App Control: How to enable Filter Driver Verifier for BSOD issues
Article ID: 289133
Updated On:
Products
Carbon Black App Control (formerly Cb Protection)
Issue/Introduction
Explain the steps to enable the Windows Driver Verifier tool for the parity.sys driver and reproduce BSOD behavior
Environment
- App Control Agent: All Supported Versions
- Windows OS: Windows 10 x64 and higher
- Windows Driver Verifier
Resolution
- To enable the Filter Driver Verifier, open an Admin CMD prompt and execute: verifier /flags 0x10 /driver parity.sys
- Ensure that complete memory dumps are enabled on the system: https://community.carbonblack.com/t5/Knowledge-Base/All-Products-How-to-Create-a-Full-Complete-Memory-Dump-Via/ta-p/34630
- Reboot OS to apply the configuration.
- Reproduce the issue that triggers the BSOD behavior.
- Collect the memory.dmp file in c:\windows and submit to the CB Vault.
Feedback
Yes
No
Powered by
