Frequent BSOD (IRQL_NOT_LESS_OR_EQUAL)

After a few hours my PC will BSOD. It usually says, "IRQL_NOT_LESS_OR_EQUAL".

Normally it happens while playing League of Legends (yes I know ). As you can observe in the BLUESCREENVIEW.jpg file vgk.sys - the Vanguard anti-cheat software, may have some responsibility.

As you can probably tell I used the Verifier utility to try to diagnose or fix the problem.

Additionally, to make things more confusing - while it was attempting to perform an automatic fix, an interface showed up for Driverpack asking if I wanted to install drivers. I have never downloaded Driverpack this is a prebuilt PC. Malwarebytes did not find Driverpack. I don't understand?

According to this unrelated advisor here it is recommended to update my BIOS and reinstall the Vanguard anti-cheat software:

https://answers.microsoft.com/en-us/windows/forum/all/various-bluescreens-due-to-vgksys/06658c38-4d49-4859-b273-25af613fd790

If true, is this the correct BIOS?:

https://www.asus.com/motherboards-components/motherboards/prime/prime-b560m-a-ac/helpdesk_bios?model2Name=PRIME-B560M-A-AC

I make mistakes sometimes, I just need affirmation before bricking my computer.

edit2: ok it happened again; games and anti-cheat programmes are irrelevant 

edit3: I updated my BIOS!

My specs are as follows:

OS Name    Microsoft Windows 10 Pro
Version    10.0.19045 Build 19045
Other OS Description     Not Available
OS Manufacturer    Microsoft Corporation
System Name    WIN-VUAG7C42TKJ
System Manufacturer    ASUS
System Model    System Product Name
System Type    x64-based PC
System SKU    SKU
Processor    11th Gen Intel® Core™ i5-11400 @ 2.60GHz, 2592 Mhz, 6 Core(s), 12 Logical Processor(s)
BIOS Version/Date    American Megatrends Inc. 0820, 27/04/2021
SMBIOS Version    3.3
Embedded Controller Version    255.255
BIOS Mode    UEFI
BaseBoard Manufacturer    ASUSTeK COMPUTER INC.
BaseBoard Product    PRIME B560M-A AC
BaseBoard Version    Rev 1.xx
Platform Role    Desktop
Secure Boot State    Off
PCR7 Configuration    Elevation Required to View
Windows Directory    C:\Windows
System Directory    C:\Windows\system32
Boot Device    \Device\HarddiskVolume1
Locale    United States
Hardware Abstraction Layer    Version = "10.0.19041.3636"
Username    WIN-VUAG7C42TKJ\user
Time Zone    GMT Standard Time
Installed Physical Memory (RAM)    16.0 GB
Total Physical Memory    15.8 GB
Available Physical Memory    7.14 GB
Total Virtual Memory    22.8 GB
Available Virtual Memory    12.7 GB
Page File Space    7.00 GB
Page File    C:\pagefile.sys
Kernel DMA Protection    Off
Virtualisation-based security    Not enabled
Device Encryption Support    Elevation Required to View
Hyper-V - VM Monitor Mode Extensions    Yes
Hyper-V - Second Level Address Translation Extensions    Yes
Hyper-V - Virtualisation Enabled in Firmware    Yes
Hyper-V - Data Execution Protection    Yes

edit: Malwarebytes didn't find Driverpack neither Uninstalr.

Edited by EldenBling, 06 November 2024 - 05:30 PM.

Hi, you must have missed this : https://www.bleepingcomputer.com/forums/t/576314/blue-screen-of-death-bsod-posting-instructions-windows-vista-through-to-11/

So what you have uploaded to make room for more go to your Name Top Right Corner then Click on it then My Settings then Left Side click on Manage Attachments and delete what you have uploaded already.

Note : A Speccy Report (URL) is needed to help you fully.  After the Report you can Open a Admin CMD Prompt and type ipconfig /release and Reboot to get a new IP Address.

Not sure what you have done with your BIOS as this Bios Version is the Current Version : 2001   Date :  2023/03/07

from your PRIME B560M-A AC Motherboard Support Page : https://www.asus.com/motherboards-components/motherboards/prime/prime-b560m-a-ac/helpdesk_bios?model2Name=PRIME-B560M-A-AC

As well the Intel ME Version 15.0.21.1549_S on the same page needed to be installed.

NOTE : Further if you have done a Clean Install at anytime the 1st thing after doing so is to install your Chipset Drivers followed by the SATA after a Reboot then the lessor drivers with reboots from your M/B Support Page.

You cannot ignore the Driver Verifier detected BSOD caused by vgk.sys. It might not be the only cause of problems on your system, but Driver Verifier flagged vgk.sys in that dump because vgk.sys unloaded without first freeing memory pools. That is a misbehaving driver and that cannot be ignored. The vgk.sys driver is a well-known cause of BSODs and you should contact Riot Games support to find a resolution to that issue. Make that dump available to them if they ask for it.

However, the other dumps look as though bad RAM might be a more likely cause. I would test your RAM with Memest86 and let us know the result....

• Download Memtest86 (free), use the imageUSB.exe tool extracted from the download to make a bootable USB drive containing Memtest86 (1GB is plenty big enough). Do this on a different PC if you can, because you can't fully trust yours at the moment.
• Then boot that USB drive on your PC, Memtest86 will start running as soon as it boots.
• If no errors have been found after the four iterations of the 13 different tests that the free version does, then restart Memtest86 and do another four iterations. Even a single bit error is a failure.

Thanks for responding.

Sorry for the delay I had to buy new USBs, also I reinstalled Windows, installed Vanguard then ran the Verifier and the problem persisted, it broke my Windows OS so I reinstalled Windows and formatted the C drive; I'm hoping sacrificing all that data achieved something. 

I ran the Windows memory test, I used a laptop to build a Mem86 drive and ran two 4-part Mem86 tests, and then I ran the RAM benchmark, I had no errors. 

I'm wondering if I should run the Verifier so we can confirm whether I still have issues. I probably won't go near a game with anti-cheat again, so I certainly won't be reproducing the same errors.

Yes, enable Driver Verifier again for 48 hours. Try to use every app, device, and feature to ensure that every third-party driver gets loaded at some point.

It happened again due to the activation of NordVPN. NordVPN opens at startup, so immediate bluescreen upon reboot.

edit: it also looks like i missed a bluescreen yesterday while afk ? this pc is cooked

edit: SysnativeFileCollectionApp isn't doing anything in the Documents folder also my audio is clipping

Edited by EldenBling, 10 November 2024 - 02:39 PM.

You will have to tell Defender to Allow you to Run the App.  https://www.majorgeeks.com/files/details/configuredefender.html

NordVPN does do that to some systems.  Contact Nord or switch VPN.

GIGABYTE-NVMe-SSD  - https://www.aorus.com/en-ca/components/GIGABYTE-NVMe-SSD-1TB/Support

Stop taking Microsoft Optional Update Drivers, especially Video Drivers : https://www.tenforums.com/tutorials/146562-prevent-windows-update-updating-specific-device-driver.html

Use DDU : to remove MS Video Supplied Drivers. 

Use Drivers from here : https://www.techspot.com/drivers/manufacturer/nvidia_geforce/ If do not use Gforce Experience do not install it.

Intel Video : https://ark.intel.com/content/www/us/en/ark/products/212270/intel-core-i5-11400-processor-12m-cache-up-to-4-40-ghz.html  Note : When Intel deems Chip Obsolete they remove the Download Link.

Yeah I mean SysnativeFileCollectionApp is not conjuring an output in the Document folder where it's supposed to. I didn't experience bluescreens from Nord which I've been using for many months until now,so I think it's weird and coincides with whatever's going on with my computer.

Is there another way to post bluescreen dumps?

Just bluescreened again so it's not Nord, for sure.

edit:

"If do not use Gforce Experience do not install it."

i am using geforce experience. I haven't taken any optional drivers just whatever the updates gave me automatically

Edited by EldenBling, 10 November 2024 - 05:30 PM.

Well stop : Do not take Optional as per below.

NVIDIA Display driver update released in June 202

This also shows you are running : Win 10 Version 21H2    : https://www.microsoft.com/en-ca/software-download/windows10   Update to 22H2

I ran the DDU twice in safe mode with the 'prevent Windows update driver' option toggled on. I  used both the gpu and audio options. But it looks like the drivers you listed are still there? Should I go into recovery and uninstall Windows updates, should I reinstall Windows and start over?

http://speccy.piriform.com/results/X6tujsaJ2e0mJtmwMHeQ3xa

Edited by EldenBling, 10 November 2024 - 06:36 PM.

More concerned as to why reporting running 21H2 and why your system has not updated to 22H2 Build # 19045.5073   which would probably fix issues.

In Settings --> System--< About what does it say ?       If 21H2  should attempt to find and fix reasons to why not updating.

As well not able to run SysnativeCollectionApp is a problem to helping you and is a possible sign of Malware if not able to run it if have Configured Defender properly to allow it to run.

- https://support.microsoft.com/en-us/windows/add-an-exclusion-to-windows-security-811816c0-4dfd-af4a-47e4-c301afe13b26

Scan : https://learn.microsoft.com/en-us/defender-endpoint/safety-scanner-download#how-to-run-a-scan  if no download and no ability run, issues....

Download Minitoolbox from the below link :
http://www.bleepingcomputer.com/download/minitoolbox/
  Run the tool and only select the following tick boxes.
    -List last 10 Event viewer errors
    -List installed programs
    -List devices
    -List users, partition and memory size
Now click "Go" and Copy/Paste and post the output text in your next reply   Note : Not a file is copy and paste in a reply not a Quote Box.

If the Sysnative app won't run, and if you've had BSODs with Driver Verifier enabled, then please upload the relevant minidumps from the c:\Windows\minidumps folder.

Edited by ubuysa, 11 November 2024 - 05:21 AM.

MiniToolBox by Farbar  Version: 13-05-2022
Ran by user (administrator) on 11-11-2024 at 12:53:59
Running from "C:\Users\user\Downloads"
Microsoft Windows 10 Pro  (X64)
Model: System Product Name Manufacturer: ASUS
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/11/2024 12:23:10 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/11/2024 12:23:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/11/2024 12:22:45 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (11/11/2024 01:49:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nioh2.exe, version: 1.0.0.0, time stamp: 0x6038d132
Faulting module name: nioh2.exe, version: 1.0.0.0, time stamp: 0x6038d132
Exception code: 0xc0000005
Fault offset: 0x00000000001a74cf
Faulting process ID: 0x1b00
Faulting application start time: 0x01db33d2481371b5
Faulting application path: C:\Nioh 2. Complete Edition\nioh2.exe
Faulting module path: C:\Nioh 2. Complete Edition\nioh2.exe
Report ID: 9f13a6cd-dc8b-4691-9c21-922b26d021cf
Faulting package full name:
Faulting package-relative application ID:

Error: (11/10/2024 11:23:40 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1017) (User: NT AUTHORITY)
Description: Disabled performance counter data collection from the "BITS" service because the performance counter library for that service has generated one or more errors. The errors that forced this action have been written to the application event log. Correct the errors before enabling the performance counters for this service.

Error: (11/10/2024 11:23:40 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1011) (User: NT AUTHORITY)
Description: The Close procedure in Extensible Counter DLL "C:\Windows\System32\bitsperf.dll" for the "BITS" service generated exception 3221225477 at address 0x7fff177c22ef. The performance data returned by the counter DLL will not be returned in the Perf Data Block.

Error: (11/10/2024 11:23:37 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: WIN-3GAT26L0KVQ)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (11/10/2024 11:20:12 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (11/10/2024 11:19:44 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x80004005
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (11/10/2024 11:07:59 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: WIN-3GAT26L0KVQ)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.


System errors:
=============
Error: (11/11/2024 12:25:29 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (11/10/2024 11:23:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Energy Server Service queencreek service terminated unexpectedly. It has done this 1 time(s).

Error: (11/10/2024 11:21:28 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (11/10/2024 11:18:11 PM) (Source: DCOM) (EventID: 10005) (User: WIN-3GAT26L0KVQ)
Description: Event-ID 10005

Error: (11/10/2024 11:17:59 PM) (Source: DCOM) (EventID: 10005) (User: WIN-3GAT26L0KVQ)
Description: Event-ID 10005

Error: (11/10/2024 11:17:59 PM) (Source: DCOM) (EventID: 10005) (User: WIN-3GAT26L0KVQ)
Description: Event-ID 10005

Error: (11/10/2024 11:17:58 PM) (Source: DCOM) (EventID: 10005) (User: WIN-3GAT26L0KVQ)
Description: Event-ID 10005

Error: (11/10/2024 11:17:58 PM) (Source: DCOM) (EventID: 10005) (User: WIN-3GAT26L0KVQ)
Description: Event-ID 10005

Error: (11/10/2024 11:17:52 PM) (Source: DCOM) (EventID: 10005) (User: WIN-3GAT26L0KVQ)
Description: Event-ID 10005

Error: (11/10/2024 11:17:49 PM) (Source: DCOM) (EventID: 10005) (User: WIN-3GAT26L0KVQ)
Description: Event-ID 10005


Windows Defender:
================Event[0]:

Date: 2024-11-10 23:16:45
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2024-11-10 23:02:19
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2024-11-10 22:55:06
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2024-11-09 00:34:41
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Security intelligence Version: 0.0.0.0;0.0.0.0
Engine Version: 0.0.0.0

CodeIntegrity Errors:
====================
Date: 2024-11-09 16:15:18
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7e237aa935a1ca2e\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2024-11-07 15:23:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Program Files\OldNewExplorer\OldNewExplorer64.dll that did not meet the Microsoft signing level requirements.


=========================== Installed Programs ============================

7-Zip 24.08 (x64) (HKLM\...\7-Zip) (Version: 24.08 - Igor Pavlov)
CrystalDiskInfo 9.4.4 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.4.4 - Crystal Dew World)
Display Driver Uninstaller (HKLM-x32\...\Display Driver Uninstaller) (Version: 18.0.8.5 - Wagnardsoft)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Dynamic Application Loader Host Interface Service (HKLM\...\{A28339C8-E641-4CCE-A316-56F405D1C245}) (Version: 1.0.0.0 - Intel Corporation) Hidden
ENE Video Capture Box HAL (HKLM\...\{A096611D-BA11-4A1A-8D09-0A0462D7C8F2}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE Video Capture Box HAL (HKLM-x32\...\{974259bf-3ed1-4cd6-9ed1-40c7f601a786}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{5D2EC6F2-7EC3-486E-A144-7174E537A148}) (Version: 1.0.14.4 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{35a6f7ad-3ff5-4bdc-89a5-e166ef586e81}) (Version: 1.0.14.4 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{c1d017c2-8846-4000-9254-5689eccd462e}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.12.7 - ENE Tech) Hidden
ENE_External_Device_HAL (HKLM-x32\...\{a7b1cf47-d8f0-423d-9494-568195f1c864}) (Version: 1.0.12.7 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM-x32\...\{c662a481-d76a-4188-95d2-6eb4ffd55542}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
foobar2000 v2.1.6 (x64) (HKLM\...\foobar2000 (x64)) (Version: 2.1.6 - Peter Pawlowski)
Fortect (HKLM\...\Fortect) (Version: 7.2.0.0 - Fortect)
GBT_RGB_Sync_Control 24.10.24.01 (HKLM\...\GBT_RGB_Sync_Control) (Version: 24.10.24.01 - GIGABYTE)
GIGABYTE Control Center 24.10.28.01 (HKLM\...\GIGABYTE Control Center) (Version: 24.10.28.01 - GIGABYTE)
GIGABYTE Storage Library (HKLM\...\MBStorage) (Version: 24.10.24.01 - GIGABYTE)
Intel® Computing Improvement Program (HKLM\...\{89E7E64C-A30C-4D24-9D12-B354CA2335DE}) (Version: 2.4.10888 - Intel Corporation)
Intel® Computing Improvement Program (HKLM-x32\...\{52604e87-fb55-46fb-a713-246a540b1221}) (Version: 2.4.10888 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2101.15.0.2080 - Intel Corporation)
KeePass Password Safe 2.57.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.57.1 - Dominik Reichl)
Microsoft Office Professional Plus 2021 (HKLM\...\ProPlus2021Retail - en-us) (Version: 16.0.14729.20260 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox (x64 en-GB) (HKLM\...\Mozilla Firefox 132.0.1 (x64 en-GB)) (Version: 132.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 132.0.1 - Mozilla)
MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.4.4.821 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.29.4.0 - Nord Security)
NVIDIA Graphics Driver 565.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 565.90 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.4.2.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.2.6 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0419-0000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.1 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{07236f40-ec25-4646-8cb6-b6aaf1597324}) (Version: 1.1.0.1 - Patriot Memory) Hidden
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 24.10.15.0 - Kakao Corp.)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 5.0.1 - The qBittorrent project)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9050.1 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.3.4 (HKLM-x32\...\RTSS) (Version: 7.3.4 - Unwinder)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
SoulseekQt version 2024.2.1 (HKLM\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2024.2.1 - Soulseek LLC)
Speccy (HKLM\...\Speccy) (Version: 1.33 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Verbatim_SureFireGaming_Product (HKLM-x32\...\{d601832a-0d94-46ce-9b19-78e8a5887313}) (Version: 1.0.3.11 - Verbatim) Hidden
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2024-11-09] (Microsoft Corporation)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1800.640.0_x64__8wekyb3d8bbwe [2024-11-09] (Microsoft Corporation)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-11-09] (INTEL CORP)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-11-10] (NVIDIA Corp.)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2024.1023.300_x64__8wekyb3d8bbwe [2024-11-10] (Microsoft Corporation)
Spotify - Music and Podcasts -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.249.439.0_x64__zpdnekdrzrea0 [2024-11-10] (Spotify AB) [Startup Task]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2024-11-10] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x86__8wekyb3d8bbwe [2024-11-10] (Microsoft Corporation)
WindowsAppRuntime.1.4 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.4_4000.1309.2056.0_x64__8wekyb3d8bbwe [2024-11-09] (Microsoft Corporation)
WindowsAppRuntime.1.4 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.4_4000.1309.2056.0_x86__8wekyb3d8bbwe [2024-11-09] (Microsoft Corporation)
WindowsAppRuntime.1.5 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.5_5001.275.500.0_x64__8wekyb3d8bbwe [2024-11-09] (Microsoft Corporation)
WindowsAppRuntime.1.5 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.5_5001.275.500.0_x86__8wekyb3d8bbwe [2024-11-09] (Microsoft Corporation)

========================= Devices: ================================

Name:
Description:
Class Guid:
Manufacturer:
Service:
Device ID: ACPI\INT34C6\2&DABA3FF&1
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Device
Description: PCI Device
Class Guid:
Manufacturer:
Service:
Device ID: PCI\VEN_8086&DEV_43A4&SUBSYS_86941043&REV_11\3&11583659&0&FD
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Device
Description: PCI Device
Class Guid:
Manufacturer:
Service:
Device ID: PCI\VEN_8086&DEV_43E8&SUBSYS_86941043&REV_11\3&11583659&0&A8
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Device ID: PCI\VEN_8086&DEV_43A3&SUBSYS_86941043&REV_11\3&11583659&0&FC
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 16221.47 MB
Available physical RAM: 9505.36 MB
Total Virtual: 32605.47 MB
Available Virtual: 21990.95 MB

========================= Partitions: =====================================

1 Drive c: (Windows 10) (Fixed) (Total:953.26 GB) (Free:747.82 GB) NTFS
2 Drive e: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:50.64 GB) NTFS

========================= Users: ========================================

User accounts for \\WIN-3GAT26L0KVQ

Administrator            DefaultAccount           Guest                    
user                     WDAGUtilityAccount       


**** End of log ****

Sysnative app ran and finished twice it just didn't output a zip, likely because I didn't configure ConfigureDefender correctly. I used

Start  > Settings  > Update & Security  > Windows Security > Virus & threat protection instead this time. Sorry if I'm making this difficult.

edit: I ran msert.exe for malware I'm clean

Edited by EldenBling, 11 November 2024 - 10:41 AM.