Solved BSOD when watching YouTube

Kadgar34 · Aug 6, 2023

I am having a consistent BSOD when watching YouTube. It usually happens somewhere between 10 and 20 minutes into a video. I have tried a number of troubleshooting steps and I haven't been able to figure out what's going on.

Code:

Problem Event Name:    BlueScreen
Code:    139
Parameter 1:    3
Parameter 2:    ffffc087a52d1ad0
Parameter 3:    ffffc087a52d1a28
Parameter 4:    0
OS version:    10_0_22621
Service Pack:    0_0
Product:    256_1
OS Version:    10.0.22621.2.0.0.256.48
Locale ID:    4105

I have made sure everything is updated. I am running Windows 11 version 22H2 (OS Build 22621.2070).

I have already run the following:

Code:

sfc /scannow
Dism /Online /Cleanup-Image /ScanHealth
Dism /Online /Cleanup-Image /CheckHealth
Dism /Online /Cleanup-Image /RestoreHealth

I ran a memory test using the built-in Dell diagnostics tool and everything passed. The computer has 2 RAM sticks, I tried running 1 stick at a time in each of the 4 memory slots and the BSOD persisted.

I also ran the driver verifier tool using the recommended settings in the pinned topic.

Here's the output of the V2 log collector

Any help is appreciated. Thanks!

TM21 · Aug 6, 2023

"Houston, we've got a problem!"

Well, since YouTube can put a REAL workload on both the CPU, and the GPU, and associated circuitry, and your problem does not come up till you've been on YouTube for a while, I'd have to think "HEAT" as my first guess. It might even be a heat problem inside your PSU (main power supply.) They get hot too, and parts can fail. I've even had to replace the fans inside a PSU. Or just clean and re-lubricate them.

It could be CPU getting hot, or even the GPU getting hot.
As a first step toward a fix, I would clean all my fans and make sure they are turning freely. Also, during troubleshooting, I might remove the side panels, (if this is a desktop PC) and set up a fan to blow air into the case.
[I live in a house, in Florida, with NO AC, so I don't even put the side panels on my two full size desktop PC's.] And I never experience heat problems. Once a year, or sooner, all my fans get cleaned and lubricated, where possible.

Treat this as a heat related problem and I hope you get it fixed.

Good Luck!

TM (retired PC builder/Tech)

zbook · Aug 6, 2023

If there were no major performance problems including very slow boot please restart WDV with these test settings:

a) Test all non-Microsoft drivers
b) Test no Microsoft drivers

Code:

    [ ] 0x00000080 DMA checking.
    [ ] 0x00002000 Invariant MDL checking for stack.
    [ ] 0x00004000 Invariant MDL checking for driver.
    [ ] 0x00008000 Power framework delay fuzzing.
    [ ] 0x00010000 Port/miniport interface checking.
    [ ] 0x00040000 Systematic low resources simulation.
    [ ] 0x00200000 NDIS/WIFI verification.
    [ ] 0x00800000 Kernel synchronization delay fuzzing.
    [ ] 0x01000000 VM switch verification.
    [ ] 0x02000000 Code integrity checks.

If you receive a prompt from WDV for any additional customized tests then select the additional tests and comment into this thread.

For any BSOD post a new V2 share link into the newest post.

If there is no immediate BSOD then open administrative command prompt and copy and paste:

verifier /querysettings

Post a share link into this thread using one drive, drop box, or google drive.

x BlueRobot · Aug 6, 2023

Addendum: I wouldn't recommend that you enable Driver Verifier at all because it's not going to catch anything and please do not enable the options which zbook suggests as will potentially just cause you further problems.

This is very likely to be a driver issue from what I can see, consistently attempting to free an _LIST_ENTRY from a doubly linked list which is probably the following _CM_DELAY_DEREF_KCB_ITEM from what I can find from the call stack.

Code:

2: kd> knL
 # Child-SP          RetAddr               Call Site
00 ffffb800`b09e67a8 fffff801`670592a9     nt!KeBugCheckEx
01 ffffb800`b09e67b0 fffff801`67059832     nt!KiBugCheckDispatch+0x69
02 ffffb800`b09e68f0 fffff801`67057606     nt!KiFastFailDispatch+0xb2
03 ffffb800`b09e6ad0 fffff801`674dc37f     nt!KiRaiseSecurityCheckFailure+0x346
04 ffffb800`b09e6c60 fffff801`672ca8df     nt!CmpDelayDerefKeyControlBlock+0x211a0f << Crash here!
05 ffffb800`b09e6ca0 fffff801`672c7c10     nt!CmpCleanUpKcbCacheWithLock+0xff
06 ffffb800`b09e6cd0 fffff801`66e310bb     nt!CmpDereferenceKeyControlBlockWithLock+0x8c
07 ffffb800`b09e6d00 fffff801`67300b15     nt!CmpDrainDelayDerefContext+0x9b
08 ffffb800`b09e6d40 fffff801`673007b1     nt!CmpCleanUpKCBCacheTable+0xe1
09 ffffb800`b09e6dd0 fffff801`67300765     nt!CmpEnumerateAllOpenSubKeys+0x35
0a ffffb800`b09e6e10 fffff801`672ff419     nt!CmpDoesKeyHaveOpenSubkeys+0x25
0b ffffb800`b09e6e60 fffff801`672ff147     nt!CmpPerformUnloadKey+0x14d
0c ffffb800`b09e6f70 fffff801`672febe9     nt!CmUnloadKey+0x437
0d ffffb800`b09e7220 fffff801`670589e5     nt!NtUnloadKey+0x29
0e ffffb800`b09e7260 fffff801`67049490     nt!KiSystemServiceCopyEnd+0x25
0f ffffb800`b09e73f8 fffff801`67380265     nt!KiServiceLinkage
10 ffffb800`b09e7400 fffff801`67380143     nt!VrpUnloadDifferencingHive+0xf5
11 ffffb800`b09e7470 fffff801`6737fa15     nt!VrpCleanupNamespace+0xa7
12 ffffb800`b09e74b0 fffff801`6738154d     nt!VrpHandleIoctlUnloadDynamicallyLoadedHives+0x15d
13 ffffb800`b09e7560 fffff801`66e325f5     nt!VrpIoctlDeviceDispatch+0x11d
14 ffffb800`b09e7610 fffff801`672d70b0     nt!IofCallDriver+0x55
15 ffffb800`b09e7650 fffff801`672d8ae7     nt!IopSynchronousServiceTail+0x1d0
16 ffffb800`b09e7700 fffff801`672d83c6     nt!IopXxxControlFile+0x707
17 ffffb800`b09e7900 fffff801`670589e5     nt!NtDeviceIoControlFile+0x56
18 ffffb800`b09e7970 00007ffa`9ddeee34     nt!KiSystemServiceCopyEnd+0x25
19 0000009f`5ed7f208 00000000`00000000     0x00007ffa`9ddeee34

Could you please upload the following file to your OneDrive, please ensure that you place it inside a .zip folder because it will be very large:

Code:

%systemroot%\MEMORY.DMP

zbook · Aug 6, 2023

x BlueRobot said:
Addendum: I wouldn't recommend that you enable Driver Verifier at all because it's not going to catch anything and please do not enable the options which zbook suggests as will potentially just cause you further problems.

Could you please upload the following file to your OneDrive, please ensure that you place it inside a .zip folder because it will be very large:

Code:

%systemroot%\MEMORY.DMP

The comments made by x BlueRobot refer you to a memory dump dated 2021.

Code:

LastWriteTime         Size (MB) FullName            
-------------         --------- --------            
2021-11-18 6:48:55 AM   1927.44 C:\WINDOWS\MEMORY.DMP

This memory dump is not related to the BSODs in 2023.

Please follow the steps in post #3.

Kadgar34 · Aug 6, 2023

Thanks for the suggestions! I ran Prime95 and FurMark at the same time for 20 minutes. The CPU reached a max of 87C and the GPU reached a max of 85C but it didn't BSOD.

I currently have Driver Verifier running

Code:

Verifier Flags: 0x001a092b

  Standard Flags:

    [X] 0x00000001 Special pool.
    [X] 0x00000002 Force IRQL checking.
    [X] 0x00000008 Pool tracking.
    [ ] 0x00000010 I/O verification.
    [X] 0x00000020 Deadlock detection.
    [ ] 0x00000080 DMA checking.
    [X] 0x00000100 Security checks.
    [X] 0x00000800 Miscellaneous checks.
    [X] 0x00020000 DDI compliance checking.

  Additional Flags:

    [ ] 0x00000004 Randomized low resources simulation.
    [ ] 0x00000200 Force pending I/O requests.
    [ ] 0x00000400 IRP logging.
    [ ] 0x00002000 Invariant MDL checking for stack.
    [ ] 0x00004000 Invariant MDL checking for driver.
    [ ] 0x00008000 Power framework delay fuzzing.
    [ ] 0x00010000 Port/miniport interface checking.
    [ ] 0x00040000 Systematic low resources simulation.
    [X] 0x00080000 DDI compliance checking (additional).
    [ ] 0x00200000 NDIS/WIFI verification.
    [ ] 0x00800000 Kernel synchronization delay fuzzing.
    [ ] 0x01000000 VM switch verification.
    [ ] 0x02000000 Code integrity checks.

  Internal Flags:

    [X] 0x00100000 Extended Verifier flags (internal).

    [X] Indicates flag is enabled.

  Boot Mode:

    Persistent

  Rules:

    All rules are using default settings

  Extensions:

    wdm: rules.all

  Verified Drivers:

    fltmgr.sys
    wdf01000.sys
    amdkmpfd.sys
    iastorac.sys
    storport.sys
    ndis.sys
    amdsafd.sys
    dbutildrv2.sys
    amdkmdag.sys
    amdfendr.sys
    igdkmd64.sys
    teedriverw8x64.sys
    qcamain10x64.sys
    e2xw10x64.sys
    ialpss2_uart2.sys
    ialpss2_gpio2.sys
    amdfendrmgr.sys
    atihdwt6.sys
    rtkvhd64.sys
    intcdaud.sys
    btfilter.sys
    000.fcl
    kfeco11x64.sys

Edit: I'll change the settings to what zbook suggested and upload a new log when a BSOD happens.

The memory.dmp file was created on Nov 18, 2021, so I'm not sure it's related to this BSOD. Should I upload it anyway?

zbook · Aug 6, 2023

Please follow the steps in post #3.

x BlueRobot · Aug 6, 2023

Kadgar34 said:
The memory.dmp file was created on Nov 18, 2021, so I'm not sure it's related to this BSOD. Should I upload it anyway?

Hmm, it is very old so I wouldn't bother, although, it does suggest that your dump file settings may not be the default as you should have had a new MEMORY.DMP written for your most recent crashes. Do you remember changing them at any point? It should be set to automatic, please refer to the following tutorial: Change BSOD Crash Memory Dump File Type in Windows 11 Tutorial

zbook said:
The comments made by x BlueRobot refer you to a memory dump dated 2021.

They actually don't because admittedly I didn't check that information, rather I asked for a kernel memory dump since this issue is going to be difficult to effectively troubleshoot without one. I actually wanted to check two pieces of key information: the I/O request being sent and the registry key being unloaded as it may provide us with a clue as to what is causing the crashes.

zbook said:
Please follow the steps in post #3.

Could you please explain why those Driver Verifier settings are relevant to this situation?

There are 4 of those settings which should not be enabled at all, two of which are deprecated in Windows 11 and one which can cause a number of problems and is not generally recommended by Microsoft.

zbook · Aug 6, 2023

1) If there is no immediate BSOD please open administrative command prompt and type or copy and paste:

verifier /querysettings

Post a share link into this thread using one drive, drop box, or google drive.

2) Run Tuneup Plus:

https://www.tenforums.com/attachments/bsod-crashes-debugging/360139d1645183596-batch-files-use-bsod-debugging-tuneup_plus_log.zip

Post a share link into this thread using one drive, drop box, or google drive.

3) Turn off Window fast startup:

Turn On or Off Fast Startup in Windows 11

This tutorial will show you how to turn on or off fast startup in Windows 11. There are three startup modes in Windows: Cold (traditional) Wake-from-hibernation Fast Starting with Windows 8.x, the default shutdown and restart scenario has been updated and named fast startup. Fast startup...

www.elevenforum.com

Kadgar34 · Aug 6, 2023

This is my Dad's computer and I before I had a look at it I think he talked with Dell, who may have changed the memory dump setting for him. I've changed it to Automatic now.

While I wait for the computer to BSOD again with this new setting here's my verifier settings currently. It asked me to also enable I/O verification.

Code:

Verifier Flags: 0x03b5e090

  Standard Flags:

    [ ] 0x00000001 Special pool.
    [ ] 0x00000002 Force IRQL checking.
    [ ] 0x00000008 Pool tracking.
    [X] 0x00000010 I/O verification.
    [ ] 0x00000020 Deadlock detection.
    [X] 0x00000080 DMA checking.
    [ ] 0x00000100 Security checks.
    [ ] 0x00000800 Miscellaneous checks.
    [ ] 0x00020000 DDI compliance checking.

  Additional Flags:

    [ ] 0x00000004 Randomized low resources simulation.
    [ ] 0x00000200 Force pending I/O requests.
    [ ] 0x00000400 IRP logging.
    [X] 0x00002000 Invariant MDL checking for stack.
    [X] 0x00004000 Invariant MDL checking for driver.
    [X] 0x00008000 Power framework delay fuzzing.
    [X] 0x00010000 Port/miniport interface checking.
    [X] 0x00040000 Systematic low resources simulation.
    [ ] 0x00080000 DDI compliance checking (additional).
    [X] 0x00200000 NDIS/WIFI verification.
    [X] 0x00800000 Kernel synchronization delay fuzzing.
    [X] 0x01000000 VM switch verification.
    [X] 0x02000000 Code integrity checks.

  Internal Flags:

    [X] 0x00100000 Extended Verifier flags (internal).

    [X] Indicates flag is enabled.

  Boot Mode:

    Persistent

  Rules:

    All rules are using default settings

  Extensions:

    ndis: rules.default

  Verified Drivers:

    amdkmpfd.sys
    iastorac.sys
    amdsafd.sys
    dbutildrv2.sys
    amdkmdag.sys
    amdfendr.sys
    igdkmd64.sys
    teedriverw8x64.sys
    qcamain10x64.sys
    e2xw10x64.sys
    ialpss2_uart2.sys
    ialpss2_gpio2.sys
    amdfendrmgr.sys
    atihdwt6.sys
    rtkvhd64.sys
    intcdaud.sys
    btfilter.sys
    dump_diskdump.sys
    dump_iastorac.sys
    dump_dumpfve.sys
    000.fcl
    kfeco11x64.sys
    ndis.sys
    netadaptercx.sys
    mbbcx.sys
    wificx.sys
    wdiwifi.sys

Here's the output from the tuneup plus script

Fast startup is now off

zbook · Aug 6, 2023

If there were no major performance problems including very slow boot please restart WDV with all customized test settings except:

[ ] 0x00000004 Randomized low resources simulation.

If there is no immediate BSOD please open administrative command prompt and type or copy and paste:

verifier /querysettings

Post a share link into this thread using one drive, drop box, or google drive.

For any BSOD post a new V2 share link into the newest post.

x BlueRobot · Aug 6, 2023

Kadgar34 said:
I've changed it to Automatic now.

Thanks, when the system crashes again, it should hopefully update the MEMORY.DMP file to the date of the crash. If it doesn't, then we can investigate further but I don't foresee any reason for it to not do so. Additionally, I would strongly suggest that you disable "Systematic low resources simulation", as per the cautionary advice from Microsoft:

Caution This option is not intended for use when you are verifying all (or a large collection of) drivers on a computer. This option should be used only when you are doing targeted testing of individual drivers or their attached filter drivers. Using this option on a large number of drivers at the same time could cause unpredictable results, and could force crashes in components unrelated to the driver(s) you are testing.

Source: Systematic low resources simulation - Windows drivers

I still stand by my suggestion of not having Driver Verifier enabled for this particular crash though.

zbook said:
If there were no major performance problems including very slow boot please restart WDV with all customized test settings except:

[ ] 0x00000004 Randomized low resources simulation.

Could you please explain why this setting is relevant along with the others you have suggested? I will assume that if you do not respond then you can't justify it and therefore should not be recommending as such.

zbook · Aug 6, 2023

Please follow the steps as per post #11.

x BlueRobot · Aug 6, 2023

zbook said:
Please follow the steps as per post #11.

Okay, so you can't justify it and therefore should not be making such recommendations.

Kadgar34 · Aug 6, 2023

Here's the latest log file

A memory.dmp file was created properly this time. Here it is.

I can retry with the new driver verifier settings. The BSOD was the same so I don't think it has affected any of the results.

Thanks!

zbook · Aug 6, 2023

The latest crash had these WDV settings:

Code:

  STANDARD FLAGS:
    [X] (0x00000000) Automatic Checks
    [ ] (0x00000001) Special pool
    [ ] (0x00000002) Force IRQL checking
    [ ] (0x00000008) Pool tracking
    [X] (0x00000010) I/O verification
    [ ] (0x00000020) Deadlock detection
    [X] (0x00000080) DMA checking
    [ ] (0x00000100) Security checks
    [ ] (0x00000800) Miscellaneous checks
    [ ] (0x00020000) DDI compliance checking

  ADDITIONAL FLAGS:
    [ ] (0x00000004) Randomized low resources simulation
    [ ] (0x00000200) Force pending I/O requests
    [ ] (0x00000400) IRP logging
    [X] (0x00002000) Invariant MDL checking for stack
    [X] (0x00004000) Invariant MDL checking for driver
    [X] (0x00008000) Power framework delay fuzzing
    [X] (0x00010000) Port/miniport interface checking
    [X] (0x00040000) Systematic low resources simulation
    [ ] (0x00080000) DDI compliance checking (additional)
    [X] (0x00200000) NDIS/WIFI verification
    [X] (0x00800000) Kernel synchronization delay fuzzing
    [X] (0x01000000) VM switch verification
    [X] (0x02000000) Code integrity checks

Please restart WDV using all customized tests except:

[ ] 0x00000004 Randomized low resources simulation.

Post either a querysettings or V2 share link into the newest post.

x BlueRobot · Aug 6, 2023

Code:

5: kd> !PDE.du ffffad8528777a00
\Registry\WC\Silo063a5ee3-f55b-4d51-b5cc-26ce97198778user_sid

It looks like the registry key which was being referenced was related to some Microsoft Office telemetry key?

Code:

5: kd> !reg kcb ffffad8531187620

Key              : \REGISTRY\WC\SILO063A5EE3-F55B-4D51-B5CC-26CE97198778USER_SID\SOFTWARE\MICROSOFT\OFFICE\16.0\COMMON\CLIENTTELEMETRY\RULESMETADATA
RefCount         : 0x0000000000000001
Flags            : CompressedName,
ExtFlags         :
Parent           : 0xffffad852fd8c790
KeyHive          : 0xffffad85333b7000
KeyCell          : 0x6420 [cell index]
TotalLevels      : 10
LayerHeight      : 1
MaxNameLen       : 0x1a
MaxValueNameLen  : 0x0
MaxValueDataLen  : 0x0
LastWriteTime    : 0x 1d9c88e:0x6f222ac4
KeyBodyListHead  : 0xffffad8531187698 0xffffad8531187698
SubKeyCount      : 1
Owner            : 0x0000000000000000
KCBLock          : 0xffffad8531187718
KeyLock          : 0xffffad8531187728

Code:

5: kd> !irp ffffbf053fef1dc0
Irp is active with 1 stacks 1 is current (= 0xffffbf053fef1e90)
 No Mdl: System buffer=ffffbf053f927140: Thread ffffbf053cfba040:  Irp stack trace.  
     cmd  flg cl Device   File     Completion-Context
>[IRP_MJ_DEVICE_CONTROL(e), N/A(0)]
            5  0 ffffbf05200b42e0 ffffbf0541d21720 00000000-00000000    
           \Driver\WscVReg
            Args: 00000000 00000008 0x220018 00000000

Code:

5: kd> !ioctldecode 0x220018

IOCTL_LAMP_GET_INTENSITY_COLOR

Device Type    : 0x22 (FILE_DEVICE_WINLOAD) (FILE_DEVICE_USER_MODE_BUS) (FILE_DEVICE_USB) (FILE_DEVICE_UNKNOWN)
Method         : 0x0 METHOD_BUFFERED 
Access         : FILE_ANY_ACCESS
Function       : 0x6

Interesting, looks like the IOCTL request was regarding getting the light intensity? It seems to refer to a struct which is simply a RGB value. I'm not sure what it is for but it seems that this API is used by media streaming devices, like video capture cards and cameras etc. It would help explain why the system appears to always crash while you're using YouTube.

I'm completely baffled as to what that WscVReg.sys driver belongs to? I believe it might be a system driver and it only seems to be interested in registry operations.

Code:

5: kd> !drvobj \Driver\WscVReg f
Driver object (ffffbf0536751b40) is for:
 \Driver\WscVReg

Driver Extension List: (id , addr)

Device Object list:
ffffbf05200b42e0  

DriverEntry:   fffff8007b87a8a0    nt!VRegSetup
DriverStartIo: 00000000    
DriverUnload:  fffff8007ba8de30    nt!VrpRegistryUnload
AddDevice:     00000000    

Dispatch routines:
[00] IRP_MJ_CREATE                      fffff8007b787450    nt!VrpRegistryDispatch
[01] IRP_MJ_CREATE_NAMED_PIPE           fffff8007b31a850    nt!IopInvalidDeviceRequest
[02] IRP_MJ_CLOSE                       fffff8007b787450    nt!VrpRegistryDispatch
[03] IRP_MJ_READ                        fffff8007b31a850    nt!IopInvalidDeviceRequest
[04] IRP_MJ_WRITE                       fffff8007b31a850    nt!IopInvalidDeviceRequest
[05] IRP_MJ_QUERY_INFORMATION           fffff8007b31a850    nt!IopInvalidDeviceRequest
[06] IRP_MJ_SET_INFORMATION             fffff8007b31a850    nt!IopInvalidDeviceRequest
[07] IRP_MJ_QUERY_EA                    fffff8007b31a850    nt!IopInvalidDeviceRequest
[08] IRP_MJ_SET_EA                      fffff8007b31a850    nt!IopInvalidDeviceRequest
[09] IRP_MJ_FLUSH_BUFFERS               fffff8007b31a850    nt!IopInvalidDeviceRequest
[0a] IRP_MJ_QUERY_VOLUME_INFORMATION    fffff8007b31a850    nt!IopInvalidDeviceRequest
[0b] IRP_MJ_SET_VOLUME_INFORMATION      fffff8007b31a850    nt!IopInvalidDeviceRequest
[0c] IRP_MJ_DIRECTORY_CONTROL           fffff8007b31a850    nt!IopInvalidDeviceRequest
[0d] IRP_MJ_FILE_SYSTEM_CONTROL         fffff8007b31a850    nt!IopInvalidDeviceRequest
[0e] IRP_MJ_DEVICE_CONTROL              fffff8007b78b430    nt!VrpIoctlDeviceDispatch
[0f] IRP_MJ_INTERNAL_DEVICE_CONTROL     fffff8007b31a850    nt!IopInvalidDeviceRequest
[10] IRP_MJ_SHUTDOWN                    fffff8007b31a850    nt!IopInvalidDeviceRequest
[11] IRP_MJ_LOCK_CONTROL                fffff8007b31a850    nt!IopInvalidDeviceRequest
[12] IRP_MJ_CLEANUP                     fffff8007b31a850    nt!IopInvalidDeviceRequest
[13] IRP_MJ_CREATE_MAILSLOT             fffff8007b31a850    nt!IopInvalidDeviceRequest
[14] IRP_MJ_QUERY_SECURITY              fffff8007b31a850    nt!IopInvalidDeviceRequest
[15] IRP_MJ_SET_SECURITY                fffff8007b31a850    nt!IopInvalidDeviceRequest
[16] IRP_MJ_POWER                       fffff8007b31a850    nt!IopInvalidDeviceRequest
[17] IRP_MJ_SYSTEM_CONTROL              fffff8007b31a850    nt!IopInvalidDeviceRequest
[18] IRP_MJ_DEVICE_CHANGE               fffff8007b31a850    nt!IopInvalidDeviceRequest
[19] IRP_MJ_QUERY_QUOTA                 fffff8007b31a850    nt!IopInvalidDeviceRequest
[1a] IRP_MJ_SET_QUOTA                   fffff8007b31a850    nt!IopInvalidDeviceRequest
[1b] IRP_MJ_PNP                         fffff8007b31a850    nt!IopInvalidDeviceRequest

Some steps to do:

Code:

reg query "HKLM\WC\SILO063A5EE3-F55B-4D51-B5CC-26CE97198778USER_SID"

I suspect that the registry key may be volatile and only loaded when required so it wouldn't surprise me if it returns not found.

Let's try and find more information about that driver:

FRST Registry Search
1. Click your Start button and type in cmd.
2.After you find the Command Prompt, right click on it and select Run as Administrator.
3. Copy and paste the following into the Command Prompt:

reg load HKLM\DRIVERS C:\WINDOWS\SYSTEM32\CONFIG\DRIVERS

4. Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the 64-bit Version so please ensure you download that one.
5. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
6. Copy and paste WscVReg into the Search box and click the Search Registry button.
7. When the scan is complete a notepad window will open with the results. Please attach this to your next reply. It is saved on your desktop named SearchReg.txt.

We may have to setup Sysmon to try and see what is accessing that key as well.

Kadgar34 · Aug 6, 2023

Here's the BSOD log with the new driver verifier settings.

Here's the associated memory.dmp

Kadgar34 · Aug 6, 2023

Looks like it didn't find anything?

Code:

Farbar Recovery Scan Tool (x64) Version: 06-08-2023
Ran by ali (06-08-2023 13:30:21)
Running from C:\Users\ali\Downloads
Boot Mode: Normal

================== Search Registry: "WscVReg" ===========


====== End of Search ======

zbook · Aug 6, 2023

If there were no performance problem including very slow boot please restart WDV with all customized test settings.

Post either a querysettings or V2 share link into the newest post.

Solved BSOD when watching YouTube

Member

My Computer

Banned

My Computer

Well-known member

My Computer

Account Closed

My Computer

Well-known member

My Computer

Member

My Computer

Well-known member

My Computer

Account Closed

My Computer

Well-known member

My Computer

Member

My Computer

Well-known member

My Computer

Account Closed

My Computer

Well-known member

My Computer

Account Closed

My Computer

Member

My Computer

Well-known member

My Computer

Account Closed

My Computer

Member

My Computer

Member

My Computer

Well-known member

My Computer

Similar threads