Good morning Sysnative!
The organization I work for has been plagued with multiple BSODs on approximately 25-30 machines after updating to the latest version of Windows 10 (Fall Creators Update, v1709) in November/December of last year. The BSODs always happen after a user logs off their account (can be by directly logging off, or by shutdown/restart). The strange thing is, I can't reproduce it immediately. I can try a solution and then reboot, shutdown, or log off to my hearts content with no BSOD. But after some time (we noticed as little as 20-30 minutes but sometimes even all day), the BSOD will happen when the user logs out.
Here is a list of the computer models this is happening on:
- Dell Latitude E5470
- Dell Latitude E7470
- Dell OptiPlex 790, 7010, and 9020
- Microsoft Surface Pro 4
- Microsoft Surface Pro 2017
All laptops and tablets have docks that connect them to 1-2 monitors. All computers are running Windows 10 v1709 x64, have anywhere between 4-16GB of RAM, and all are Intel Core processors (some i3, i5, and i7). Some desktop computers have AMD Radeon 7470 graphics cards, and some of them have a USB graphics card for triple monitor configurations. A couple laptops have Intel+AMD graphics, and the rest of the machines use Intel Graphics. Most of the Windows installs are Dell OEM, but I think there is a sprinkling of fresh installs too.
These are the four bugcheck codes that seem to happen every time a user logs off. It varies day to day, and doesn't seem to be particular to a certain model of computer:
- 0x00000139
- 0x000000c2
- 0x0000003b
- 0x00000050
Often the dumps reference win32kfull.sys and other system components that are considered sacrosanct. I tried analyzing the basics with WinDBG and did not see any third party drivers that were obvious.
I ran Driver Verifier on a test system, and it immediately crashed one of the network filter drivers related to our antivirus (Panda Endpoint Protection). I removed the antivirus software on another computer not running DV, and it still crashed. I ran DV on my work machine without any antivirus, and crashed a couple drivers related to some software that I use (not common on the other machines to my knowledge). I removed that software, and DV did not crash any more drivers on my system. I believe I ran it for a good 24-48 hours on my machine. However, I still received a bugcheck about a week later on logoff.
In short, here is a list of solutions we have tried (in no particular order):
- Disabling Fast Startup
- Updating drivers using Dell Command Update
- Updating drivers using Dell SupportAssist
- Updating drivers manually from Dell's website
- Updating drivers with versions not available from Dell (Intel Ethernet, WiFi, Bluetooth, SATA, Graphics, etc)
- Updating BIOS
- Removing AV (Panda Endpoint Protection)
- Removing remote support (TeamViewer)
- Installing latest Windows Updates (we manage updates through WSUS)
- Removing Group Policy from some machines
- Complete clean install of Windows 10 v1709 from ISO (downloaded from Microsoft VLSC - it's a legit ISO. We later reinstalled Windows 10 on another computer using a newer copy of the ISO from VLSC, so the ISO wasn't corrupt.)
Since the problem is happening on 25-30 different machines, I am skeptical of it being a hardware issue, but who knows - there have been stranger things.
All of our machines have a vanilla configuration with the following common software. Some machines have additional software depending on the staff's position:
- Adobe Flash Player
- Microsoft Office Professional 2016
- Google Chrome
- Mozilla Firefox
- VLC Media Player
- Foxit Reader
- TeamViewer
- Panda Endpoint Protection
- Dell Command Update
Below is a link to four memory dumps - one of each bugcheck code we have encountered. There are dumps from yesterday (2/12/2018) and one from today (2/13/2018).
Dumps: WeTransfer
Any help is much appreciated! I feel we are at our wits end with this problem.
The organization I work for has been plagued with multiple BSODs on approximately 25-30 machines after updating to the latest version of Windows 10 (Fall Creators Update, v1709) in November/December of last year. The BSODs always happen after a user logs off their account (can be by directly logging off, or by shutdown/restart). The strange thing is, I can't reproduce it immediately. I can try a solution and then reboot, shutdown, or log off to my hearts content with no BSOD. But after some time (we noticed as little as 20-30 minutes but sometimes even all day), the BSOD will happen when the user logs out.
Here is a list of the computer models this is happening on:
- Dell Latitude E5470
- Dell Latitude E7470
- Dell OptiPlex 790, 7010, and 9020
- Microsoft Surface Pro 4
- Microsoft Surface Pro 2017
All laptops and tablets have docks that connect them to 1-2 monitors. All computers are running Windows 10 v1709 x64, have anywhere between 4-16GB of RAM, and all are Intel Core processors (some i3, i5, and i7). Some desktop computers have AMD Radeon 7470 graphics cards, and some of them have a USB graphics card for triple monitor configurations. A couple laptops have Intel+AMD graphics, and the rest of the machines use Intel Graphics. Most of the Windows installs are Dell OEM, but I think there is a sprinkling of fresh installs too.
These are the four bugcheck codes that seem to happen every time a user logs off. It varies day to day, and doesn't seem to be particular to a certain model of computer:
- 0x00000139
- 0x000000c2
- 0x0000003b
- 0x00000050
Often the dumps reference win32kfull.sys and other system components that are considered sacrosanct. I tried analyzing the basics with WinDBG and did not see any third party drivers that were obvious.
I ran Driver Verifier on a test system, and it immediately crashed one of the network filter drivers related to our antivirus (Panda Endpoint Protection). I removed the antivirus software on another computer not running DV, and it still crashed. I ran DV on my work machine without any antivirus, and crashed a couple drivers related to some software that I use (not common on the other machines to my knowledge). I removed that software, and DV did not crash any more drivers on my system. I believe I ran it for a good 24-48 hours on my machine. However, I still received a bugcheck about a week later on logoff.
In short, here is a list of solutions we have tried (in no particular order):
- Disabling Fast Startup
- Updating drivers using Dell Command Update
- Updating drivers using Dell SupportAssist
- Updating drivers manually from Dell's website
- Updating drivers with versions not available from Dell (Intel Ethernet, WiFi, Bluetooth, SATA, Graphics, etc)
- Updating BIOS
- Removing AV (Panda Endpoint Protection)
- Removing remote support (TeamViewer)
- Installing latest Windows Updates (we manage updates through WSUS)
- Removing Group Policy from some machines
- Complete clean install of Windows 10 v1709 from ISO (downloaded from Microsoft VLSC - it's a legit ISO. We later reinstalled Windows 10 on another computer using a newer copy of the ISO from VLSC, so the ISO wasn't corrupt.)
Since the problem is happening on 25-30 different machines, I am skeptical of it being a hardware issue, but who knows - there have been stranger things.
All of our machines have a vanilla configuration with the following common software. Some machines have additional software depending on the staff's position:
- Adobe Flash Player
- Microsoft Office Professional 2016
- Google Chrome
- Mozilla Firefox
- VLC Media Player
- Foxit Reader
- TeamViewer
- Panda Endpoint Protection
- Dell Command Update
Below is a link to four memory dumps - one of each bugcheck code we have encountered. There are dumps from yesterday (2/12/2018) and one from today (2/13/2018).
Dumps: WeTransfer
Any help is much appreciated! I feel we are at our wits end with this problem.
