The Axe2.dll is related to our logging functionality. We've had a few accounts of event logs being raised reporting the same error, however in each reported case there has been no negative affects and the event has been benign. See article below:-
If when the event is raised and the logoff hang occurs coincide, then I'd recommend opening a support case, if you could enable debug logging via the Ivanti Support Toolkit and provide a set of EM Debug logs during the problem, it will help expidite troubleshooting.
We are having the same issue on our workstations and are gathering details on what effects it is having on the client. We initially noticed that some of our GPO's were not being processed due to this issue and explorer.exe was crashing multiple times during the login. Adding the path to the EM agent installation path to the PATH variable seems to have for now corrected the issue. We are still testing some things out and will enter a new case related this detailing the different issues this is causing on our end points.
Did you find yourself having to end the winlogon.exe process? Did you find a solution?
We have only found a work around. That is to add the EM installation path to the system PATH variable. What appeared to be happening in our case is that the explorer shell would crash during the logon. During the logon process, winlogon.exe attempts to locate Axe2.dll using the Standard Search Order for Desktop Applications for Dynamic-Link Library Search Order where SafeDllSearchMode is enabled. Ultimately, Axe2.dll is not found in these locations.
One of the first things we noticed was that when a user would logon to a system for the first time (creates user profile), one of the GPOs we have that sets the desktop background and theme would not get applied. This would also happen when a user would login to a Citrix published desktop so receiver would only present a black screen in the window.
One thing to note, we have not seen this with the system that still have the 8.x EM agent installed - only the 10.x agent.
Thanks for the info, glad that worked for you. We contacted Ivanti on this and they said it's "usually benign" -- did you see it solve your winlogon.exe problem or only stop the event ID?
Does this link still valid or it requires specific permissions?