle
USERENV(e8.100) 08:19:12:093 IProfileSecurityCallBack: client authenticated.
USERENV(e8.100) 08:19:12:093 DropClientContext: Got client token 000004C4, sid = S-1-5-18
USERENV(e8.100) 08:19:12:093 MIDL_user_allocate enter
USERENV(e8.100) 08:19:12:093 DropClientContext: load profile object successfully made
USERENV(e8.100) 08:19:12:093 DropClientContext: Returning 0
USERENV(11c.120) 08:19:12:093 LoadUserProfile: Calling DropClientToken (as self) succeeded
USERENV(e8.260) 08:19:12:093 IProfileSecurityCallBack: client authenticated.
USERENV(e8.260) 08:19:12:093 In LoadUserProfileP
USERENV(e8.260) 08:19:12:093 LoadUserProfile: Running as client
USERENV(e8.260) 08:19:12:093 =========================================================
USERENV(e8.260) 08:19:12:093 LoadUserProfile: Entering, hToken = <0x4d0>, lpProfileInfo = 0xe8a618
USERENV(e8.260) 08:19:12:093 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(e8.260) 08:19:12:093 LoadUserProfile: lpProfileInfo->lpUserName = <NetworkService>
USERENV(e8.260) 08:19:12:093 LoadUserProfile: NULL central profile path
USERENV(e8.260) 08:19:12:093 LoadUserProfile: NULL default profile path
USERENV(e8.260) 08:19:12:093 LoadUserProfile: NULL server name
USERENV(e8.260) 08:19:12:093 LoadUserProfile: User sid: S-1-5-20
USERENV(e8.260) 08:19:12:093 CSyncManager::EnterLock <S-1-5-20>
USERENV(e8.260) 08:19:12:093 CSyncManager::EnterLock: No existing entry found
USERENV(e8.260) 08:19:12:093 CSyncManager::EnterLock: New entry created
USERENV(e8.260) 08:19:12:093 CHashTable::HashAdd: S-1-5-20 added in bucket 4
USERENV(e8.260) 08:19:12:093 LoadUserProfile: Wait succeeded. In critical section.
USERENV(e8.260) 08:19:12:093 RestoreUserProfile: Entering
USERENV(e8.260) 08:19:12:093 IsCentralProfileReachable: Entering
USERENV(e8.260) 08:19:12:093 IsCentralProfileReachable: Null path. Leaving
USERENV(e8.260) 08:19:12:093 RestoreUserProfile: Profile path = <>
USERENV(e8.260) 08:19:12:093 ExtractProfileFromBackup: A profile already exists
USERENV(e8.260) 08:19:12:093 PatchNewProfileIfRequred: A profile already exists with the current sid, exitting
USERENV(e8.260) 08:19:12:093 CreateLocalProfileKey: Not setting additional Security
USERENV(e8.260) 08:19:12:093 GetExistingLocalProfileImage: Found entry in profile list for existing local profile
USERENV(e8.260) 08:19:12:093 GetExistingLocalProfileImage: Local profile image filename = <%SystemDrive%\Dokumente und Einstellungen\NetworkService>
USERENV(e8.260) 08:19:12:093 GetExistingLocalProfileImage: Expanded local profile image filename = <C:\Dokumente und Einstellungen\NetworkService>
USERENV(e8.260) 08:19:12:093 GetExistingLocalProfileImage: No local mandatory profile. Error = 2
USERENV(e8.260) 08:19:12:093 GetExistingLocalProfileImage: Found local profile image file ok <C:\Dokumente und Einstellungen\NetworkService\ntuser.dat>
USERENV(e8.260) 08:19:12:093 GetExistingLocalProfileImage: Failed to query low profile unload time with error 2
USERENV(e8.260) 08:19:12:109 Local Existing Profile Image is reachable
USERENV(e8.260) 08:19:12:109 Local profile name is <C:\Dokumente und Einstellungen\NetworkService>
USERENV(e8.260) 08:19:12:109 RestoreUserProfile: No central profile. Attempting to load local profile.
USERENV(e8.260) 08:19:12:109 MyRegLoadKey: Returning 00000000
USERENV(e8.260) 08:19:12:109 GetUserDNSDomainName: Domain name is NT Authority. No DNS domain name available.
USERENV(e8.260) 08:19:12:109 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(e8.260) 08:19:12:109 MyRegLoadKey: Returning 00000000
USERENV(e8.260) 08:19:12:109 CreateClassHive: existing user classes hive found
USERENV(e8.260) 08:19:12:109 RestoreUserProfile: About to Leave. Final Information follows:
USERENV(e8.260) 08:19:12:109 Profile was successfully loaded.
USERENV(e8.260) 08:19:12:109 lpProfile->lpRoamingProfile = <>
USERENV(e8.260) 08:19:12:109 lpProfile->lpLocalProfile = <C:\Dokumente und Einstellungen\NetworkService>
USERENV(e8.260) 08:19:12:109 lpProfile->dwInternalFlags = 0x0
USERENV(e8.260) 08:19:12:109 RestoreUserProfile: Leaving.
USERENV(e8.260) 08:19:12:109 UpgradeProfile: Entering
USERENV(e8.260) 08:19:12:109 UpgradeProfile: Build numbers match
USERENV(e8.260) 08:19:12:109 UpgradeProfile: Leaving Successfully
USERENV(e8.260) 08:19:12:109 GetProfileType: Profile already loaded.
USERENV(e8.260) 08:19:12:109 LoadProfileInfo: Failed to query central profile with error 2
USERENV(e8.260) 08:19:12:109 GetProfileType: ProfileFlags is 0
USERENV(e8.260) 08:19:12:156 Profile Ref Count is 1
USERENV(e8.260) 08:19:12:156 LoadUserProfile: Leaving critical Section.
USERENV(e8.260) 08:19:12:156 CSyncManager::LeaveLock <S-1-5-20>
USERENV(e8.260) 08:19:12:156 CSyncManager::LeaveLock: Lock released
USERENV(e8.260) 08:19:12:156 CHashTable::HashDelete: S-1-5-20 deleted
USERENV(e8.260) 08:19:12:156 CSyncManager::LeaveLock: Lock deleted
USERENV(e8.260) 08:19:12:156 LoadUserProfile: Impersonated user: 000004d0, 000004dc
USERENV(12c.184) 08:19:12:171 GetUserDNSDomainName: Domain name is NT Authority. No DNS domain name available.
USERENV(12c.184) 08:19:12:171 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(12c.184) 08:19:12:171 GetUserDNSDomainName: Domain name is NT Authority. No DNS domain name available.
USERENV(12c.184) 08:19:12:171 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(e8.260) 08:19:12:171 LoadUserProfile: Reverted to user: 00000000
USERENV(e8.260) 08:19:12:171 LoadUserProfile: Reverted back to user <00000000>
USERENV(e8.260) 08:19:12:171 LoadUserProfile: Leaving with a value of 1.
USERENV(e8.260) 08:19:12:171 =========================================================
USERENV(e8.260) 08:19:12:171 LoadUserProfileI: returning 0
USERENV(11c.120) 08:19:12:171 LoadUserProfile: Running as self
USERENV(11c.120) 08:19:12:171 LoadUserProfile: Calling LoadUserProfileI (as user) succeeded
USERENV(11c.120) 08:19:12:171 LoadUserProfile: Returning success. Final Information follows:
USERENV(11c.120) 08:19:12:171 lpProfileInfo->UserName = <NetworkService>
USERENV(11c.120) 08:19:12:171 lpProfileInfo->lpProfilePath = <>
USERENV(11c.120) 08:19:12:171 lpProfileInfo->dwFlags = 0x9
USERENV(e8.100) 08:19:12:171 IProfileSecurityCallBack: client authenticated.
USERENV(e8.100) 08:19:12:171 ReleaseClientContext: Releasing context
USERENV(e8.100) 08:19:12:171 ReleaseClientContext_s: Releasing context
USERENV(e8.100) 08:19:12:171 MIDL_user_free enter
USERENV(11c.120) 08:19:12:187 ReleaseInterface: Releasing rpc binding handle
USERENV(11c.120) 08:19:12:187 LoadUserProfile: Returning TRUE. hProfile = <0x348>
USERENV(11c.120) 08:19:12:187 GetUserDNSDomainName: Domain name is NT Authority. No DNS domain name available.
USERENV(11c.120) 08:19:12:187 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(264.268) 08:19:12:203 LibMain: Process Name: C:\WINDOWS\system32\svchost.exe
USERENV(640.644) 08:19:12:265 LibMain: Process Name: C:\WINDOWS\System32\svchost.exe
USERENV(11c.120) 08:19:12:281 LoadUserProfile: Yes, we can impersonate the user. Running as self
USERENV(11c.120) 08:19:12:281 =========================================================
USERENV(11c.120) 08:19:12:281 LoadUserProfile: Entering, hToken = <0x384>, lpProfileInfo = 0x7fcf8
USERENV(11c.120) 08:19:12:281 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(11c.120) 08:19:12:281 LoadUserProfile: lpProfileInfo->lpUserName = <NetworkService>
USERENV(11c.120) 08:19:12:281 LoadUserProfile: NULL central profile path
USERENV(11c.120) 08:19:12:281 LoadUserProfile: NULL default profile path
USERENV(11c.120) 08:19:12:281 LoadUserProfile: NULL server name
USERENV(11c.120) 08:19:12:281 GetInterface: Returning rpc binding handle
USERENV(e8.260) 08:19:12:281 IProfileSecurityCallBack: client authenticated.
USERENV(e8.260) 08:19:12:281 DropClientContext: Got client token 000004C4, sid = S-1-5-18
USERENV(e8.260) 08:19:12:281 MIDL_user_allocate enter
USERENV(e8.260) 08:19:12:281 DropClientContext: load profile object successfully made
USERENV(e8.260) 08:19:12:281 DropClientContext: Returning 0
USERENV(11c.120) 08:19:12:281 LoadUserProfile: Calling DropClientToken (as self) succeeded
USERENV(e8.100) 08:19:12:281 IProfileSecurityCallBack: client authenticated.
USERENV(e8.100) 08:19:12:281 In LoadUserProfileP
USERENV(e8.100) 08:19:12:281 LoadUserProfile: Running as client
USERENV(e8.100) 08:19:12:296 =========================================================
USERENV(e8.100) 08:19:12:296 LoadUserProfile: Entering, hToken = <0x4d0>, lpProfileInfo = 0xe8a618
USERENV(e8.100) 08:19:12:296 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(e8.100) 08:19:12:296 LoadUserProfile: lpProfileInfo->lpUserName = <NetworkService>
USERENV(e8.100) 08:19:12:296 LoadUserProfile: NULL central profile path
USERENV(e8.100) 08:19:12:296 LoadUserProfile: NULL default profile path
USERENV(e8.100) 08:19:12:296 LoadUserProfile: NULL server name
USERENV(e8.100) 08:19:12:296 LoadUserProfile: User sid: S-1-5-20
USERENV(e8.100) 08:19:12:296 CSyncManager::EnterLock <S-1-5-20>
USERENV(e8.100) 08:19:12:296 CSyncManager::EnterLock: No existing entry found
USERENV(e8.100) 08:19:12:296 CSyncManager::EnterLock: New entry created
USERENV(e8.100) 08:19:12:296 CHashTable::HashAdd: S-1-5-20 added in bucket 4
USERENV(e8.100) 08:19:12:296 LoadUserProfile: Wait succeeded. In critical section.
USERENV(e8.100) 08:19:12:296 TestIfUserProfileLoaded: Profile already loaded.
USERENV(e8.100) 08:19:12:296 Profile Ref Count is 2
USERENV(e8.100) 08:19:12:296 LoadUserProfile: Leaving critical Section.
USERENV(e8.100) 08:19:12:296 CSyncManager::LeaveLock <S-1-5-20>
USERENV(e8.100) 08:19:12:296 CSyncManager::LeaveLock: Lock released
USERENV(e8.100) 08:19:12:296 CHashTable::HashDelete: S-1-5-20 deleted
USERENV(e8.100) 08:19:12:296 CSyncManager::LeaveLock: Lock deleted
USERENV(e8.100) 08:19:12:296 LoadUserProfile: Impersonated user: 000004d0, 000004dc
USERENV(e8.100) 08:19:12:296 LoadUserProfile: Reverted to user: 00000000
USERENV(e8.100) 08:19:12:296 LoadUserProfile: Reverted back to user <00000000>
USERENV(e8.100) 08:19:12:296 LoadUserProfile: Leaving with a value of 1.
USERENV(e8.100) 08:19:12:296 =========================================================
USERENV(e8.100) 08:19:12:296 LoadUserProfileI: returning 0
USERENV(11c.120) 08:19:12:296 LoadUserProfile: Running as self
USERENV(11c.120) 08:19:12:296 LoadUserProfile: Calling LoadUserProfileI (as user) succeeded
USERENV(11c.120) 08:19:12:296 LoadUserProfile: Returning success. Final Information follows:
USERENV(11c.120) 08:19:12:296 lpProfileInfo->UserName = <NetworkService>
USERENV(11c.120) 08:19:12:296 lpProfileInfo->lpProfilePath = <>
USERENV(11c.120) 08:19:12:296 lpProfileInfo->dwFlags = 0x9
USERENV(e8.260) 08:19:12:296 IProfileSecurityCallBack: client authenticated.
USERENV(e8.260) 08:19:12:296 ReleaseClientContext: Releasing context
USERENV(e8.260) 08:19:12:296 ReleaseClientContext_s: Releasing context
USERENV(e8.260) 08:19:12:296 MIDL_user_free enter
USERENV(11c.120) 08:19:12:296 ReleaseInterface: Releasing rpc binding handle
USERENV(11c.120) 08:19:12:296 LoadUserProfile: Returning TRUE. hProfile = <0x374>
USERENV(11c.120) 08:19:12:296 GetUserDNSDomainName: Domain name is NT Authority. No DNS domain name available.
USERENV(11c.120) 08:19:12:296 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(32c.334) 08:19:12:328 LibMain: Process Name: C:\WINDOWS\system32\svchost.exe
USERENV(11c.120) 08:19:12:328 LoadUserProfile: Yes, we can impersonate the user. Running as self
USERENV(11c.120) 08:19:12:328 =========================================================
USERENV(11c.120) 08:19:12:328 LoadUserProfile: Entering, hToken = <0x3a4>, lpProfileInfo = 0x7fcf8
USERENV(11c.120) 08:19:12:328 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(11c.120) 08:19:12:328 LoadUserProfile: lpProfileInfo->lpUserName = <LocalService>
USERENV(11c.120) 08:19:12:328 LoadUserProfile: NULL central profile path
USERENV(11c.120) 08:19:12:328 LoadUserProfile: NULL default profile path
USERENV(11c.120) 08:19:12:328 LoadUserProfile: NULL server name
USERENV(11c.120) 08:19:12:328 GetInterface: Returning rpc binding handle
USERENV(e8.100) 08:19:12:328 IProfileSecurityCallBack: client authenticated.
USERENV(e8.100) 08:19:12:328 DropClientContext: Got client token 000004C4, sid = S-1-5-18
USERENV(e8.100) 08:19:12:328 MIDL_user_allocate enter
USERENV(e8.100) 08:19:12:328 DropClientContext: load profile object successfully made
USERENV(e8.100) 08:19:12:328 DropClientContext: Returning 0
USERENV(11c.120) 08:19:12:328 LoadUserProfile: Calling DropClientToken (as self) succeeded
USERENV(e8.260) 08:19:12:328 IProfileSecurityCallBack: client authenticated.
USERENV(e8.260) 08:19:12:328 In LoadUserProfileP
USERENV(e8.260) 08:19:12:328 LoadUserProfile: Running as client
USERENV(e8.260) 08:19:12:328 =========================================================
USERENV(e8.260) 08:19:12:328 LoadUserProfile: Entering, hToken = <0x4d0>, lpProfileInfo = 0xe8a618
USERENV(e8.260) 08:19:12:328 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(e8.260) 08:19:12:328 LoadUserProfile: lpProfileInfo->lpUserName = <LocalService>
USERENV(e8.260) 08:19:12:328 LoadUserProfile: NULL central profile path
USERENV(e8.260) 08:19:12:328 LoadUserProfile: NULL default profile path
USERENV(e8.260) 08:19:12:328 LoadUserProfile: NULL server name
USERENV(e8.260) 08:19:12:328 LoadUserProfile: User sid: S-1-5-19
USERENV(e8.260) 08:19:12:328 CSyncManager::EnterLock <S-1-5-19>
USERENV(e8.260) 08:19:12:328 CSyncManager::EnterLock: No existing entry found
USERENV(e8.260) 08:19:12:328 CSyncManager::EnterLock: New entry created
USERENV(e8.260) 08:19:12:328 CHashTable::HashAdd: S-1-5-19 added in bucket 12
USERENV(e8.260) 08:19:12:328 LoadUserProfile: Wait succeeded. In critical section.
USERENV(e8.260) 08:19:12:328 RestoreUserProfile: Entering
USERENV(e8.260) 08:19:12:328 IsCentralProfileReachable: Entering
USERENV(e8.260) 08:19:12:328 IsCentralProfileReachable: Null path. Leaving
USERENV(e8.260) 08:19:12:328 RestoreUserProfile: Profile path = <>
USERENV(e8.260) 08:19:12:328 ExtractProfileFromBackup: A profile already exists
USERENV(e8.260) 08:19:12:328 PatchNewProfileIfRequred: A profile already exists with the current sid, exitting
USERENV(e8.260) 08:19:12:328 CreateLocalProfileKey: Not setting additional Security
USERENV(e8.260) 08:19:12:328 GetExistingLocalProfileImage: Found entry in profile list for existing local profile
USERENV(e8.260) 08:19:12:328 GetExistingLocalProfileImage: Local profile image filename = <%SystemDrive%\Dokumente und Einstellungen\LocalService>
USERENV(e8.260) 08:19:12:328 GetExistingLocalProfileImage: Expanded local profile image filename = <C:\Dokumente und Einstellungen\LocalService>
USERENV(e8.260) 08:19:12:328 GetExistingLocalProfileImage: No local mandatory profile. Error = 2
USERENV(e8.260) 08:19:12:328 GetExistingLocalProfileImage: Found local profile image file ok <C:\Dokumente und Einstellungen\LocalService\ntuser.dat>
USERENV(e8.260) 08:19:12:328 GetExistingLocalProfileImage: Failed to query low profile unload time with error 2
USERENV(e8.260) 08:19:12:328 Local Existing Profile Image is reachable
USERENV(e8.260) 08:19:12:343 Local profile name is <C:\Dokumente und Einstellungen\LocalService>
USERENV(e8.260) 08:19:12:343 RestoreUserProfile: No central profile. Attempting to load local profile.
USERENV(e8.260) 08:19:12:343 MyRegLoadKey: Returning 00000000
USERENV(e8.260) 08:19:12:343 GetUserDNSDomainName: Domain name is NT Authority. No DNS domain name available.
USERENV(e8.260) 08:19:12:343 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(e8.260) 08:19:12:343 MyRegLoadKey: Returning 00000000
USERENV(e8.260) 08:19:12:343 CreateClassHive: existing user classes hive found
USERENV(e8.260) 08:19:12:343 RestoreUserProfile: About to Leave. Final Information follows:
USERENV(e8.260) 08:19:12:343 Profile was successfully loaded.
USERENV(e8.260) 08:19:12:343 lpProfile->lpRoamingProfile = <>
USERENV(e8.260) 08:19:12:343 lpProfile->lpLocalProfile = <C:\Dokumente und Einstellungen\LocalService>
USERENV(e8.260) 08:19:12:343 lpProfile->dwInternalFlags = 0x0
USERENV(e8.260) 08:19:12:343 RestoreUserProfile: Leaving.
USERENV(e8.260) 08:19:12:343 UpgradeProfile: Entering
USERENV(e8.260) 08:19:12:343 UpgradeProfile: Build numbers match
USERENV(e8.260) 08:19:12:343 UpgradeProfile: Leaving Successfully
USERENV(e8.260) 08:19:12:343 GetProfileType: Profile already loaded.
USERENV(e8.260) 08:19:12:343 LoadProfileInfo: Failed to query central profile with error 2
USERENV(e8.260) 08:19:12:343 GetProfileType: ProfileFlags is 0
USERENV(e8.260) 08:19:12:375 Profile Ref Count is 1
USERENV(e8.260) 08:19:12:375 LoadUserProfile: Leaving critical Section.
USERENV(e8.260) 08:19:12:375 CSyncManager::LeaveLock <S-1-5-19>
USERENV(e8.260) 08:19:12:375 CSyncManager::LeaveLock: Lock released
USERENV(e8.260) 08:19:12:375 CHashTable::HashDelete: S-1-5-19 deleted
USERENV(e8.260) 08:19:12:375 CSyncManager::LeaveLock: Lock deleted
USERENV(e8.260) 08:19:12:375 LoadUserProfile: Impersonated user: 000004d0, 000004dc
USERENV(12c.1a4) 08:19:12:375 GetUserDNSDomainName: Domain name is NT Authority. No DNS domain name available.
USERENV(12c.1a4) 08:19:12:375 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(12c.1a4) 08:19:12:375 GetUserDNSDomainName: Domain name is NT Authority. No DNS domain name available.
USERENV(12c.1a4) 08:19:12:375 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(e8.260) 08:19:12:390 LoadUserProfile: Reverted to user: 00000000
USERENV(e8.260) 08:19:12:390 LoadUserProfile: Reverted back to user <00000000>
USERENV(e8.260) 08:19:12:390 LoadUserProfile: Leaving with a value of 1.
USERENV(e8.260) 08:19:12:390 =========================================================
USERENV(e8.260) 08:19:12:390 LoadUserProfileI: returning 0
USERENV(11c.120) 08:19:12:390 LoadUserProfile: Running as self
USERENV(11c.120) 08:19:12:390 LoadUserProfile: Calling LoadUserProfileI (as user) succeeded
USERENV(11c.120) 08:19:12:390 LoadUserProfile: Returning success. Final Information follows:
USERENV(11c.120) 08:19:12:390 lpProfileInfo->UserName = <LocalService>
USERENV(11c.120) 08:19:12:390 lpProfileInfo->lpProfilePath = <>
USERENV(11c.120) 08:19:12:390 lpProfileInfo->dwFlags = 0x9
USERENV(e8.100) 08:19:12:406 IProfileSecurityCallBack: client authenticated.
USERENV(e8.100) 08:19:12:406 ReleaseClientContext: Releasing context
USERENV(e8.100) 08:19:12:406 ReleaseClientContext_s: Releasing context
USERENV(e8.100) 08:19:12:406 MIDL_user_free enter
USERENV(11c.120) 08:19:12:406 ReleaseInterface: Releasing rpc binding handle
USERENV(11c.120) 08:19:12:406 LoadUserProfile: Returning TRUE. hProfile = <0x398>
USERENV(11c.120) 08:19:12:406 GetUserDNSDomainName: Domain name is NT Authority. No DNS domain name available.
USERENV(11c.120) 08:19:12:406 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(4cc.4d0) 08:19:12:421 LibMain: Process Name: C:\WINDOWS\system32\svchost.exe
USERENV(758.768) 08:19:12:968 LibMain: Process Name: C:\WINDOWS\system32\spoolsv.exe
USERENV(11c.120) 08:19:12:984 LoadUserProfile: Yes, we can impersonate the user. Running as self
USERENV(11c.120) 08:19:12:984 =========================================================
USERENV(11c.120) 08:19:12:984 LoadUserProfile: Entering, hToken = <0x3d4>, lpProfileInfo = 0x7fcf8
USERENV(11c.120) 08:19:12:984 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(11c.120) 08:19:12:984 LoadUserProfile: lpProfileInfo->lpUserName = <LocalService>
USERENV(11c.120) 08:19:12:984 LoadUserProfile: NULL central profile path
USERENV(11c.120) 08:19:12:984 LoadUserProfile: NULL default profile path
USERENV(11c.120) 08:19:12:984 LoadUserProfile: NULL server name
USERENV(11c.120) 08:19:12:984 GetInterface: Returning rpc binding handle
USERENV(e8.260) 08:19:12:984 IProfileSecurityCallBack: client authenticated.
USERENV(e8.260) 08:19:12:984 DropClientContext: Got client token 000004C4, sid = S-1-5-18
USERENV(e8.260) 08:19:12:984 MIDL_user_allocate enter
USERENV(e8.260) 08:19:12:984 DropClientContext: load profile object successfully made
USERENV(e8.260) 08:19:12:984 DropClientContext: Returning 0
USERENV(11c.120) 08:19:12:984 LoadUserProfile: Calling DropClientToken (as self) succeeded
USERENV(e8.100) 08:19:12:984 IProfileSecurityCallBack: client authenticated.
USERENV(e8.100) 08:19:12:984 In LoadUserProfileP
USERENV(e8.100) 08:19:12:984 LoadUserProfile: Running as client
USERENV(e8.100) 08:19:12:984 =========================================================
USERENV(e8.100) 08:19:12:984 LoadUserProfile: Entering, hToken = <0x4d0>, lpProfileInfo = 0xe8a618
USERENV(e8.100) 08:19:12:984 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(e8.100) 08:19:12:984 LoadUserProfile: lpProfileInfo->lpUserName = <LocalService>
USERENV(e8.100) 08:19:12:984 LoadUserProfile: NULL central profile path
USERENV(e8.100) 08:19:12:984 LoadUserProfile: NULL default profile path
USERENV(e8.100) 08:19:12:984 LoadUserProfile: NULL server name
USERENV(e8.100) 08:19:12:984 LoadUserProfile: User sid: S-1-5-19
USERENV(e8.100) 08:19:12:984 CSyncManager::EnterLock <S-1-5-19>
USERENV(e8.100) 08:19:12:984 CSyncManager::EnterLock: No existing entry found
USERENV(e8.100) 08:19:12:984 CSyncManager::EnterLock: New entry created
USERENV(e8.100) 08:19:12:984 CHashTable::HashAdd: S-1-5-19 added in bucket 12
USERENV(e8.100) 08:19:12:984 LoadUserProfile: Wait succeeded. In critical section.
USERENV(e8.100) 08:19:12:984 TestIfUserProfileLoaded: Profile already loaded.
USERENV(e8.100) 08:19:12:984 Profile Ref Count is 2
USERENV(e8.100) 08:19:12:984 LoadUserProfile: Leaving critical Section.
USERENV(e8.100) 08:19:12:984 CSyncManager::LeaveLock <S-1-5-19>
USERENV(e8.100) 08:19:12:984 CSyncManager::LeaveLock: Lock released
USERENV(e8.100) 08:19:12:984 CHashTable::HashDelete: S-1-5-19 deleted
USERENV(e8.100) 08:19:12:984 CSyncManager::LeaveLock: Lock deleted
USERENV(e8.100) 08:19:12:984 LoadUserProfile: Impersonated user: 000004d0, 000004dc
USERENV(e8.100) 08:19:12:984 LoadUserProfile: Reverted to user: 00000000
USERENV(e8.100) 08:19:12:984 LoadUserProfile: Reverted back to user <00000000>
USERENV(e8.100) 08:19:12:984 LoadUserProfile: Leaving with a value of 1.
USERENV(e8.100) 08:19:12:984 =========================================================
USERENV(e8.100) 08:19:12:984 LoadUserProfileI: returning 0
USERENV(11c.120) 08:19:12:984 LoadUserProfile: Running as self
USERENV(11c.120) 08:19:12:984 LoadUserProfile: Calling LoadUserProfileI (as user) succeeded
USERENV(11c.120) 08:19:13:000 LoadUserProfile: Returning success. Final Information follows:
USERENV(11c.120) 08:19:13:000 lpProfileInfo->UserName = <LocalService>
USERENV(11c.120) 08:19:13:000 lpProfileInfo->lpProfilePath = <>
USERENV(11c.120) 08:19:13:000 lpProfileInfo->dwFlags = 0x9
USERENV(e8.260) 08:19:13:000 IProfileSecurityCallBack: client authenticated.
USERENV(e8.260) 08:19:13:000 ReleaseClientContext: Releasing context
USERENV(e8.260) 08:19:13:000 ReleaseClientContext_s: Releasing context
USERENV(e8.260) 08:19:13:000 MIDL_user_free enter
USERENV(11c.120) 08:19:13:000 ReleaseInterface: Releasing rpc binding handle
USERENV(11c.120) 08:19:13:000 LoadUserProfile: Returning TRUE. hProfile = <0x3cc>
USERENV(11c.120) 08:19:13:000 GetUserDNSDomainName: Domain name is NT Authority. No DNS domain name available.
USERENV(11c.120) 08:19:13:000 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(790.794) 08:19:13:015 LibMain: Process Name: C:\WINDOWS\System32\SCardSvr.exe
USERENV(4b4.4b8) 08:19:22:078 LibMain: Process Name: C:\WINDOWS\system32\cisvc.exe
USERENV(568.57c) 08:19:28:312 LibMain: Process Name: C:\Programme\Trend Micro\OfficeScan Client\ntrtscan.exe
USERENV(568.57c) 08:19:28:359 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(3f0.3ec) 08:19:28:421 LibMain: Process Name: C:\Programme\VMware\VMware Workstation\vmware-authd.exe
USERENV(bc.180) 08:19:29:093 LibMain: Process Name: C:\Programme\Exchsrvr\bin\exmgmt.exe
USERENV(11c.68c) 08:19:29:671 LoadUserProfile: Yes, we can impersonate the user. Running as self
USERENV(11c.68c) 08:19:29:671 =========================================================
USERENV(11c.68c) 08:19:29:671 LoadUserProfile: Entering, hToken = <0x28>, lpProfileInfo = 0xd8f6ec
USERENV(11c.68c) 08:19:29:671 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(11c.68c) 08:19:29:671 LoadUserProfile: lpProfileInfo->lpUserName = <LocalService>
USERENV(11c.68c) 08:19:29:671 LoadUserProfile: NULL central profile path
USERENV(11c.68c) 08:19:29:671 LoadUserProfile: NULL default profile path
USERENV(11c.68c) 08:19:29:671 LoadUserProfile: NULL server name
USERENV(11c.68c) 08:19:29:671 GetInterface: Returning rpc binding handle
USERENV(e8.100) 08:19:29:671 IProfileSecurityCallBack: client authenticated.
USERENV(e8.100) 08:19:29:671 DropClientContext: Got client token 000004D8, sid = S-1-5-18
USERENV(e8.100) 08:19:29:671 MIDL_user_allocate enter
USERENV(e8.100) 08:19:29:671 DropClientContext: load profile object successfully made
USERENV(e8.100) 08:19:29:671 DropClientContext: Returning 0
USERENV(11c.68c) 08:19:29:671 LoadUserProfile: Calling DropClientToken (as self) succeeded
USERENV(e8.260) 08:19:29:671 IProfileSecurityCallBack: client authenticated.
USERENV(e8.260) 08:19:29:671 In LoadUserProfileP
USERENV(e8.260) 08:19:29:671 LoadUserProfile: Running as client
USERENV(e8.260) 08:19:29:671 =========================================================
USERENV(e8.260) 08:19:29:671 LoadUserProfile: Entering, hToken = <0x4dc>, lpProfileInfo = 0x79380
USERENV(e8.260) 08:19:29:671 LoadUserProfile: lpProfileInfo->dwFlags = <0x9>
USERENV(e8.260) 08:19:29:671 LoadUserProfile: lpProfileInfo->lpUserName = <LocalService>
USERENV(e8.260) 08:19:29:671 LoadUserProfile: NULL central profile path
USERENV(e8.260) 08:19:29:671 LoadUserProfile: NULL default profile path
USERENV(e8.260) 08:19:29:671 LoadUserProfile: NULL server name
USERENV(e8.260) 08:19:29:671 LoadUserProfile: User sid: S-1-5-19
USERENV(e8.260) 08:19:29:671 CSyncManager::EnterLock <S-1-5-19>
USERENV(e8.260) 08:19:29:671 CSyncManager::EnterLock: No existing entry found
USERENV(e8.260) 08:19:29:671 CSyncManager::EnterLock: New entry created
USERENV(e8.260) 08:19:29:671 CHashTable::HashAdd: S-1-5-19 added in bucket 12
USERENV(e8.260) 08:19:29:671 LoadUserProfile: Wait succeeded. In critical section.
USERENV(e8.260) 08:19:29:671 TestIfUserProfileLoaded: Profile already loaded.
USERENV(e8.260) 08:19:29:671 Profile Ref Count is 3
USERENV(e8.260) 08:19:29:671 LoadUserProfile: Leaving critical Section.
USERENV(e8.260) 08:19:29:671 CSyncManager::LeaveLock <S-1-5-19>
USERENV(e8.260) 08:19:29:671 CSyncManager::LeaveLock: Lock released
USERENV(e8.260) 08:19:29:671 CHashTable::HashDelete: S-1-5-19 deleted
USERENV(e8.260) 08:19:29:671 CSyncManager::LeaveLock: Lock deleted
USERENV(e8.260) 08:19:29:671 LoadUserProfile: Impersonated user: 000004dc, 000004fc
USERENV(e8.260) 08:19:29:671 LoadUserProfile: Reverted to user: 00000000
USERENV(e8.260) 08:19:29:671 LoadUserProfile: Reverted back to user <00000000>
USERENV(e8.260) 08:19:29:671 LoadUserProfile: Leaving with a value of 1.
USERENV(e8.260) 08:19:29:671 =========================================================
USERENV(e8.260) 08:19:29:671 LoadUserProfileI: returning 0
USERENV(11c.68c) 08:19:29:671 LoadUserProfile: Running as self
USERENV(11c.68c) 08:19:29:671 LoadUserProfile: Calling LoadUserProfileI (as user) succeeded
USERENV(11c.68c) 08:19:29:671 LoadUserProfile: Returning success. Final Information follows:
USERENV(11c.68c) 08:19:29:671 lpProfileInfo->UserName = <LocalService>
USERENV(11c.68c) 08:19:29:671 lpProfileInfo->lpProfilePath = <>
USERENV(11c.68c) 08:19:29:671 lpProfileInfo->dwFlags = 0x9
USERENV(e8.100) 08:19:29:671 IProfileSecurityCallBack: client authenticated.
USERENV(e8.100) 08:19:29:671 ReleaseClientContext: Releasing context
USERENV(e8.100) 08:19:29:671 ReleaseClientContext_s: Releasing context
USERENV(e8.100) 08:19:29:671 MIDL_user_free enter
USERENV(11c.68c) 08:19:29:671 ReleaseInterface: Releasing rpc binding handle
USERENV(11c.68c) 08:19:29:671 LoadUserProfile: Returning TRUE. hProfile = <0x35c>
USERENV(11c.68c) 08:19:29:671 GetUserDNSDomainName: Domain name is NT Authority. No DNS domain name available.
USERENV(11c.68c) 08:19:29:671 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(338.5ac) 08:19:29:703 LibMain: Process Name: C:\WINDOWS\System32\alg.exe
USERENV(4a4.544) 08:19:35:140 LibMain: Process Name: C:\WINDOWS\system32\ipconfig.exe
USERENV(120.358) 08:19:35:734 LibMain: Process Name: C:\Programme\Trend Micro\OfficeScan Client\TSC.EXE
USERENV(120.358) 08:19:35:734 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(120.358) 08:19:35:750 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(120.358) 08:19:35:750 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(120.358) 08:19:35:750 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(120.358) 08:19:35:750 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(120.358) 08:19:35:750 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(120.358) 08:19:35:750 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(120.358) 08:19:35:765 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(120.358) 08:19:35:812 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(e8.ec) 08:19:46:983 IsSyncForegroundPolicyRefresh: Asynchronous, Reason: NoNeedForSync
USERENV(e8.c60) 08:19:46:999 IsSyncForegroundPolicyRefresh: Asynchronous, Reason: NoNeedForSync
USERENV(e8.c60) 08:19:46:999 ApplyGroupPolicy: Entering. Flags = f
USERENV(e8.c60) 08:19:46:999 ProcessGPOs:
USERENV(e8.c60) 08:19:46:999 ProcessGPOs:
USERENV(e8.c60) 08:19:47:015 ProcessGPOs: Starting computer Group Policy (Async forground) processing...
USERENV(e8.c60) 08:19:47:015 ProcessGPOs:
USERENV(e8.c60) 08:19:47:015 ProcessGPOs:
USERENV(e8.c60) 08:19:47:015 EnterCriticalPolicySectionEx: Entering with timeout 600000 and flags 0x0
USERENV(e8.c60) 08:19:47:015 EnterCriticalPolicySectionEx: Machine critical section has been claimed. Handle = 0xf8
USERENV(e8.c60) 08:19:47:015 EnterCriticalPolicySectionEx: Leaving successfully.
USERENV(e8.c60) 08:19:47:015 ProcessGPOs: Machine role is 2.
USERENV(e8.c60) 08:19:47:015 PingComputer: PingBufferSize set as 2048
USERENV(e8.c60) 08:19:47:031 PingComputer: Adapter speed 100000000 bps
USERENV(e8.c60) 08:19:47:031 PingComputer: First time: 0
USERENV(e8.c60) 08:19:47:031 PingComputer: Fast link. Exiting.
USERENV(e8.c60) 08:19:47:031 ProcessGPOs: network name is unseredomaene.org
USERENV(e8.c60) 08:19:47:048 ProcessGPOs: User name is: CN=XPLT-00-6844,OU=Computer,OU=IT,OU=de-00,OU=Holding,DC=unserefirma,DC=org, Domain name is: unserefirma-ORG
USERENV(e8.c60) 08:19:47:048 ProcessGPOs: Domain controller is: \\DC01.unseredomaene.org Domain DN is unseredomaene.org
USERENV(e8.c60) 08:19:47:048 ReadGPExtensions: Rsop entry point not found for gptext.dll.
USERENV(e8.c60) 08:19:47:048 ReadGPExtensions: Rsop entry point not found for dskquota.dll.
USERENV(e8.c60) 08:19:47:048 ReadGPExtensions: Rsop entry point not found for gptext.dll.
USERENV(e8.c60) 08:19:47:048 ReadGPExtensions: Rsop entry point not found for iedkcs32.dll.
USERENV(e8.c60) 08:19:47:048 ReadGPExtensions: Rsop entry point not found for scecli.dll.
USERENV(e8.c60) 08:19:47:064 ReadGPExtensions: Rsop entry point not found for C:\WINDOWS\System32\cscui.dll.
USERENV(e8.c60) 08:19:47:064 ReadGPExtensions: Rsop entry point not found for gptext.dll.
USERENV(e8.c60) 08:19:47:064 ReadExtStatus: Reading Previous Status for extension {35378EAC-683F-11D2-A89A-00C04FBBCFA2}
USERENV(e8.c60) 08:19:47:064 ReadStatus: Read Extension's Previous status successfully.
USERENV(e8.c60) 08:19:47:064 ReadExtStatus: Reading Previous Status for extension {0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}
USERENV(e8.c60) 08:19:47:064 ReadExtStatus: Reading Previous Status for extension {25537BA6-77A8-11D2-9B6C-0000F8080861}
USERENV(e8.c60) 08:19:47:064 ReadExtStatus: Reading Previous Status for extension {3610eda5-77ef-11d2-8dc5-00c04fa31a66}
USERENV(e8.c60) 08:19:47:064 ReadExtStatus: Reading Previous Status for extension {426031c0-0b47-4852-b0ca-ac3d37bfcb39}
USERENV(e8.c60) 08:19:47:064 ReadExtStatus: Reading Previous Status for extension {42B5FAAE-6536-11d2-AE5A-0000F87571E3}
USERENV(e8.c60) 08:19:47:064 ReadStatus: Read Extension's Previous status successfully.
USERENV(e8.c60) 08:19:47:064 ReadExtStatus: Reading Previous Status for extension {4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}
USERENV(e8.c60) 08:19:47:064 ReadExtStatus: Reading Previous Status for extension {827D319E-6EAC-11D2-A4EA-00C04F79F83A}
USERENV(e8.c60) 08:19:47:064 ReadStatus: Read Extension's Previous status successfully.
USERENV(e8.c60) 08:19:47:064 ReadExtStatus: Reading Previous Status for extension {A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}
USERENV(e8.c60) 08:19:47:064 ReadExtStatus: Reading Previous Status for extension {B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}
USERENV(e8.c60) 08:19:47:064 ReadStatus: Read Extension's Previous status successfully.
USERENV(e8.c60) 08:19:47:064 ReadExtStatus: Reading Previous Status for extension {C631DF4C-088F-4156-B058-4375F0853CD8}
USERENV(e8.c60) 08:19:47:064 ReadExtStatus: Reading Previous Status for extension {c6dc5466-785a-11d2-84d0-00c04fb169f7}
USERENV(e8.c60) 08:19:47:064 ReadExtStatus: Reading Previous Status for extension {e437bc1c-aa7d-11d2-a382-00c04f991e27}
USERENV(e8.c60) 08:19:47:064 ProcessGPOs: Calling GetGPOInfo for normal policy mode
USERENV(e8.c60) 08:19:47:064 GetGPOInfo:
USERENV(e8.c60) 08:19:47:064 GetGPOInfo: Entering...
USERENV(e8.c60) 08:19:47:096 GetGPOInfo: Server connection established.
USERENV(e8.c60) 08:19:47:112 GetGPOInfo: Bound successfully.
USERENV(e8.c60) 08:19:47:112 SearchDSObject: Searching <OU=Computer,OU=IT,OU=de-00,OU=Holding,DC=unserefirma,DC=org>
USERENV(e8.c60) 08:19:47:112 SearchDSObject: No GPO(s) for this object.
USERENV(e8.c60) 08:19:47:112 SearchDSObject: Searching <OU=IT,OU=de-00,OU=Holding,DC=unserefirma,DC=org>
USERENV(e8.c60) 08:19:47:112 SearchDSObject: Found GPO(s): < >
USERENV(e8.c60) 08:19:47:112 SearchDSObject: Searching <OU=de-00,OU=Holding,DC=unserefirma,DC=org>
USERENV(e8.c60) 08:19:47:112 SearchDSObject: Found GPO(s): <[LDAP:cn={1BD0F65B-3312-42B4-89BD-B27D4BBF9C03},cn=policies,cn=system,DC=unserefirma,DC=org;0]>
USERENV(e8.c60) 08:19:47:112 ProcessGPO: ==============================
USERENV(e8.c60) 08:19:47:112 ProcessGPO: Deferring search for <LDAP:cn={1BD0F65B-3312-42B4-89BD-B27D4BBF9C03},cn=policies,cn=system,DC=unserefirma,DC=org>
USERENV(e8.c60) 08:19:47:128 SearchDSObject: Searching <OU=Holding,DC=unserefirma,DC=org>
USERENV(e8.c60) 08:19:47:128 SearchDSObject: No GPO(s) for this object.
USERENV(e8.c60) 08:19:47:128 SearchDSObject: Searching <DC=unserefirma,DC=org>
USERENV(e8.c60) 08:19:47:128 SearchDSObject: Found GPO(s): <[LDAP:cn={F2307DD1-CA01-49CD-A767-390BFA5ABA62},cn=policies,cn=system,DC=unserefirma,DC=org;0][LDAP:CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=unserefirma,DC=org;0]>
USERENV(e8.c60) 08:19:47:128 ProcessGPO: ==============================
USERENV(e8.c60) 08:19:47:128 ProcessGPO: Deferring search for <LDAP:cn={F2307DD1-CA01-49CD-A767-390BFA5ABA62},cn=policies,cn=system,DC=unserefirma,DC=org>
USERENV(e8.c60) 08:19:47:128 ProcessGPO: ==============================
USERENV(e8.c60) 08:19:47:128 ProcessGPO: Deferring search for <LDAP:CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=unserefirma,DC=org>
USERENV(e8.c60) 08:19:47:128 SearchDSObject: Searching <CN=de-00,CN=Sites,CN=Configuration,DC=unserefirma,DC=org>
USERENV(e8.c60) 08:19:47:128 SearchDSObject: No GPO(s) for this object.
USERENV(e8.c60) 08:19:47:128 EvaluateDeferredGPOs: Searching for GPOs in cn=policies,cn=system,DC=unserefirma,DC=org
USERENV(e8.c60) 08:19:47:128 EvalList: Object <cn={F2307DD1-CA01-49CD-A767-390BFA5ABA62},cn=policies,cn=system,DC=unserefirma,DC=org> cannot be accessed
USERENV(e8.c60) 08:19:47:128 ProcessGPO: ==============================
USERENV(e8.c60) 08:19:47:145 ProcessGPO: Searching <CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=unserefirma,DC=org>
USERENV(e8.c60) 08:19:47:145 ProcessGPO: Machine has access to this GPO.
USERENV(e8.c60) 08:19:47:145 ProcessGPO: GPO passes the filter check.
USERENV(e8.c60) 08:19:47:145 ProcessGPO: Found functionality version of: 2
USERENV(e8.c60) 08:19:47:145 ProcessGPO: Found file system path of: <\\unseredomaene.org\sysvol\unseredomaene.org\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}>
USERENV(e8.c60) 08:19:47:161 ProcessGPO: Found common name of: <{31B2F340-016D-11D2-945F-00C04FB984F9}>
USERENV(e8.c60) 08:19:47:161 ProcessGPO: Found display name of: <Default Domain Policy>
USERENV(e8.c60) 08:19:47:161 ProcessGPO: Found machine version of: GPC is 327, GPT is 327
USERENV(e8.c60) 08:19:47:161 ProcessGPO: Found flags of: 0
USERENV(e8.c60) 08:19:47:161 ProcessGPO: Found extensions: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}{53D6AB1D-2488-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1B-2488-11D1-A28C-00C04FB94F17}{53D6AB1D-2488-11D1-A28C-00C04FB94F17}]
USERENV(e8.c60) 08:19:47:161 ProcessGPO: ==============================
USERENV(e8.c60) 08:19:47:161 ProcessGPO: ==============================
USERENV(e8.c60) 08:19:47:161 ProcessGPO: Searching <cn={1BD0F65B-3312-42B4-89BD-B27D4BBF9C03},cn=policies,cn=system,DC=unserefirma,DC=org>
USERENV(e8.c60) 08:19:47:161 ProcessGPO: Machine has access to this GPO.
USERENV(e8.c60) 08:19:47:161 ProcessGPO: GPO passes the filter check.
USERENV(e8.c60) 08:19:47:161 ProcessGPO: Found functionality version of: 2
USERENV(e8.c60) 08:19:47:161 ProcessGPO: Found file system path of: <\\unseredomaene.org\SysVol\unseredomaene.org\Policies\{1BD0F65B-3312-42B4-89BD-B27D4BBF9C03}>
USERENV(e8.c60) 08:19:47:177 ProcessGPO: Found common name of: <{1BD0F65B-3312-42B4-89BD-B27D4BBF9C03}>
USERENV(e8.c60) 08:19:47:177 ProcessGPO: Found display name of: <de-00 Standard>
USERENV(e8.c60) 08:19:47:177 ProcessGPO: Found machine version of: GPC is 135, GPT is 135
USERENV(e8.c60) 08:19:47:177 ProcessGPO: Found flags of: 0
USERENV(e8.c60) 08:19:47:177 ProcessGPO: Found extensions: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957D-509E-11D1-A7CC-0000F87571E3}{53D6AB1D-2488-11D1-A28C-00C04FB94F17}][{827D319E-6EAC-11D2-A4EA-00C04F79F83A}{803E14A0-B4FB-11D0-A0D0-00A0C90F574B}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1D-2488-11D1-A28C-00C04FB94F17}]
USERENV(e8.c60) 08:19:47:177 ProcessGPO: ==============================
USERENV(e8.c60) 08:19:47:177 GetGPOInfo: Local GPO's gpt.ini is not accessible, assuming default state.
USERENV(e8.c60) 08:19:47:177 GetGPOInfo: Leaving with 1
USERENV(e8.c60) 08:19:47:177 GetGPOInfo:
USERENV(e8.c60) 08:19:47:177 ProcessGPOs: Logging Data for Target <XPLT-00-6844>.
USERENV(e8.c60) 08:19:47:177 ProcessGPOs: OpenThreadToken failed with error 1008, assuming thread is not impersonating
USERENV(e8.c60) 08:19:47:177 ProcessGPOs: -----------------------
USERENV(e8.c60) 08:19:47:177 ProcessGPOs: Processing extension Registrierung
USERENV(e8.c60) 08:19:47:177 ReadStatus: Read Extension's Previous status successfully.
USERENV(e8.c60) 08:19:47:177 CompareGPOLists: The lists are the same.
USERENV(e8.c60) 08:19:47:177 CheckGPOs: No GPO changes and no security group membership change and extension Registrierung has NoGPOChanges set.
USERENV(e8.c60) 08:19:47:177 ProcessGPOs: -----------------------
USERENV(e8.c60) 08:19:47:193 ProcessGPOs: -----------------------
USERENV(e8.c60) 08:19:47:193 ProcessGPOs: Processing extension Drahtlos
USERENV(e8.c60) 08:19:47:193 CompareGPOLists: The lists are the same.
USERENV(e8.c60) 08:19:47:193 CheckGPOs: No GPO changes but couldn't read extension Drahtlos's status or policy time.
USERENV(e8.c60) 08:19:47:193 ProcessGPOs: Extension Drahtlos skipped because both deleted and changed GPO lists are empty.
USERENV(e8.c60) 08:19:47:193 ProcessGPOs: -----------------------
USERENV(e8.c60) 08:19:47:193 ProcessGPOs: Processing extension Folder Redirection
USERENV(e8.c60) 08:19:47:193 CompareGPOLists: The lists are the same.
USERENV(e8.c60) 08:19:47:193 CheckGPOs: No GPO changes but couldn't read extension Folder Redirection's status or policy time.
USERENV(e8.c60) 08:19:47:193 ProcessGPOs: Extension Folder Redirection skipped with flags 0x1000f.
USERENV(e8.c60) 08:19:47:193 ProcessGPOs: -----------------------
USERENV(e8.c60) 08:19:47:193 ProcessGPOs: Processing extension Microsoft-Datenträgerkontingent
USERENV(e8.c60) 08:19:47:193 CompareGPOLists: The lists are the same.
USERENV(e8.c60) 08:19:47:193 CheckGPOs: No GPO changes but couldn't read extension Microsoft-Datenträgerkontingent's status or policy time.
USERENV(e8.c60) 08:19:47:193 ProcessGPOs: Extension Microsoft-Datenträgerkontingent skipped with flags 0x1000f.
USERENV(e8.c60) 08:19:47:193 ProcessGPOs: -----------------------
USERENV(e8.c60) 08:19:47:193 ProcessGPOs: Processing extension QoS-Paketplaner
USERENV(e8.c60) 08:19:47:193 CompareGPOLists: The lists are the same.
USERENV(e8.c60) 08:19:47:193 CheckGPOs: No GPO changes but couldn't read extension QoS-Paketplaner's status or policy time.
USERENV(e8.c60) 08:19:47:193 ProcessGPOs: Extension QoS-Paketplaner skipped because both deleted and changed GPO lists are empty.
USERENV(e8.c60) 08:19:47:193 ProcessGPOs: -----------------------
USERENV(e8.c60) 08:19:47:193 ProcessGPOs: Processing extension Skripts
USERENV(e8.c60) 08:19:47:193 ReadStatus: Read Extension's Previous status successfully.
USERENV(e8.c60) 08:19:47:193 CompareGPOLists: The lists are the same.
USERENV(e8.c60) 08:19:47:209 CheckGPOs: No GPO changes and no security group membership change and extension Skripts has NoGPOChanges set.
USERENV(e8.c60) 08:19:47:209 ProcessGPOs: -----------------------
USERENV(e8.c60) 08:19:47:209 ProcessGPOs: -----------------------
USERENV(e8.c60) 08:19:47:209 ProcessGPOs: Processing extension Internet Explorer Zonemapping
USERENV(e8.c60) 08:19:47:209 CompareGPOLists: The lists are the same.
USERENV(e8.c60) 08:19:47:209 CheckGPOs: No GPO changes but couldn't read extension Internet Explorer Zonemapping's status or policy time.
USERENV(e8.c60) 08:19:47:209 ProcessGPOs: Extension Internet Explorer Zonemapping skipped because both deleted and changed GPO lists are empty.
USERENV(e8.c60) 08:19:47:209 ProcessGPOs: -----------------------
USERENV(e8.c60) 08:19:47:209 ProcessGPOs: Processing extension Security
USERENV(e8.c60) 08:19:47:209 ReadStatus: Read Extension's Previous status successfully.
USERENV(e8.c60) 08:19:47:209 CompareGPOLists: The lists are the same.
USERENV(e8.c60) 08:19:47:209 CheckGPOs: No GPO changes and no security group membership change and extension Security has NoGPOChanges set.
USERENV(e8.c60) 08:19:47:209 ProcessGPOs: -----------------------
USERENV(e8.c60) 08:19:47:209 ProcessGPOs: -----------------------
USERENV(e8.c60) 08:19:47:209 ProcessGPOs: Processing extension Internet Explorer Branding
USERENV(e8.c60) 08:19:47:209 CompareGPOLists: The lists are the same.
USERENV(e8.c60) 08:19:47:209 CheckGPOs: No GPO changes but couldn't read extension Internet Explorer Branding's status or policy time.
USERENV(e8.c60) 08:19:47:209 ProcessGPOs: Extension Internet Explorer Branding skipped with flags 0x1000f.
USERENV(e8.c60) 08:19:47:209 ProcessGPOs: -----------------------
USERENV(e8.c60) 08:19:47:209 ProcessGPOs: Processing extension EFS recovery
USERENV(e8.c60) 08:19:47:209 ReadStatus: Read Extension's Previous status successfully.
USERENV(e8.c60) 08:19:47:209 CompareGPOLists: The lists are the same.
USERENV(e8.c60) 08:19:47:209 CheckGPOs: No GPO changes and no security group membership change and extension EFS recovery has NoGPOChanges set.
USERENV(e8.c60) 08:19:47:209 ProcessGPOs: -----------------------
USERENV(e8.c60) 08:19:47:209 ProcessGPOs: -----------------------
USERENV(e8.c60) 08:19:47:209 ProcessGPOs: Processing extension Microsoft Offline Files
USERENV(e8.c60) 08:19:47:225 CompareGPOLists: The lists are the same.
USERENV(e8.c60) 08:19:47:225 CheckGPOs: No GPO changes but couldn't read extension Microsoft Offline Files's status or policy time.
USERENV(e8.c60) 08:19:47:225 ProcessGPOs: Extension Microsoft Offline Files skipped because both deleted and changed GPO lists are empty.
USERENV(e8.c60) 08:19:47:225 ProcessGPOs: -----------------------
USERENV(e8.c60) 08:19:47:225 ProcessGPOs: Processing extension Softwareinstallation
USERENV(e8.c60) 08:19:47:225 CompareGPOLists: The lists are the same.
USERENV(e8.c60) 08:19:47:225 CheckGPOs: No GPO changes but couldn't read extension Softwareinstallation's status or policy time.
USERENV(e8.c60) 08:19:47:225 ProcessGPOs: Extension Softwareinstallation skipped because both deleted and changed GPO lists are empty.
USERENV(e8.c60) 08:19:47:225 ProcessGPOs: -----------------------
USERENV(e8.c60) 08:19:47:225 ProcessGPOs: Processing extension IP-Sicherheit
USERENV(e8.c60) 08:19:47:225 CompareGPOLists: The lists are the same.
USERENV(e8.c60) 08:19:47:225 CheckGPOs: No GPO changes but couldn't read extension IP-Sicherheit's status or policy time.
USERENV(e8.c60) 08:19:47:225 ProcessGPOs: Extension IP-Sicherheit skipped because both deleted and changed GPO lists are empty.
USERENV(e8.c60) 08:19:47:225 SetFgRefreshInfo: Previous Machine Fg policy Asynchronous, Reason: NoNeedForSync.
USERENV(e8.c60) 08:19:47:225 ProcessGPOs: No WMI logging done in this policy cycle.
USERENV(e8.c60) 08:19:47:225 LeaveCriticalPolicySection: Critical section 0xf8 has been released.
USERENV(e8.c60) 08:19:47:225 ProcessGPOs: Computer Group Policy has been applied.
USERENV(e8.c60) 08:19:47:225 ProcessGPOs: Leaving with 1.
USERENV(e8.c60) 08:19:47:225 ApplyGroupPolicy: Leaving successfully.
USERENV(e8.cdc) 08:19:47:225 GPOThread: Next refresh will happen in 93 minutes
USERENV(e8.cfc) 08:19:54:673 SetFgRefreshInfo: Next User Fg policy Synchronous, Reason: NonCachedCredentials.
USERENV(e8.ec) 08:19:55:594 LoadUserProfile: Yes, we can impersonate the user. Running as self
USERENV(e8.ec) 08:19:55:594 =========================================================
USERENV(e8.ec) 08:19:55:594 LoadUserProfile: Entering, hToken = <0x5c4>, lpProfileInfo = 0x6e3e0
USERENV(e8.ec) 08:19:55:594 LoadUserProfile: lpProfileInfo->dwFlags = <0x0>
USERENV(e8.ec) 08:19:55:594 LoadUserProfile: lpProfileInfo->lpUserName = <meine_wenigkeit>
USERENV(e8.ec) 08:19:55:594 LoadUserProfile: NULL central profile path
USERENV(e8.ec) 08:19:55:594 LoadUserProfile: lpProfileInfo->lpDefaultPath = <\\DC01\netlogon\Default User>
USERENV(e8.ec) 08:19:55:594 LoadUserProfile: NULL server name
USERENV(e8.ec) 08:19:55:594 LoadUserProfile: In console winlogon process
USERENV(e8.ec) 08:19:55:594 In LoadUserProfileP
USERENV(e8.ec) 08:19:55:594 =========================================================
USERENV(e8.ec) 08:19:55:594 LoadUserProfile: Entering, hToken = <0x5c4>, lpProfileInfo = 0x6e3e0
USERENV(e8.ec) 08:19:55:594 LoadUserProfile: lpProfileInfo->dwFlags = <0x0>
USERENV(e8.ec) 08:19:55:594 LoadUserProfile: lpProfileInfo->lpUserName = <meine_wenigkeit>
USERENV(e8.ec) 08:19:55:610 LoadUserProfile: NULL central profile path
USERENV(e8.ec) 08:19:55:610 LoadUserProfile: lpProfileInfo->lpDefaultPath = <\\DC01\netlogon\Default

Please also mark the comments that contributed to the solution of the article

Content-Key: 65365

Url: https://administrator.de/contentid/65365

Printed on: April 19, 2024 at 19:04 o'clock

6 Comments

Latest comment

USERENV(e8.ec) 08:19:55:610 LoadUserProfile: NULL server name
USERENV(e8.ec) 08:19:55:610 LoadUserProfile: User sid: S-1-5-21-2110330705-2278029354-3900480542-1502
USERENV(e8.ec) 08:19:55:610 CSyncManager::EnterLock <S-1-5-21-2110330705-2278029354-3900480542-1502>
USERENV(e8.ec) 08:19:55:610 CSyncManager::EnterLock: No existing entry found
USERENV(e8.ec) 08:19:55:610 CSyncManager::EnterLock: New entry created
USERENV(e8.ec) 08:19:55:610 CHashTable::HashAdd: S-1-5-21-2110330705-2278029354-3900480542-1502 added in bucket 15
USERENV(e8.ec) 08:19:55:610 LoadUserProfile: Wait succeeded. In critical section.
USERENV(e8.ec) 08:19:55:610 RestoreUserProfile: Entering
USERENV(e8.ec) 08:19:55:610 RestoreUserProfile: User is a Admin
USERENV(e8.ec) 08:19:55:610 IsCentralProfileReachable: Entering
USERENV(e8.ec) 08:19:55:610 IsCentralProfileReachable: Null path. Leaving
USERENV(e8.ec) 08:19:55:610 RestoreUserProfile: Profile path = <>
USERENV(e8.ec) 08:19:55:610 ExtractProfileFromBackup: A profile already exists
USERENV(e8.ec) 08:19:55:610 PatchNewProfileIfRequred: A profile already exists with the current sid, exitting
USERENV(e8.ec) 08:19:55:610 CreateLocalProfileKey: Not setting additional Security
USERENV(e8.ec) 08:19:55:610 GetExistingLocalProfileImage: Found entry in profile list for existing local profile
USERENV(e8.ec) 08:19:55:610 GetExistingLocalProfileImage: Local profile image filename = <%SystemDrive%\Dokumente und Einstellungen\meine_wenigkeit>
USERENV(e8.ec) 08:19:55:610 GetExistingLocalProfileImage: Expanded local profile image filename = <C:\Dokumente und Einstellungen\meine_wenigkeit>
USERENV(e8.ec) 08:19:55:610 GetExistingLocalProfileImage: No local mandatory profile. Error = 2
USERENV(e8.ec) 08:19:55:610 GetExistingLocalProfileImage: Found local profile image file ok <C:\Dokumente und Einstellungen\meine_wenigkeit\ntuser.dat>
USERENV(e8.ec) 08:19:55:610 GetExistingLocalProfileImage: Failed to query low profile unload time with error 2
USERENV(e8.ec) 08:19:55:610 Local Existing Profile Image is reachable
USERENV(e8.ec) 08:19:55:610 Local profile name is <C:\Dokumente und Einstellungen\meine_wenigkeit>
USERENV(e8.ec) 08:19:55:610 RestoreUserProfile: No central profile. Attempting to load local profile.
USERENV(e8.ec) 08:19:55:772 MyRegLoadKey: Returning 00000000
USERENV(e8.ec) 08:19:55:788 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(e8.ec) 08:19:55:837 MyRegLoadKey: Returning 00000000
USERENV(e8.ec) 08:19:55:837 CreateClassHive: existing user classes hive found
USERENV(e8.ec) 08:19:55:837 RestoreUserProfile: About to Leave. Final Information follows:
USERENV(e8.ec) 08:19:55:837 Profile was successfully loaded.
USERENV(e8.ec) 08:19:55:837 lpProfile->lpRoamingProfile = <>
USERENV(e8.ec) 08:19:55:837 lpProfile->lpLocalProfile = <C:\Dokumente und Einstellungen\meine_wenigkeit>
USERENV(e8.ec) 08:19:55:837 lpProfile->dwInternalFlags = 0x100
USERENV(e8.ec) 08:19:55:837 RestoreUserProfile: Leaving.
USERENV(e8.ec) 08:19:55:837 UpgradeProfile: Entering
USERENV(e8.ec) 08:19:55:837 UpgradeProfile: Build numbers match
USERENV(e8.ec) 08:19:55:837 UpgradeProfile: Leaving Successfully
USERENV(e8.ec) 08:19:55:853 GetProfileType: Profile already loaded.
USERENV(e8.ec) 08:19:55:853 LoadProfileInfo: Failed to query central profile with error 2
USERENV(e8.ec) 08:19:55:853 GetProfileType: ProfileFlags is 0
USERENV(e8.ec) 08:19:55:869 Profile Ref Count is 1
USERENV(e8.ec) 08:19:55:869 LoadUserProfile: Leaving critical Section.
USERENV(e8.ec) 08:19:55:869 CSyncManager::LeaveLock <S-1-5-21-2110330705-2278029354-3900480542-1502>
USERENV(e8.ec) 08:19:55:869 CSyncManager::LeaveLock: Lock released
USERENV(e8.ec) 08:19:55:869 CHashTable::HashDelete: S-1-5-21-2110330705-2278029354-3900480542-1502 deleted
USERENV(e8.ec) 08:19:55:869 CSyncManager::LeaveLock: Lock deleted
USERENV(e8.ec) 08:19:55:869 LoadUserProfile: Impersonated user: 000005c4, 00000000
USERENV(12c.184) 08:19:55:869 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(12c.184) 08:19:55:885 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(12c.184) 08:19:55:917 ImpersonateUser: Failed to impersonate user with 5.
USERENV(12c.184) 08:19:55:917 GetUserNameAndDomain Failed to impersonate user
USERENV(12c.184) 08:19:55:917 ImpersonateUser: Failed to impersonate user with 5.
USERENV(12c.184) 08:19:55:917 GetUserDNSDomainName: Failed to impersonate user
USERENV(12c.184) 08:19:55:917 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(12c.184) 08:19:55:934 ImpersonateUser: Failed to impersonate user with 5.
USERENV(12c.184) 08:19:55:934 GetUserNameAndDomain Failed to impersonate user
USERENV(12c.184) 08:19:55:934 ImpersonateUser: Failed to impersonate user with 5.
USERENV(12c.184) 08:19:55:934 GetUserDNSDomainName: Failed to impersonate user
USERENV(12c.184) 08:19:55:934 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(12c.184) 08:19:55:966 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(12c.184) 08:19:55:966 ImpersonateUser: Failed to impersonate user with 5.
USERENV(12c.184) 08:19:55:966 GetUserNameAndDomain Failed to impersonate user
USERENV(12c.184) 08:19:55:966 ImpersonateUser: Failed to impersonate user with 5.
USERENV(12c.184) 08:19:55:966 GetUserDNSDomainName: Failed to impersonate user
USERENV(12c.184) 08:19:55:966 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(e8.ec) 08:19:55:966 LoadUserProfile: Reverted to user: 00000000
USERENV(e8.ec) 08:19:55:966 LoadUserProfile: Leaving with a value of 1.
USERENV(e8.ec) 08:19:55:966 =========================================================
USERENV(e8.ec) 08:19:55:966 LoadUserProfile: LoadUserProfileP succeeded
USERENV(e8.ec) 08:19:55:966 LoadUserProfile: Returning success. Final Information follows:
USERENV(e8.ec) 08:19:55:982 lpProfileInfo->UserName = <meine_wenigkeit>
USERENV(e8.ec) 08:19:55:982 lpProfileInfo->lpProfilePath = <>
USERENV(e8.ec) 08:19:55:982 lpProfileInfo->dwFlags = 0x0
USERENV(e8.ec) 08:19:55:982 LoadUserProfile: Returning TRUE. hProfile = <0x664>
USERENV(e8.ec) 08:19:55:982 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(e8.ec) 08:19:56:661 IsSyncForegroundPolicyRefresh: Synchronous, Reason: NonCachedCredentials
USERENV(e8.d24) 08:19:56:661 IsSyncForegroundPolicyRefresh: Synchronous, Reason: NonCachedCredentials
USERENV(e8.d24) 08:19:56:693 ApplyGroupPolicy: Entering. Flags = 6
USERENV(e8.d24) 08:19:56:693 ProcessGPOs:
USERENV(e8.d24) 08:19:56:693 ProcessGPOs:
USERENV(e8.d24) 08:19:56:693 ProcessGPOs: Starting user Group Policy (Background) processing...
USERENV(e8.d24) 08:19:56:693 ProcessGPOs:
USERENV(e8.d24) 08:19:56:693 ProcessGPOs:
USERENV(e8.d24) 08:19:56:693 EnterCriticalPolicySectionEx: Entering with timeout 600000 and flags 0x0
USERENV(e8.d24) 08:19:56:693 EnterCriticalPolicySectionEx: User critical section has been claimed. Handle = 0x6e8
USERENV(e8.d24) 08:19:56:693 EnterCriticalPolicySectionEx: Leaving successfully.
USERENV(e8.d24) 08:19:56:693 ProcessGPOs: Machine role is 2.
USERENV(e8.d24) 08:19:56:709 PingComputer: PingBufferSize set as 2048
USERENV(e8.d24) 08:19:56:709 PingComputer: Adapter speed 100000000 bps
USERENV(e8.d24) 08:19:56:709 PingComputer: First time: 0
USERENV(e8.d24) 08:19:56:709 PingComputer: Fast link. Exiting.
USERENV(e8.d24) 08:19:56:725 ProcessGPOs: User name is: CN=meine_wenigkeit,OU=Benutzer,OU=IT,OU=de-00,OU=Holding,DC=unserefirma,DC=org, Domain name is: unserefirma-ORG
USERENV(e8.d24) 08:19:56:725 ProcessGPOs: Domain controller is: \\DC01.unseredomaene.org Domain DN is unseredomaene.org
USERENV(e8.d24) 08:19:56:725 ReadGPExtensions: Rsop entry point not found for gptext.dll.
USERENV(e8.d24) 08:19:56:725 ReadGPExtensions: Rsop entry point not found for dskquota.dll.
USERENV(e8.d24) 08:19:56:725 ReadGPExtensions: Rsop entry point not found for gptext.dll.
USERENV(e8.d24) 08:19:56:725 ReadGPExtensions: Rsop entry point not found for iedkcs32.dll.
USERENV(e8.d24) 08:19:56:725 ReadGPExtensions: Rsop entry point not found for scecli.dll.
USERENV(e8.d24) 08:19:56:725 ReadGPExtensions: Rsop entry point not found for C:\WINDOWS\System32\cscui.dll.
USERENV(e8.d24) 08:19:56:725 ReadGPExtensions: Rsop entry point not found for gptext.dll.
USERENV(e8.d24) 08:19:56:741 ReadExtStatus: Reading Previous Status for extension {35378EAC-683F-11D2-A89A-00C04FBBCFA2}
USERENV(e8.d24) 08:19:56:741 ReadStatus: Read Extension's Previous status successfully.
USERENV(e8.d24) 08:19:56:741 ReadExtStatus: Reading Previous Status for extension {0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}
USERENV(e8.d24) 08:19:56:741 ReadExtStatus: Reading Previous Status for extension {25537BA6-77A8-11D2-9B6C-0000F8080861}
USERENV(e8.d24) 08:19:56:741 ReadExtStatus: Reading Previous Status for extension {3610eda5-77ef-11d2-8dc5-00c04fa31a66}
USERENV(e8.d24) 08:19:56:741 ReadExtStatus: Reading Previous Status for extension {426031c0-0b47-4852-b0ca-ac3d37bfcb39}
USERENV(e8.d24) 08:19:56:741 ReadExtStatus: Reading Previous Status for extension {42B5FAAE-6536-11d2-AE5A-0000F87571E3}
USERENV(e8.d24) 08:19:56:741 ReadExtStatus: Reading Previous Status for extension {4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}
USERENV(e8.d24) 08:19:56:741 ReadExtStatus: Reading Previous Status for extension {827D319E-6EAC-11D2-A4EA-00C04F79F83A}
USERENV(e8.d24) 08:19:56:741 ReadExtStatus: Reading Previous Status for extension {A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}
USERENV(e8.d24) 08:19:56:741 ReadStatus: Read Extension's Previous status successfully.
USERENV(e8.d24) 08:19:56:741 ReadExtStatus: Reading Previous Status for extension {B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}
USERENV(e8.d24) 08:19:56:741 ReadExtStatus: Reading Previous Status for extension {C631DF4C-088F-4156-B058-4375F0853CD8}
USERENV(e8.d24) 08:19:56:741 ReadExtStatus: Reading Previous Status for extension {c6dc5466-785a-11d2-84d0-00c04fb169f7}
USERENV(e8.d24) 08:19:56:741 ReadExtStatus: Reading Previous Status for extension {e437bc1c-aa7d-11d2-a382-00c04f991e27}
USERENV(e8.d24) 08:19:56:741 ProcessGPOs: Calling GetGPOInfo for normal policy mode
USERENV(e8.d24) 08:19:56:741 GetGPOInfo:
USERENV(e8.d24) 08:19:56:741 GetGPOInfo: Entering...
USERENV(e8.d24) 08:19:56:741 GetGPOInfo: Server connection established.
USERENV(e8.d24) 08:19:56:758 GetGPOInfo: Bound successfully.
USERENV(e8.d24) 08:19:56:758 SearchDSObject: Searching <OU=Benutzer,OU=IT,OU=de-00,OU=Holding,DC=unserefirma,DC=org>
USERENV(e8.d24) 08:19:56:758 SearchDSObject: Found GPO(s): < >
USERENV(e8.d24) 08:19:56:758 SearchDSObject: Searching <OU=IT,OU=de-00,OU=Holding,DC=unserefirma,DC=org>
USERENV(e8.d24) 08:19:56:758 SearchDSObject: Found GPO(s): < >
USERENV(e8.d24) 08:19:56:758 SearchDSObject: Searching <OU=de-00,OU=Holding,DC=unserefirma,DC=org>
USERENV(e8.d24) 08:19:56:758 SearchDSObject: Found GPO(s): <[LDAP:cn={1BD0F65B-3312-42B4-89BD-B27D4BBF9C03},cn=policies,cn=system,DC=unserefirma,DC=org;0]>
USERENV(e8.d24) 08:19:56:758 ProcessGPO: ==============================
USERENV(e8.d24) 08:19:56:758 ProcessGPO: Deferring search for <LDAP:cn={1BD0F65B-3312-42B4-89BD-B27D4BBF9C03},cn=policies,cn=system,DC=unserefirma,DC=org>
USERENV(e8.d24) 08:19:56:758 SearchDSObject: Searching <OU=Holding,DC=unserefirma,DC=org>
USERENV(e8.d24) 08:19:56:758 SearchDSObject: No GPO(s) for this object.
USERENV(e8.d24) 08:19:56:758 SearchDSObject: Searching <DC=unserefirma,DC=org>
USERENV(e8.d24) 08:19:56:758 SearchDSObject: Found GPO(s): <[LDAP:cn={F2307DD1-CA01-49CD-A767-390BFA5ABA62},cn=policies,cn=system,DC=unserefirma,DC=org;0][LDAP:CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=unserefirma,DC=org;0]>
USERENV(e8.d24) 08:19:56:774 ProcessGPO: ==============================
USERENV(e8.d24) 08:19:56:774 ProcessGPO: Deferring search for <LDAP:cn={F2307DD1-CA01-49CD-A767-390BFA5ABA62},cn=policies,cn=system,DC=unserefirma,DC=org>
USERENV(e8.d24) 08:19:56:774 ProcessGPO: ==============================
USERENV(e8.d24) 08:19:56:774 ProcessGPO: Deferring search for <LDAP:CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=unserefirma,DC=org>
USERENV(e8.d24) 08:19:56:774 SearchDSObject: Searching <CN=de-00,CN=Sites,CN=Configuration,DC=unserefirma,DC=org>
USERENV(e8.d24) 08:19:56:774 SearchDSObject: No GPO(s) for this object.
USERENV(e8.d24) 08:19:56:774 EvaluateDeferredGPOs: Searching for GPOs in cn=policies,cn=system,DC=unserefirma,DC=org
USERENV(e8.d24) 08:19:56:774 ProcessGPO: ==============================
USERENV(e8.d24) 08:19:56:774 ProcessGPO: Searching <cn={F2307DD1-CA01-49CD-A767-390BFA5ABA62},cn=policies,cn=system,DC=unserefirma,DC=org>
USERENV(e8.d24) 08:19:56:774 ProcessGPO: User does not have access to the GPO and so will not be applied.
USERENV(e8.d24) 08:19:56:774 ProcessGPO: Found functionality version of: 2
USERENV(e8.d24) 08:19:56:774 ProcessGPO: Found file system path of: <\\unseredomaene.org\SysVol\unseredomaene.org\Policies\{F2307DD1-CA01-49CD-A767-390BFA5ABA62}>
USERENV(e8.d24) 08:19:56:790 ProcessGPO: Sysvol access skipped because GPO is not getting applied.
USERENV(e8.d24) 08:19:56:790 ProcessGPO: Found common name of: <{F2307DD1-CA01-49CD-A767-390BFA5ABA62}>
USERENV(e8.d24) 08:19:56:790 ProcessGPO: Found display name of: <Outlook-Settings>
USERENV(e8.d24) 08:19:56:790 ProcessGPO: Found user version of: GPC is 6, GPT is 65535
USERENV(e8.d24) 08:19:56:790 ProcessGPO: Found flags of: 0
USERENV(e8.d24) 08:19:56:790 ProcessGPO: Found extensions: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}]
USERENV(e8.d24) 08:19:56:790 ProcessGPO: ==============================
USERENV(e8.d24) 08:19:56:790 ProcessGPO: ==============================
USERENV(e8.d24) 08:19:56:790 ProcessGPO: Searching <CN={31B2F340-016D-11D2-945F-00C04FB984F9},CN=Policies,CN=System,DC=unserefirma,DC=org>
USERENV(e8.d24) 08:19:56:790 ProcessGPO: User has access to this GPO.
USERENV(e8.d24) 08:19:56:790 ProcessGPO: GPO passes the filter check.
USERENV(e8.d24) 08:19:56:790 ProcessGPO: Found functionality version of: 2
USERENV(e8.d24) 08:19:56:790 ProcessGPO: Found file system path of: <\\unseredomaene.org\sysvol\unseredomaene.org\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}>
USERENV(e8.d24) 08:19:56:806 ProcessGPO: Found common name of: <{31B2F340-016D-11D2-945F-00C04FB984F9}>
USERENV(e8.d24) 08:19:56:806 ProcessGPO: Found display name of: <Default Domain Policy>
USERENV(e8.d24) 08:19:56:806 ProcessGPO: Found user version of: GPC is 35, GPT is 35
USERENV(e8.d24) 08:19:56:806 ProcessGPO: Found flags of: 0
USERENV(e8.d24) 08:19:56:806 ProcessGPO: Found extensions: [{3060E8D0-7020-11D2-842D-00C04FA372D4}{3060E8CE-7020-11D2-842D-00C04FA372D4}][{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{53D6AB1D-2488-11D1-A28C-00C04FB94F17}][{A2E30F80-D7DE-11D2-BBDE-00C04F86AE3B}{FC715823-C5FB-11D1-9EEF-00A0C90347FF}][{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}{53D6AB1D-2488-11D1-A28C-00C04FB94F17}]
USERENV(e8.d24) 08:19:56:806 ProcessGPO: ==============================
USERENV(e8.d24) 08:19:56:806 ProcessGPO: ==============================
USERENV(e8.d24) 08:19:56:806 ProcessGPO: Searching <cn={1BD0F65B-3312-42B4-89BD-B27D4BBF9C03},cn=policies,cn=system,DC=unserefirma,DC=org>
USERENV(e8.d24) 08:19:56:806 ProcessGPO: User has access to this GPO.
USERENV(e8.d24) 08:19:56:806 ProcessGPO: GPO passes the filter check.
USERENV(e8.d24) 08:19:56:806 ProcessGPO: Found functionality version of: 2
USERENV(e8.d24) 08:19:56:806 ProcessGPO: Found file system path of: <\\unseredomaene.org\SysVol\unseredomaene.org\Policies\{1BD0F65B-3312-42B4-89BD-B27D4BBF9C03}>
USERENV(e8.d24) 08:19:56:822 ProcessGPO: Found common name of: <{1BD0F65B-3312-42B4-89BD-B27D4BBF9C03}>
USERENV(e8.d24) 08:19:56:822 ProcessGPO: Found display name of: <de-00 Standard>
USERENV(e8.d24) 08:19:56:822 ProcessGPO: Found user version of: GPC is 43, GPT is 43
USERENV(e8.d24) 08:19:56:822 ProcessGPO: Found flags of: 0
USERENV(e8.d24) 08:19:56:822 ProcessGPO: Found extensions: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}{0F6B957E-509E-11D1-A7CC-0000F87571E3}][{A2E30F80-D7DE-11D2-BBDE-00C04F86AE3B}{FC715823-C5FB-11D1-9EEF-00A0C90347FF}]
USERENV(e8.d24) 08:19:56:822 ProcessGPO: ==============================
USERENV(e8.d24) 08:19:56:822 GetGPOInfo: Local GPO's gpt.ini is not accessible, assuming default state.
USERENV(e8.d24) 08:19:56:822 GetGPOInfo: Leaving with 1
USERENV(e8.d24) 08:19:56:822 GetGPOInfo:
USERENV(e8.d24) 08:19:56:822 ProcessGPOs: Logging Data for Target <meine_wenigkeit>.
USERENV(e8.d24) 08:19:56:822 ProcessGPOs: OpenThreadToken failed with error 1008, assuming thread is not impersonating
USERENV(e8.d24) 08:19:56:822 ProcessGPOs: -----------------------
USERENV(e8.d24) 08:19:56:822 ProcessGPOs: Processing extension Registrierung
USERENV(e8.d24) 08:19:56:822 ReadStatus: Read Extension's Previous status successfully.
USERENV(e8.d24) 08:19:56:822 CompareGPOLists: The lists are the same.
USERENV(e8.d24) 08:19:56:822 CheckGPOs: No GPO changes and no security group membership change and extension Registrierung has NoGPOChanges set.
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: -----------------------
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: -----------------------
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: Processing extension Drahtlos
USERENV(e8.d24) 08:19:56:838 CompareGPOLists: The lists are the same.
USERENV(e8.d24) 08:19:56:838 CheckGPOs: No GPO changes but couldn't read extension Drahtlos's status or policy time.
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: Extension Drahtlos skipped with flags 0x6.
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: -----------------------
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: Processing extension Folder Redirection
USERENV(e8.d24) 08:19:56:838 CompareGPOLists: The lists are the same.
USERENV(e8.d24) 08:19:56:838 CompareGPOLists: The lists are the same.
USERENV(e8.d24) 08:19:56:838 CheckGPOs: No GPO changes but couldn't read extension Folder Redirection's status or policy time.
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: Extension Folder Redirection skipped because both deleted and changed GPO lists are empty.
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: -----------------------
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: Processing extension Microsoft-Datenträgerkontingent
USERENV(e8.d24) 08:19:56:838 CompareGPOLists: The lists are the same.
USERENV(e8.d24) 08:19:56:838 CheckGPOs: No GPO changes but couldn't read extension Microsoft-Datenträgerkontingent's status or policy time.
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: Extension Microsoft-Datenträgerkontingent skipped with flags 0x6.
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: -----------------------
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: Processing extension QoS-Paketplaner
USERENV(e8.d24) 08:19:56:838 CompareGPOLists: The lists are the same.
USERENV(e8.d24) 08:19:56:838 CheckGPOs: No GPO changes but couldn't read extension QoS-Paketplaner's status or policy time.
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: Extension QoS-Paketplaner skipped with flags 0x6.
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: -----------------------
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: Processing extension Skripts
USERENV(e8.d24) 08:19:56:838 CompareGPOLists: The lists are the same.
USERENV(e8.d24) 08:19:56:838 CheckGPOs: No GPO changes but couldn't read extension Skripts's status or policy time.
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: Extension Skripts skipped because both deleted and changed GPO lists are empty.
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: -----------------------
USERENV(e8.d24) 08:19:56:838 ProcessGPOs: Processing extension Internet Explorer Zonemapping
USERENV(e8.d24) 08:19:56:838 CompareGPOLists: The lists are the same.
USERENV(e8.d24) 08:19:56:838 CheckGPOs: No GPO changes but couldn't read extension Internet Explorer Zonemapping's status or policy time.
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: Extension Internet Explorer Zonemapping skipped because both deleted and changed GPO lists are empty.
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: -----------------------
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: Processing extension Security
USERENV(e8.d24) 08:19:56:855 CompareGPOLists: The lists are the same.
USERENV(e8.d24) 08:19:56:855 CheckGPOs: No GPO changes but couldn't read extension Security's status or policy time.
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: Extension Security skipped with flags 0x6.
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: -----------------------
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: Processing extension Internet Explorer Branding
USERENV(e8.d24) 08:19:56:855 ReadStatus: Read Extension's Previous status successfully.
USERENV(e8.d24) 08:19:56:855 CompareGPOLists: The lists are the same.
USERENV(e8.d24) 08:19:56:855 CheckGPOs: No GPO changes and no security group membership change and extension Internet Explorer Branding has NoGPOChanges set.
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: -----------------------
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: -----------------------
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: Processing extension EFS recovery
USERENV(e8.d24) 08:19:56:855 CompareGPOLists: One list is empty
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: Extension EFS recovery skipped with flags 0x6.
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: -----------------------
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: Processing extension Microsoft Offline Files
USERENV(e8.d24) 08:19:56:855 CompareGPOLists: The lists are the same.
USERENV(e8.d24) 08:19:56:855 CheckGPOs: No GPO changes but couldn't read extension Microsoft Offline Files's status or policy time.
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: Extension Microsoft Offline Files skipped with flags 0x6.
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: -----------------------
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: Processing extension Softwareinstallation
USERENV(e8.d24) 08:19:56:855 CompareGPOLists: The lists are the same.
USERENV(e8.d24) 08:19:56:855 CompareGPOLists: The lists are the same.
USERENV(e8.d24) 08:19:56:855 CheckGPOs: No GPO changes but couldn't read extension Softwareinstallation's status or policy time.
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: Extension Softwareinstallation skipped because both deleted and changed GPO lists are empty.
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: -----------------------
USERENV(e8.d24) 08:19:56:855 ProcessGPOs: Processing extension IP-Sicherheit
USERENV(e8.d24) 08:19:56:855 CompareGPOLists: The lists are the same.
USERENV(e8.d24) 08:19:56:871 CheckGPOs: No GPO changes but couldn't read extension IP-Sicherheit's status or policy time.
USERENV(e8.d24) 08:19:56:871 ProcessGPOs: Extension IP-Sicherheit skipped with flags 0x6.
USERENV(e8.d24) 08:19:56:871 SetFgRefreshInfo: Previous User Fg policy Synchronous, Reason: NonCachedCredentials.
USERENV(e8.d24) 08:19:56:871 SetFgRefreshInfo: Next User Fg policy Asynchronous, Reason: NoNeedForSync.
USERENV(e8.d24) 08:19:56:871 ProcessGPOs: No WMI logging done in this policy cycle.
USERENV(e8.d24) 08:19:56:871 LeaveCriticalPolicySection: Critical section 0x6e8 has been released.
USERENV(e8.d24) 08:19:56:871 ProcessGPOs: User Group Policy has been applied.
USERENV(e8.d24) 08:19:56:871 ProcessGPOs: Leaving with 1.
USERENV(e8.d24) 08:19:56:871 ApplyGroupPolicy: Leaving successfully.
USERENV(e8.d54) 08:19:56:871 GPOThread: Next refresh will happen in 91 minutes
USERENV(e8.ec) 08:19:57:307 IsSyncForegroundPolicyRefresh: Asynchronous, Reason: NoNeedForSync
USERENV(640.e50) 08:19:58:341 GetProfileType: Profile already loaded.
USERENV(640.e50) 08:19:58:341 LoadProfileInfo: Failed to query central profile with error 2
USERENV(640.e50) 08:19:58:341 GetProfileType: ProfileFlags is 0
USERENV(f34.378) 08:20:15:370 LibMain: Process Name: C:\WINDOWS\system32\wuauclt.exe
USERENV(fec.ff0) 08:20:16:646 LibMain: Process Name: C:\WINDOWS\system32\wbem\wmiprvse.exe
USERENV(3e4.3d4) 08:20:49:282 LibMain: Process Name: C:\WINDOWS\system32\userinit.exe
USERENV(e8.c84) 08:25:37:191 ProcessAutoexec: Cannot process autoexec.bat.
USERENV(ad0.ad4) 08:25:37:223 LibMain: Process Name: C:\WINDOWS\system32\userinit.exe

Kennt jemand das Problem?

Kann es sein das es mal wieder an der wuauclt.exe liegt?

ich glaube hier liegt das problem

USERENV(640.e50) 08:19:58:341 GetProfileType: Profile already loaded.
USERENV(640.e50) 08:19:58:341 LoadProfileInfo: Failed to query central profile with error 2

an de wuauclt wirds nich liegen. da sie später erst geladen wird. sind das servergespeicherte profile ?

Wir arbeiten mit lokalen Profilen. Habe aber noch ein Citrix Profil welches Servergespeichert ist.
Dies sollte aber bei der Anmeldung am client ja nicht geladen werden sondern nur bei der anmeldung auf Terminalserver.

ok hab mir nochmal die log genau angeschaut, ich sehe keinen fehler.
lass mal ein neues profil auf dem rechner aufbauen. also schnell ins ad rein testprofil erstellen und testen.

Wenn man ein neues Profil anlegt funktioniert die Anmeldung wieder problemlos soweit ich das beurteilen kann weil der Fehler ja nur sporadisch auftritt, nicht bei jeder Anmeldung.

Aber wir können ja nicht bei 150 Benutzern neue Profile anlegen es muss ja eine Ursache geben.

Muss mich noch mal korrigieren auch mit neuen Profil tritt der selbe Fehler nach ein paar Tagen wieder auf

Ist das Problem denn nicht vielleicht doch schon bekannt?

Habe beim googlen nun das hier gefunden:

http://www.informationsarchiv.net/foren/beitrag-17152.html

German Question Microsoft

Hotly discussed

Check of ZFW Firewallgleixnerd - 3 Comments

How to set up and configure a Linux GRE tunnelAlexWisha - 3 Comments

WIREGUARD VPN ON UDM PRO BEHIND FRITZBOX - HANDSHAKE DID NOT COMPLETEjstricker - 3 Comments

End of Support dates for Office 2016, 2019 Apps und Productivity ServersDani - 1 Comment