Perfect - that narrows things down and removes a lot of physical GPU and driver weirdness from the equation. A Hyper-V VM will generally use:
- Microsoft Hyper-V Video as its display adapter
- RDPUDD Chained DD for remote rendering in sessions
So if DWM is crashing inside a Hyper-V VM with error 0xc0000005
, it's likely tied to Windows updates, RDP session settings, or a corrupted user profile, rather than third-party drivers.
Focused Fix Steps for Hyper-V VM (DWM crashing on RDP)
1. Boot into Enhanced Session or Console via Hyper-V Manager
- Use Hyper-V Manager Connect Basic Session (no RDP).
- If it's stuck or blackscreening, use the "Turn Off" and "Start" options (not reboot) - this clears session state.
2. Check for Broken Updates or Patches
Run:
Get-HotFix | Sort-Object InstalledOn -Descending
Compare recent update dates with when the issue began. Uninstall any recent suspect with:
wusa /uninstall /kb:5000000
Replace 5000000
with the KB number.
3. Disable Hardware Acceleration for RDP in Registry
Still valid in VM environments:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"DisableHardwareAcceleration"=dword:00000001
Reboot after applying.
4. Force RDP to Use Legacy Display Stack
Disable WDDM in RDP (which relies on DWM):
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp]
"UseDDAPI"=dword:00000000
And if this key doesn't exist, create it as a DWORD (32-bit)
.
5. Test with a New Local Admin User
Create a new admin account:
net user newadmin P@ssword123 /add
net localgroup administrators newadmin /add
Then try RDP using that account. If it works, your existing profile may be corrupted or loading something that's triggering the crash.
6. Check RemoteFX (Should Be Off)
RemoteFX is deprecated and can cause issues if somehow still enabled. Verify it's off:
Get-VMRemoteFx3dVideoAdapter -VMName "RDserv" # Should return nothing
If it exists, remove it:
Remove-VMRemoteFx3dVideoAdapter -VMName "RDserv"
7. Check Event Viewer > Application Logs for dwm.exe
Look for accompanying Application Error logs that show:
- Faulting module (e.g.,
dwmcore.dll
, ntdll.dll
)
- Stack trace or any DLL involved
This will help pinpoint the real trigger.
Final Clean-Up Options
If nothing works:
Option: Replace RDP Session Shell Temporarily
As a test, set the shell to something like cmd.exe
via GPO or:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="cmd.exe"
This may allow RDP login without DWM/Explorer launching. If successful, DWM/Explorer are the culprits.
Let me know what works or what you see when trying these steps. We'll tighten the scope from there - the 0xc0000005
access violation inside a Hyper-V VM is likely fixable with a registry patch, session reset, or user profile swap.