BSOD caused by Ntfs.sys and ntoskrnl.exe (Windows 10, 2018)

[JayTee3]

Screencap of my minidump in bluescreenview:

https://i.imgur.com/5m9pL8V.png

Help?

 

[JayTee3]

You are correct with dates, I may have been tired.

as for why run DDU in safe mode. well, in that mode the only drivers being used are windows default ones. Its likely that if you try to uninstall display drivers while they are being used, the PC will freak out and leave you with no picture or turn monitor off (Like it does to me). At least in safe mode you will still have a picture afterwards and PC will boot up using the basic display drivers

as for overclock software, if you have MSI Live update 6 installed, the file john is referring to can also be part of it.

use this tool to remove overclock drivers. (select hide microsoft entries, then find the driver and uncheck or delete the entry)
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

you could also use the uninstall program for the overclock software.

if you have removed the old webcam driver, and the overclock software and still get the problem, provide a link to your kernel dump. turn on verifier and provide a link to the next kernel memory dump.

Pretty sure I said I can't read the dump files and would get someone else to convert them for me... Gardenman is that person. I realize you just want to get a fix but he was just doing what I asked. Seems he can help after all as error is pointing at Nvidia

Do you use Display Port to connect monitor? Even if you don't, this might help as the Nvidia drivers you have installed were causing BSOD last month - https://www.nvidia.com/object/nv-uefi-update-x64.html

there is a new BIOS for your motherboard dated 17 July 2018 and a new version of Intel Management Engine Interface that matches the BIOS (released same day) - https://www.msi.com/Motherboard/support/Z270-SLI#down-driver&Win10%2064

See if any newer drivers for the Blue Yeti

I would think your old webcam driver is the cause of the problem. remove it and see if you still get problems
(usb driver share the pci/e bus and can mess up video cards if they are poorly written or in this case do not conform to the usb 2.x specs)

remove the driver if you can, or update it. if the device is built in, then disable it in the bios. if you can not find a way to uninstall it, then run https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns
and find the menu item to hide microsoft entries, then find the driver and uncheck it so it will not load. (or delete the entry) also use the tool to take a look at the tasks in the task scheduler, remove any hack tools.

you should also run cmd.exe as an admin and run
dism.exe /online /cleanup-image /restorehealth

remove the overclock software while trying to figure out the problem.
--------------
stack overflow into the graphics driver from what ever was running at location
0xffff8001`29050030

you would have to provide a kernel memory dump or a full memory dump to figure out this problem.
-virus scanner is really messed up
- overclock driver is still installed (2 of them)
NTIOLib_X64.sys Wed Mar 29 00:26:33 2017
RTKVHD64.sys Tue Sep 4 03:45:04 2018
old driver installed:
Logitech USB Video Class Driver (WebCam) ( i would uninstall and disable the hardware)
lvuvc64.sys Fri Aug 19 02:26:11 2011
.
machine info:
BIOS Version 1.90
BIOS Starting Address Segment f000
BIOS Release Date 01/30/2018
Manufacturer MSI
Product Name MS-7A59
Version 1.0
memory from different vendors:
bank 0: none
bank 1: 8 gb CT8G4DFS8213.C8FBR1
bank 2: none
bank 3: 8gb 9905625-030.A00G

cpu shipped Q1'17

Processor Version Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Processor Voltage 8bh - 1.1V
External Clock 100MHz
Max Speed 8300MHz
Current Speed 4200MHz

I ran the dump file through the debugger and got the following information: https://pste.eu/p/PmFP.html

File: 101418-6250-01.dmp (Oct 14 2018 - 05:16:27)
BugCheck: [BugCheck 1C7, {0, ffff800f3b200000, 6955bddd, 20fbe8} (1C7)]
Probably caused by: ntkrnlmp.exe (Process: MemCompression)
Uptime: 0 Day(s), 9 Hour(s), 07 Min(s), and 39 Sec(s)

I can't help you with this. Wait for additional replies. Good luck.

You said you could help if i gave u a small dump and complained u couldnt without one? Im confused.

Anyway heres another with a diff BSOD message: (first one was store_data_structure_corruption)
This one was kernel_security_check_failure which was common for me before. https://1drv.ms/u/s!AtKsB23i-mF6pmtnOgbFs0DnRjnQ

Heres another small dump: https://1drv.ms/u/s!AtKsB23i-mF6pmzPdsMBzsc8cts8

I'll answer one at a time

Gardenman:
I mean I can try the nvidia thing thanks. I'm just curious why do u have to do it in safe mode? I will but just curious on why

Colif:
1. No
2. I guess I can update my BIOS... never helps but aight
3. Nope, and I've contacted them several times, but they haven't released one in a while

Johnbl:
1. I have several full memory dumps.. actually theres 3 full memory dumps in this thread if u want to go through them
2. Don the dism command several times :/
3. How do I remove the overclock software?

@Colif Just got a bluescreen of fltmgr.sys after @Gardenman's solution + urs together did stop crashing for almost a week (6 days)

@johnbl heres the dump https://1drv.ms/u/s!AtKsB23i-mF6pm3PXjuqeZRnMhaN from today

 

[gardenman]

I ran the dump file through the debugger and got the following information: https://pste.eu/p/YNW4.html

File: 102718-6156-01.dmp (Oct 27 2018 - 01:20:05)
BugCheck: [SYSTEM_SERVICE_EXCEPTION (3B)]
*** WARNING: Unable to verify timestamp for farflt.sys
Probably caused by: farflt.sys (Process: forhonor.exe)
Uptime: 0 Day(s), 7 Hour(s), 00 Min(s), and 59 Sec(s)

It looks like a Malwarebytes (farflt.sys) driver crashed.
https://www.freefixer.com/library/file/farflt.sys-246316/

I think johnbl asked if you could remove the OC drivers. I didn't go back and re-read it all yet but it appears as if they are still enabled and being loaded.
The overclocking driver "RTCore64.sys" was found on your system.
The overclocking driver "NTIOLib_X64.sys" was found on your system.

I can't help you with this. Wait for additional replies. Good luck.

 

[JayTee3]

I ran the dump file through the debugger and got the following information: https://pste.eu/p/YNW4.html

File: 102718-6156-01.dmp (Oct 27 2018 - 01:20:05)
BugCheck: [SYSTEM_SERVICE_EXCEPTION (3B)]
*** WARNING: Unable to verify timestamp for farflt.sys
Probably caused by: farflt.sys (Process: forhonor.exe)
Uptime: 0 Day(s), 7 Hour(s), 00 Min(s), and 59 Sec(s)

It looks like a Malwarebytes (farflt.sys) driver crashed.
https://www.freefixer.com/library/file/farflt.sys-246316/

I think johnbl asked if you could remove the OC drivers. I didn't go back and re-read it all yet but it appears as if they are still enabled and being loaded.
The overclocking driver "RTCore64.sys" was found on your system.
The overclocking driver "NTIOLib_X64.sys" was found on your system.

I can't help you with this. Wait for additional replies. Good luck.

I don't see why I need to remove the overclock drivers if they aren't causing problems anymore

 

[johnbl]

Overclock drivers are a huge red flag. when you see them you know it is a good time to stop debugging the dump and move on to the next persons problem.

I ran the dump file through the debugger and got the following information: https://pste.eu/p/YNW4.html

File: 102718-6156-01.dmp (Oct 27 2018 - 01:20:05)
BugCheck: [SYSTEM_SERVICE_EXCEPTION (3B)]
*** WARNING: Unable to verify timestamp for farflt.sys
Probably caused by: farflt.sys (Process: forhonor.exe)
Uptime: 0 Day(s), 7 Hour(s), 00 Min(s), and 59 Sec(s)

It looks like a Malwarebytes (farflt.sys) driver crashed.
https://www.freefixer.com/library/file/farflt.sys-246316/

I think johnbl asked if you could remove the OC drivers. I didn't go back and re-read it all yet but it appears as if they are still enabled and being loaded.
The overclocking driver "RTCore64.sys" was found on your system.
The overclocking driver "NTIOLib_X64.sys" was found on your system.

I can't help you with this. Wait for additional replies. Good luck.

I don't see why I need to remove the overclock drivers if they aren't causing problems anymore

 

[JayTee3]

Overclock drivers are a huge red flag. when you see them you know it is a good time to stop debugging the dump and move on to the next persons problem.

I ran the dump file through the debugger and got the following information: https://pste.eu/p/YNW4.html

File: 102718-6156-01.dmp (Oct 27 2018 - 01:20:05)
BugCheck: [SYSTEM_SERVICE_EXCEPTION (3B)]
*** WARNING: Unable to verify timestamp for farflt.sys
Probably caused by: farflt.sys (Process: forhonor.exe)
Uptime: 0 Day(s), 7 Hour(s), 00 Min(s), and 59 Sec(s)

It looks like a Malwarebytes (farflt.sys) driver crashed.
https://www.freefixer.com/library/file/farflt.sys-246316/

I think johnbl asked if you could remove the OC drivers. I didn't go back and re-read it all yet but it appears as if they are still enabled and being loaded.
The overclocking driver "RTCore64.sys" was found on your system.
The overclocking driver "NTIOLib_X64.sys" was found on your system.

I can't help you with this. Wait for additional replies. Good luck.

I don't see why I need to remove the overclock drivers if they aren't causing problems anymore

My monitor is overclocked.. is it still okay to remove the overclock drivers?

Instead of the crashes happening everyday they are happening every like 3-4 so thats better i suppose

another one:
https://1drv.ms/u/s!AtKsB23i-mF6pm7L91ogcqe5Jmof

 

[johnbl]

bugcheck 0x12b
FAULTY_HARDWARE_CORRUPTED_PAGE (12b)
This bugcheck indicates that a single bit error was found in this page. This is a hardware memory error.

basically, windows was decompressing a memory and it got a error,
the virtual memory address looks bogus more like a error code below:

2: kd> !error 0xc00002c4
Error code: (NTSTATUS) 0xc00002c4 (3221226180) - The system file %1 has become corrupt and has been replaced.

i would assume it is cause by your two overclock drivers that you have installed.

you have some other problems:
you need to remove all copies of the Kaspersky drivers. some how you have two versions running from seperate locations at the same time. when they load they collide, when they collide windows memory manager will relocate one to a different locations and will make a driver name like:

klupd_klif_mark klupd_klif_mark.sys Wed Aug 22 02:53:00 2018 (first versions installed)
klupd_klif_mark_fffff802b2d60000 klupd_klif_mark.sys Tue Oct 2 06:00:18 2018 (second version installed)

two versions of the same file but different dates, you have several of these and need to remove them all
then reinstall the product.
generally it would indicate the directory that it is installed from but does not in your case.
(the two files were loaded from different locations)

you can google "autoruns" and download it then use it to remove drivers. most likely the setup/remove program will not work.

 

[JayTee3]

bugcheck 0x12b
FAULTY_HARDWARE_CORRUPTED_PAGE (12b)
This bugcheck indicates that a single bit error was found in this page. This is a hardware memory error.

basically, windows was decompressing a memory and it got a error,
the virtual memory address looks bogus more like a error code below:

2: kd> !error 0xc00002c4
Error code: (NTSTATUS) 0xc00002c4 (3221226180) - The system file %1 has become corrupt and has been replaced.

i would assume it is cause by your two overclock drivers that you have installed.

you have some other problems:
you need to remove all copies of the Kaspersky drivers. some how you have two versions running from seperate locations at the same time. when they load they collide, when they collide windows memory manager will relocate one to a different locations and will make a driver name like:

klupd_klif_mark klupd_klif_mark.sys Wed Aug 22 02:53:00 2018 (first versions installed)
klupd_klif_mark_fffff802b2d60000 klupd_klif_mark.sys Tue Oct 2 06:00:18 2018 (second version installed)

two versions of the same file but different dates, you have several of these and need to remove them all
then reinstall the product.
generally it would indicate the directory that it is installed from but does not in your case.
(the two files were loaded from different locations)

you can google "autoruns" and download it then use it to remove drivers. most likely the setup/remove program will not work.

1. You didn't answer my question
2. Why can't I just delete the old version? Why do I have to uninstall both? Just curious
3. Can i fix the virtual memory address? (The bogusness?)

 

[johnbl]

I look at the memory dump and see what the problem is and try to figure out a best guess as the cause.
2 overclock drivers tend to be related to hardware bit errrors. I stop debugging when I see the problem and a probable cause.

two installs the same antivirus at the same time is pretty strange. a big red flag.
you can do what you want and try to cut it apart but you will never know if you did it exactly correct.
do you know how you got it installed that way in the first place? running a 32 bit install and a 64 bit install?

you can not fix the virtual memory address these are created dynamically by the systems memory manager and some driver rather than getting a valid address mappong from memory to your pagefile.sys got a error code, and it should have acted on the error code but instead it used it as a memory address.
you would have to find the driver. But the driver could just be having errors related to the overclocking and the problem might not happened without the overclocking. or its more likely be one copy of your antivirus being messed up by the other copy using the same data structures.

[/quotemsg]

1. You didn't answer my question
2. Why can't I just delete the old version? Why do I have to uninstall both? Just curious
3. Can i fix the virtual memory address? (The bogusness?)
[/quotemsg]

 

[Karadjgne]

You can't 'just' delete the old version because they share some of the same things in the registry, in drivers, in windows. You'll also end up with orphans as windows doesn't delete anything at all, ever. All windows 'delete' does is remove the address to the folder in storage. The data is all still there, until written over when windows assigns that address to something else. So 'just' deleting or even uninstalling by windows will leave gaps where drivers used by the new version will not be found, having been removed from access, making both versions bunk. Best to uninstall both, use ccleaner registry tool to remove any orphans left behind, install the one you want. Or use Revo Uninstaller.

 

[JayTee3]

You can't 'just' delete the old version because they share some of the same things in the registry, in drivers, in windows. You'll also end up with orphans as windows doesn't delete anything at all, ever. All windows 'delete' does is remove the address to the folder in storage. The data is all still there, until written over when windows assigns that address to something else. So 'just' deleting or even uninstalling by windows will leave gaps where drivers used by the new version will not be found, having been removed from access, making both versions bunk. Best to uninstall both, use ccleaner registry tool to remove any orphans left behind, install the one you want. Or use Revo Uninstaller.

Yeah I just talked to kaspersky and am using their removal tool to remove both at once then re-install. Cheers

Will also use ccleaner too, but apparently its not good to use those on SSDs...

 

[JayTee3]

I look at the memory dump and see what the problem is and try to figure out a best guess as the cause.
2 overclock drivers tend to be related to hardware bit errrors. I stop debugging when I see the problem and a probable cause.

two installs the same antivirus at the same time is pretty strange. a big red flag.
you can do what you want and try to cut it apart but you will never know if you did it exactly correct.
do you know how you got it installed that way in the first place? running a 32 bit install and a 64 bit install?

you can not fix the virtual memory address these are created dynamically by the systems memory manager and some driver rather than getting a valid address mappong from memory to your pagefile.sys got a error code, and it should have acted on the error code but instead it used it as a memory address.
you would have to find the driver. But the driver could just be having errors related to the overclocking and the problem might not happened without the overclocking. or its more likely be one copy of your antivirus being messed up by the other copy using the same data structures.

1. You didn't answer my question
2. Why can't I just delete the old version? Why do I have to uninstall both? Just curious
3. Can i fix the virtual memory address? (The bogusness?)
[/quotemsg]

[/quotemsg]

You can't 'just' delete the old version because they share some of the same things in the registry, in drivers, in windows. You'll also end up with orphans as windows doesn't delete anything at all, ever. All windows 'delete' does is remove the address to the folder in storage. The data is all still there, until written over when windows assigns that address to something else. So 'just' deleting or even uninstalling by windows will leave gaps where drivers used by the new version will not be found, having been removed from access, making both versions bunk. Best to uninstall both, use ccleaner registry tool to remove any orphans left behind, install the one you want. Or use Revo Uninstaller.

I used kaspersky's uninstaller twice and then removed all mention of kaspersky in cc cleaner (there was 18.0 and 19.0 so i did see the confliction there)

All good to reinstall or should I do something else first?

Edit: Also deleted auto run of klids from kaspersky in autorun
Edit2: Deleted overclock drivers

 

[johnbl]

give it a try and see if you bugcheck

I look at the memory dump and see what the problem is and try to figure out a best guess as the cause.
2 overclock drivers tend to be related to hardware bit errrors. I stop debugging when I see the problem and a probable cause.

two installs the same antivirus at the same time is pretty strange. a big red flag.
you can do what you want and try to cut it apart but you will never know if you did it exactly correct.
do you know how you got it installed that way in the first place? running a 32 bit install and a 64 bit install?

you can not fix the virtual memory address these are created dynamically by the systems memory manager and some driver rather than getting a valid address mappong from memory to your pagefile.sys got a error code, and it should have acted on the error code but instead it used it as a memory address.
you would have to find the driver. But the driver could just be having errors related to the overclocking and the problem might not happened without the overclocking. or its more likely be one copy of your antivirus being messed up by the other copy using the same data structures.

1. You didn't answer my question
2. Why can't I just delete the old version? Why do I have to uninstall both? Just curious
3. Can i fix the virtual memory address? (The bogusness?)

[/quotemsg]

You can't 'just' delete the old version because they share some of the same things in the registry, in drivers, in windows. You'll also end up with orphans as windows doesn't delete anything at all, ever. All windows 'delete' does is remove the address to the folder in storage. The data is all still there, until written over when windows assigns that address to something else. So 'just' deleting or even uninstalling by windows will leave gaps where drivers used by the new version will not be found, having been removed from access, making both versions bunk. Best to uninstall both, use ccleaner registry tool to remove any orphans left behind, install the one you want. Or use Revo Uninstaller.

I used kaspersky's uninstaller twice and then removed all mention of kaspersky in cc cleaner (there was 18.0 and 19.0 so i did see the confliction there)

All good to reinstall or should I do something else first?

Edit: Also deleted auto run of klids from kaspersky in autorun
Edit2: Deleted overclock drivers[/quotemsg]

 

[JayTee3]

give it a try and see if you bugcheck

I did, but I hadn't had a BSOD in a week or two... so at least they're uncommon now

BF5, maybe due to me not upgrading my drivers that specifically say they're for bf5? or something else?

https://1drv.ms/u/s!AtKsB23i-mF6py5KnxRm3V35mwXm

 

[johnbl]

remove both overclock drivers and see if you still can get a bugcheck.
-----------
this last bugcheck happened when windows attempted to decompress a driver that was stored in memory,
after the decompression it found that the driver was corrupted and it had to replace the driver.
error was 7: kd> !error 0xc00002c4
Error code: (NTSTATUS) 0xc00002c4 (3221226180) - The system file %1 has become corrupt and has been replaced.

this can happen with old winodws 7 drivers that attempt to modify windows files in memory. it is not allowed any more. (malware and viruses do the same thing)

in your case since you have two overclock drivers, the assumption would be the overclock drivers would be the blame.
RivaTuner/EVGA Precision/MSI Afterburner
RTCore64.sys Fri Sep 30 05:03:17 2016

and NTIOLib_X64.sys (also from MSI Afterburner driver)

machine infogenereally if you use overclock drivers make sure they are newer than the cpu launch date)
cpu Launch Date Q1'17
Processor Version Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Processor Voltage 8bh - 1.1V
External Clock 100MHz
Max Speed 8300MHz
Current Speed 4200MHz

 

[maximobijy]

In terms of stuff I've done:

I've done a full memtest86, removed conflicting programs (anti-virus) and updated drivers to deal with this problem, sfc scans and more. FetLife IMVU Canva

Memtest86 turned out fine so I'm not really sure what the problem is. Help?

BSOD was bug check 0x00000139 in event viewer which is kernel_security_check_failure

There's been times when one of those items (or similar) has driver issues with USB

 

[JayTee3]

remove both overclock drivers and see if you still can get a bugcheck.
-----------
this last bugcheck happened when windows attempted to decompress a driver that was stored in memory,
after the decompression it found that the driver was corrupted and it had to replace the driver.
error was 7: kd> !error 0xc00002c4
Error code: (NTSTATUS) 0xc00002c4 (3221226180) - The system file %1 has become corrupt and has been replaced.

this can happen with old winodws 7 drivers that attempt to modify windows files in memory. it is not allowed any more. (malware and viruses do the same thing)

in your case since you have two overclock drivers, the assumption would be the overclock drivers would be the blame.
RivaTuner/EVGA Precision/MSI Afterburner
RTCore64.sys Fri Sep 30 05:03:17 2016

and NTIOLib_X64.sys (also from MSI Afterburner driver)

machine infogenereally if you use overclock drivers make sure they are newer than the cpu launch date)
cpu Launch Date Q1'17
Processor Version Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Processor Voltage 8bh - 1.1V
External Clock 100MHz
Max Speed 8300MHz
Current Speed 4200MHz

Might say the same thing since i forgot but see if u can find anything different here? <3

https://1drv.ms/u/s!AtKsB23i-mF6py_Kbm6XLlSgqooV

 

[johnbl]

basically the stack for the graphics nvidia graphics driver got corrupted.
I looked at the raw stack, and it looks like mostly a bunch of calls to the nvidia graphics driver.

you still have two overclock drivers running so I would assume that the GPU missed a hardware signal and was not able to complete its gpu software driver calls and the stack overflowed which caused a bugcheck in the graphics driver.

system was up for a hour, was running chrome

overclock drivers:
RTCore64.sys Fri Sep 30 05:03:17 2016
NTIOLib_X64.sys Wed Mar 29 00:26:33 2017

still have old webcam driver from 2011

your cpu came out Q1'17 your cpu overclock driver should be removed.

you can use autoruns to prevent the overclock drivers from loading
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

 

[JayTee3]

basically the stack for the graphics nvidia graphics driver got corrupted.
I looked at the raw stack, and it looks like mostly a bunch of calls to the nvidia graphics driver.

you still have two overclock drivers running so I would assume that the GPU missed a hardware signal and was not able to complete its gpu software driver calls and the stack overflowed which caused a bugcheck in the graphics driver.

system was up for a hour, was running chrome

overclock drivers:
RTCore64.sys Fri Sep 30 05:03:17 2016
NTIOLib_X64.sys Wed Mar 29 00:26:33 2017

still have old webcam driver from 2011

your cpu came out Q1'17 your cpu overclock driver should be removed.

you can use autoruns to prevent the overclock drivers from loading
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

went into autorun as admin and unticked and deleted those 2 drivers (I think i did that last time but they came back?)

Also what is the old webcam driver called from 2011?

 

[johnbl]

Logitech USB Video Class Driver (WebCam)
lvuvc64.sys Fri Aug 19 02:26:11 2011
(look for update from logitech)

sometimes drivers get reinstalled by a task in the task scheduler

hardware like the webcam will be detected by the windows plug and play and will reinstall a few seconds after you uninstall it. so you should update it or disable the hardware (in bios if there is a option)

basically the stack for the graphics nvidia graphics driver got corrupted.
I looked at the raw stack, and it looks like mostly a bunch of calls to the nvidia graphics driver.

you still have two overclock drivers running so I would assume that the GPU missed a hardware signal and was not able to complete its gpu software driver calls and the stack overflowed which caused a bugcheck in the graphics driver.

system was up for a hour, was running chrome

overclock drivers:
RTCore64.sys Fri Sep 30 05:03:17 2016
NTIOLib_X64.sys Wed Mar 29 00:26:33 2017

still have old webcam driver from 2011

your cpu came out Q1'17 your cpu overclock driver should be removed.

you can use autoruns to prevent the overclock drivers from loading
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

went into autorun as admin and unticked and deleted those 2 drivers (I think i did that last time but they came back?)

Also what is the old webcam driver called from 2011?

 

[JayTee3]

Logitech USB Video Class Driver (WebCam)
lvuvc64.sys Fri Aug 19 02:26:11 2011
(look for update from logitech)

sometimes drivers get reinstalled by a task in the task scheduler

hardware like the webcam will be detected by the windows plug and play and will reinstall a few seconds after you uninstall it. so you should update it or disable the hardware (in bios if there is a option)

basically the stack for the graphics nvidia graphics driver got corrupted.
I looked at the raw stack, and it looks like mostly a bunch of calls to the nvidia graphics driver.

you still have two overclock drivers running so I would assume that the GPU missed a hardware signal and was not able to complete its gpu software driver calls and the stack overflowed which caused a bugcheck in the graphics driver.

system was up for a hour, was running chrome

overclock drivers:
RTCore64.sys Fri Sep 30 05:03:17 2016
NTIOLib_X64.sys Wed Mar 29 00:26:33 2017

still have old webcam driver from 2011

your cpu came out Q1'17 your cpu overclock driver should be removed.

you can use autoruns to prevent the overclock drivers from loading
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

went into autorun as admin and unticked and deleted those 2 drivers (I think i did that last time but they came back?)

Also what is the old webcam driver called from 2011?

https://support.logitech.com/en_us/product/hd-pro-webcam-c920/downloads

Has a 2012 update so i guess ill install that and see what happens. Deleted lvuvc64.sys from auto run and will install this newer driver so ill see what happens

 

[JayTee3]

Logitech USB Video Class Driver (WebCam)
lvuvc64.sys Fri Aug 19 02:26:11 2011
(look for update from logitech)

sometimes drivers get reinstalled by a task in the task scheduler

hardware like the webcam will be detected by the windows plug and play and will reinstall a few seconds after you uninstall it. so you should update it or disable the hardware (in bios if there is a option)

basically the stack for the graphics nvidia graphics driver got corrupted.
I looked at the raw stack, and it looks like mostly a bunch of calls to the nvidia graphics driver.

you still have two overclock drivers running so I would assume that the GPU missed a hardware signal and was not able to complete its gpu software driver calls and the stack overflowed which caused a bugcheck in the graphics driver.

system was up for a hour, was running chrome

overclock drivers:
RTCore64.sys Fri Sep 30 05:03:17 2016
NTIOLib_X64.sys Wed Mar 29 00:26:33 2017

still have old webcam driver from 2011

your cpu came out Q1'17 your cpu overclock driver should be removed.

you can use autoruns to prevent the overclock drivers from loading
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

went into autorun as admin and unticked and deleted those 2 drivers (I think i did that last time but they came back?)

Also what is the old webcam driver called from 2011?

Update:
https://1drv.ms/u/s!AtKsB23i-mF6pzDOOQ4TionMrsWz

Still crashed

 

[johnbl]

same two overclock drivers still running.
bugcheck was in the graphics driver
you might boot into safe mode, then search the drive for the two drivers and delete them from your system so they are no longer running. then reboot into windows and run autoruns as an admin to confirm the drivers are not longer running.

bugcheck looks like a stack overflow. you might want to run Malwarebytes scan

if you have already removed the overclock drivers you might just want to reinstall windows from a clean install image. then make sure you do not install any add on utilities from your motherboard vendor. (just install the required drivers)

if you know that you do not have the drivers installed, then run a rootkit scan.

Logitech USB Video Class Driver (WebCam)
lvuvc64.sys Fri Aug 19 02:26:11 2011
(look for update from logitech)

sometimes drivers get reinstalled by a task in the task scheduler

hardware like the webcam will be detected by the windows plug and play and will reinstall a few seconds after you uninstall it. so you should update it or disable the hardware (in bios if there is a option)

basically the stack for the graphics nvidia graphics driver got corrupted.
I looked at the raw stack, and it looks like mostly a bunch of calls to the nvidia graphics driver.

you still have two overclock drivers running so I would assume that the GPU missed a hardware signal and was not able to complete its gpu software driver calls and the stack overflowed which caused a bugcheck in the graphics driver.

system was up for a hour, was running chrome

overclock drivers:
RTCore64.sys Fri Sep 30 05:03:17 2016
NTIOLib_X64.sys Wed Mar 29 00:26:33 2017

still have old webcam driver from 2011

your cpu came out Q1'17 your cpu overclock driver should be removed.

you can use autoruns to prevent the overclock drivers from loading
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

went into autorun as admin and unticked and deleted those 2 drivers (I think i did that last time but they came back?)

Also what is the old webcam driver called from 2011?

Update:
https://1drv.ms/u/s!AtKsB23i-mF6pzDOOQ4TionMrsWz

Still crashed

 

[JayTee3]

same two overclock drivers still running.
bugcheck was in the graphics driver
you might boot into safe mode, then search the drive for the two drivers and delete them from your system so they are no longer running. then reboot into windows and run autoruns as an admin to confirm the drivers are not longer running.

bugcheck looks like a stack overflow. you might want to run Malwarebytes scan

if you have already removed the overclock drivers you might just want to reinstall windows from a clean install image. then make sure you do not install any add on utilities from your motherboard vendor. (just install the required drivers)

if you know that you do not have the drivers installed, then run a rootkit scan.

Logitech USB Video Class Driver (WebCam)
lvuvc64.sys Fri Aug 19 02:26:11 2011
(look for update from logitech)

sometimes drivers get reinstalled by a task in the task scheduler

hardware like the webcam will be detected by the windows plug and play and will reinstall a few seconds after you uninstall it. so you should update it or disable the hardware (in bios if there is a option)

basically the stack for the graphics nvidia graphics driver got corrupted.
I looked at the raw stack, and it looks like mostly a bunch of calls to the nvidia graphics driver.

you still have two overclock drivers running so I would assume that the GPU missed a hardware signal and was not able to complete its gpu software driver calls and the stack overflowed which caused a bugcheck in the graphics driver.

system was up for a hour, was running chrome

overclock drivers:
RTCore64.sys Fri Sep 30 05:03:17 2016
NTIOLib_X64.sys Wed Mar 29 00:26:33 2017

still have old webcam driver from 2011

your cpu came out Q1'17 your cpu overclock driver should be removed.

you can use autoruns to prevent the overclock drivers from loading
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

went into autorun as admin and unticked and deleted those 2 drivers (I think i did that last time but they came back?)

Also what is the old webcam driver called from 2011?

Update:
https://1drv.ms/u/s!AtKsB23i-mF6pzDOOQ4TionMrsWz

Still crashed

How do I search after booting into safe mode and where do i delete them? It wasn't BSODing often till i upgraded graphics driver so i feel like its something to do with NVIDIA GeForce Experience possibly which i thought it might be idk.

I ran a malwarebytes scan and it was fine so idk.

 

[johnbl]

after you boot into safe mode with a command prompt. you would do the following commands
cd c:\
dir /s RTCore64.sys
this will search your driver and find all versions of the file for you
then you would use the path to the file and the del command.
like
del c:\windows\system32\driver\rtcore64.sys
(or what ever path the directory command returns)

do this for both drivers.
cd c:\
dir /s NTIOLib_X64.sys
then delete the files it finds

the problem still can be the graphic driver, you just remove the overclock drivers so to reduce the amount of timing issues in the gpu.

some graphics cards have problems with the gpu versions 400 and above and might need a firmware update. (or roll back the driver to a version 399 or less)

same two overclock drivers still running.
bugcheck was in the graphics driver
you might boot into safe mode, then search the drive for the two drivers and delete them from your system so they are no longer running. then reboot into windows and run autoruns as an admin to confirm the drivers are not longer running.

bugcheck looks like a stack overflow. you might want to run Malwarebytes scan

if you have already removed the overclock drivers you might just want to reinstall windows from a clean install image. then make sure you do not install any add on utilities from your motherboard vendor. (just install the required drivers)

if you know that you do not have the drivers installed, then run a rootkit scan.

Logitech USB Video Class Driver (WebCam)
lvuvc64.sys Fri Aug 19 02:26:11 2011
(look for update from logitech)

sometimes drivers get reinstalled by a task in the task scheduler

hardware like the webcam will be detected by the windows plug and play and will reinstall a few seconds after you uninstall it. so you should update it or disable the hardware (in bios if there is a option)

basically the stack for the graphics nvidia graphics driver got corrupted.
I looked at the raw stack, and it looks like mostly a bunch of calls to the nvidia graphics driver.

you still have two overclock drivers running so I would assume that the GPU missed a hardware signal and was not able to complete its gpu software driver calls and the stack overflowed which caused a bugcheck in the graphics driver.

system was up for a hour, was running chrome

overclock drivers:
RTCore64.sys Fri Sep 30 05:03:17 2016
NTIOLib_X64.sys Wed Mar 29 00:26:33 2017

still have old webcam driver from 2011

your cpu came out Q1'17 your cpu overclock driver should be removed.

you can use autoruns to prevent the overclock drivers from loading
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

went into autorun as admin and unticked and deleted those 2 drivers (I think i did that last time but they came back?)

Also what is the old webcam driver called from 2011?

Update:
https://1drv.ms/u/s!AtKsB23i-mF6pzDOOQ4TionMrsWz

Still crashed

How do I search after booting into safe mode and where do i delete them? It wasn't BSODing often till i upgraded graphics driver so i feel like its something to do with NVIDIA GeForce Experience possibly which i thought it might be idk.

I ran a malwarebytes scan and it was fine so idk.

 

[JayTee3]

after you boot into safe mode with a command prompt. you would do the following commands
cd c:\
dir /s RTCore64.sys
this will search your driver and find all versions of the file for you
then you would use the path to the file and the del command.
like
del c:\windows\system32\driver\rtcore64.sys
(or what ever path the directory command returns)

do this for both drivers.
cd c:\
dir /s NTIOLib_X64.sys
then delete the files it finds

the problem still can be the graphic driver, you just remove the overclock drivers so to reduce the amount of timing issues in the gpu.

some graphics cards have problems with the gpu versions 400 and above and might need a firmware update. (or roll back the driver to a version 399 or less)

same two overclock drivers still running.
bugcheck was in the graphics driver
you might boot into safe mode, then search the drive for the two drivers and delete them from your system so they are no longer running. then reboot into windows and run autoruns as an admin to confirm the drivers are not longer running.

bugcheck looks like a stack overflow. you might want to run Malwarebytes scan

if you have already removed the overclock drivers you might just want to reinstall windows from a clean install image. then make sure you do not install any add on utilities from your motherboard vendor. (just install the required drivers)

if you know that you do not have the drivers installed, then run a rootkit scan.

Logitech USB Video Class Driver (WebCam)
lvuvc64.sys Fri Aug 19 02:26:11 2011
(look for update from logitech)

sometimes drivers get reinstalled by a task in the task scheduler

hardware like the webcam will be detected by the windows plug and play and will reinstall a few seconds after you uninstall it. so you should update it or disable the hardware (in bios if there is a option)

basically the stack for the graphics nvidia graphics driver got corrupted.
I looked at the raw stack, and it looks like mostly a bunch of calls to the nvidia graphics driver.

you still have two overclock drivers running so I would assume that the GPU missed a hardware signal and was not able to complete its gpu software driver calls and the stack overflowed which caused a bugcheck in the graphics driver.

system was up for a hour, was running chrome

overclock drivers:
RTCore64.sys Fri Sep 30 05:03:17 2016
NTIOLib_X64.sys Wed Mar 29 00:26:33 2017

still have old webcam driver from 2011

your cpu came out Q1'17 your cpu overclock driver should be removed.

you can use autoruns to prevent the overclock drivers from loading
https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

went into autorun as admin and unticked and deleted those 2 drivers (I think i did that last time but they came back?)

Also what is the old webcam driver called from 2011?

Update:
https://1drv.ms/u/s!AtKsB23i-mF6pzDOOQ4TionMrsWz

Still crashed

How do I search after booting into safe mode and where do i delete them? It wasn't BSODing often till i upgraded graphics driver so i feel like its something to do with NVIDIA GeForce Experience possibly which i thought it might be idk.

I ran a malwarebytes scan and it was fine so idk.

If this is the same thing u dont need to reply but i got another one and wondering if its something else https://1drv.ms/u/s!AtKsB23i-mF6pzEj6m7HYLutXz8d

I'll remove the drivers now though. No need to reply if its the same thing as before.