Tech Line
From Verifying to Vandalizing
Is Driver Verifier preventing your system from booting? Here's how to shut it off.
Chris: I'm in a jam. I set up a new Windows Server 2003
system and was having a problem with two device drivers, one for a SATA
controller and the other for a video card. Both drivers were unsigned.
I wanted to make sure that there weren't any problems with the drivers,
so I ran and configured verifier.exe to test the drivers on bootup. However,
now when my system boots I get a BSOD. Short of reinstalling, can you
offer any guidance?
-- Thomas
For those of you not too familiar with Driver Verifier (verifier.exe),
take a look at Microsoft KnowledgeBase Article 244617,
"How to Use Driver Verifier to Troubleshoot Windows Drivers."
The article explains how to use verifier.exe to effectively troubleshoot
device driver problems on Windows 2000, XP, or 2003.
Thomas, your case is like several administrators who did not heed the
warning provided by Microsoft before running the Driver Verifier to troubleshoot
a device driver. In KB article 215233,
"Things to consider before you enable Driver Verifier Manager on
production servers," (which I highly recommend that anyone read before
running verifier.exe) Microsoft states that:
You should use Driver Verifier to help test new kernel mode drivers
in a test environment, but in some situations you may need to run the
tool on a production server. When you use this tool on a production
server and a problem is identified, an error message on a blue screen
is displayed.
Tech Help—Just An
E-Mail Away |
|
Got a Windows, Exchange or virtualization question
or need troubleshooting help? Or maybe you want a better
explanation than provided in the manuals? Describe
your dilemma in an e-mail to the MCPmag.com editors
at mailto:[email protected];
the best questions get answered in this column and garner
the questioner with a nifty MCPmag.com baseball-style
cap.
When you send your questions, please include your
full first and last name, location, certifications (if
any) with your message. (If you prefer to remain anonymous,
specify this in your message, but submit the requested
information for verification purposes.)
|
|
|
I have to hand it to Microsoft for coming up with such a creative way
to describe a blue screen of death. This passage actually reminded me
of a time I was visiting a haunted house outside of Orlando. When asked
about where we can find a rest room, the manager calmly described that
the restrooms were in the white building out back. The "white building"
he was referring to was a portable toilet!
The bottom line with verifier.exe is that while it is a good tool for
identifying a problem, any problem that is found will be displayed in
a BSOD along with a stop error message. This is usually a good thing,
as the stop error can help you to further determine the root cause of
the driver failure.
If you just accidentally installed the wrong driver, you're probably
telling Windows, "Thanks for the BSOD, now can I get back in to uninstall
the driver?" To get past the BSOD, you actually can take several
different paths:
- As the system boots, press F8 to access the Windows Advanced Options
Menu and select Last Known Good Configuration
- From the Windows Advanced Options Menu select Safe Mode
- Boot to the Recovery Console and disable the driver that generated
the BSOD
- Disable Driver Verifier by performing an offline edit of the Registry
If you just set the Driver Verifier options, booting to the Last Known
Good Configuration (LKGC) is the easiest and safest method. If that doesn't
work, the Safe Mode boot could get you back in. If you can log in after
a LKGC or Safe Mode boot, you would then just need to run verifier.exe
/reset. This will remove all Driver Verifier settings from the
Registry and prevent Driver Verifier from running again at startup.
Another approach is to disable the faulty driver in the Recovery Console.
If Safe Mode boot is not possible due to the faulty driver belonging to
a storage device, then disabling the driver in the Recovery Console can
get the job done. From the Recovery Console, you would need to run the
listsvc command to locate the name of the driver.
Then you would run disable <driver name>
to disable the driver.
One other way to disable Driver Verifier would be to perform an offline
edit of the Registry. There are several boot disk tools that allow you
to edit the system Registry independent of the OS, including the Bart's
Preinstalled Environment (BartPE) bootable CD and the Offline
NT Password & Registry Editor Boot Disk/CD. Note that with the
BartPE disk you would need to download a Registry Editor plug-in. You
can download free BartPE plug-ins here.
To turn off Driver Verifier by editing the Registry, you would need to
navigate to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session
Manager\Memory Management registry key. From here you would need
to delete the following two values:
- VerifyDriverLevel
- VerifyDrivers
While the method of performing an offline edit of the Registry is probably
the longest and most difficult, I thought that it's still worth mentioning.
Now that Microsoft has inspired me to be more creative in how I describe
some of the less-appealing objects and tasks I see and do in life, I think
I'll let the junior administrators know that they're not just resetting
passwords. They're enlightening phrase-challenged users.
Now I'm off to my exciting scavenger hunt! (Also known as picking up
milk and the dry cleaning on the way home.)