Content blocked: svchost.exe


zbook said:
Plan to use the computer with a power source so that the Nvidia hardware / driver can be tested during multiple purposes (regular use, gaming, etc.)



After several days of use :

Run administrative command prompt: > post share links

wevtutil epl SYSTEM "%userprofile%\Desktop\System.evt"

wevtutil epl APPLICATION "%userprofile%\Desktop\Application.evt"
Click to expand...
I've put those files in this folder:

evt files - Google Drive

drive.google.com drive.google.com
 

My Computer My Computer

At a glance

Win 11Ryzen 7 6900 HS32 GB RAMRTX 3050ti
OS
Win 11
Computer type
Laptop
Manufacturer/Model
Lenovo
CPU
Ryzen 7 6900 HS
Memory
32 GB RAM
Graphics Card(s)
RTX 3050ti
Today is 03/18/26.

No new BSODs reported.

Last unexpected shutdown was 03/11.

Looks good.




Code: 
The previous system shutdown at 8:32:52 AM on ‎3/‎11/‎2026 was unexpected.
 

My Computer My Computer

At a glance

Windows 10Intel(R) Core(TM) i7-4800MQ CPU @ 2.70GHz16 GB Total: Manufacturer : Samsung MemoryTyp...NVIDIA Quadro K3100M; Intel(R) HD Graphics 4600
OS
Windows 10
Computer type
Laptop
Manufacturer/Model
HP
CPU
Intel(R) Core(TM) i7-4800MQ CPU @ 2.70GHz
Motherboard
Product : 190A Version : KBC Version 94.56
Memory
16 GB Total: Manufacturer : Samsung MemoryType : DDR3 FormFactor : SODIMM Capacity : 8GB Speed : 1600
Graphics Card(s)
NVIDIA Quadro K3100M; Intel(R) HD Graphics 4600
Sound Card
IDT High Definition Audio CODEC; PNP Device ID HDAUDIO\FUNC_01&VEN_111D&DEV_76E0
Hard Drives
Model Hitachi HTS727575A9E364
Antivirus
Microsoft Defender
Other Info
Mobile Workstation

My Computer My Computer

At a glance

Win 11Ryzen 7 6900 HS32 GB RAMRTX 3050ti
OS
Win 11
Computer type
Laptop
Manufacturer/Model
Lenovo
CPU
Ryzen 7 6900 HS
Memory
32 GB RAM
Graphics Card(s)
RTX 3050ti
1) Please post a new V2 share link into the newest post



2) Run the Farbar Recovery Scan Tool Download

Downloading Farbar Recovery Scan Tool

Downloading Farbar Recovery Scan Tool. Farbar Recovery Scan Tool, or FRST, is a portable application designed to run on Windows XP, Windows Vista, Windows 7, Windows 8, and Windows 10 in normal or safe mode to diagnose malware issues.
www.bleepingcomputer.com www.bleepingcomputer.com

www.bleepingcomputer.com

Download Farbar Recovery Scan Tool

Farbar Recovery Scan Tool, or FRST, is a portable application designed to run on Windows XP, Windows Vista, Windows 7, Windows 8, and Windows 10 in normal or safe mode to diagnose malware issues.
www.bleepingcomputer.com www.bleepingcomputer.com

Note: The computer's antivirus program may report FRST incorrectly as an infection.
If so, disable the real-time protection when downloading and running FRST.
Right-click to run the tool as administrator.
When the tool opens run the tool as administrator.
When the tool opens click Yes to disclaimer.
Note: Ensure that the Addition.txt check box is checked at the bottom of the form within the Optional Scan area.
Press the Scan button.
Please wait for the tool to finish.
It will produce two logfiles called FRST.txt and Addition.txt in the same directory the tool is run from (which should be the desktop)
Post the logfiles FRST.txt and Addition.txt as attachments in your next reply.
 

My Computer My Computer

At a glance

Windows 10Intel(R) Core(TM) i7-4800MQ CPU @ 2.70GHz16 GB Total: Manufacturer : Samsung MemoryTyp...NVIDIA Quadro K3100M; Intel(R) HD Graphics 4600
OS
Windows 10
Computer type
Laptop
Manufacturer/Model
HP
CPU
Intel(R) Core(TM) i7-4800MQ CPU @ 2.70GHz
Motherboard
Product : 190A Version : KBC Version 94.56
Memory
16 GB Total: Manufacturer : Samsung MemoryType : DDR3 FormFactor : SODIMM Capacity : 8GB Speed : 1600
Graphics Card(s)
NVIDIA Quadro K3100M; Intel(R) HD Graphics 4600
Sound Card
IDT High Definition Audio CODEC; PNP Device ID HDAUDIO\FUNC_01&VEN_111D&DEV_76E0
Hard Drives
Model Hitachi HTS727575A9E364
Antivirus
Microsoft Defender
Other Info
Mobile Workstation
Thanks

FRST.txt and Addition.txt here:

frst64 - Google Drive

drive.google.com drive.google.com

No malware found.

Also had Claude help out with the open issues:

1774405538134.webp
 

My Computer My Computer

At a glance

Win 11Ryzen 7 6900 HS32 GB RAMRTX 3050ti
OS
Win 11
Computer type
Laptop
Manufacturer/Model
Lenovo
CPU
Ryzen 7 6900 HS
Memory
32 GB RAM
Graphics Card(s)
RTX 3050ti
1) Please post a new V2 share link into the newest post

www.elevenforum.com

BSOD - Posting Instructions

BSOD - Posting Instructions This will show you how to help provide needed information about your system and dump files. It will not contain any personal or sensitive information about you or your data. To get better help with your Windows BSOD issue, please read these instructions and follow...
www.elevenforum.com www.elevenforum.com



2) Open administrative command prompt and type or copy and paste:

fltmc

Post a share link.
 

My Computer My Computer

At a glance

Windows 10Intel(R) Core(TM) i7-4800MQ CPU @ 2.70GHz16 GB Total: Manufacturer : Samsung MemoryTyp...NVIDIA Quadro K3100M; Intel(R) HD Graphics 4600
OS
Windows 10
Computer type
Laptop
Manufacturer/Model
HP
CPU
Intel(R) Core(TM) i7-4800MQ CPU @ 2.70GHz
Motherboard
Product : 190A Version : KBC Version 94.56
Memory
16 GB Total: Manufacturer : Samsung MemoryType : DDR3 FormFactor : SODIMM Capacity : 8GB Speed : 1600
Graphics Card(s)
NVIDIA Quadro K3100M; Intel(R) HD Graphics 4600
Sound Card
IDT High Definition Audio CODEC; PNP Device ID HDAUDIO\FUNC_01&VEN_111D&DEV_76E0
Hard Drives
Model Hitachi HTS727575A9E364
Antivirus
Microsoft Defender
Other Info
Mobile Workstation
These were some blocked Path: C:\Windows\System32\svchost.exe

Process Name: C:\Windows\System32\lsass.exe



AI:

Common Fixes:
  • Address Credential Stealing Rules: If lsass.exe is blocked, it is likely a false positive on a security app; temporary disabling or creating an exclusion is necessary.






Code: 
Windows Defender:
================
Date: 2026-03-24 18:34:20
Description:
Microsoft Defender Exploit Guard has blocked an operation that is not allowed by your IT administrator.
For more information please contact your IT administrator.
Detection time: 2026-03-25T01:34:20.188Z
Path: C:\Windows\System32\svchost.exe
Process Name: C:\Windows\System32\lsass.exe
Target Commandline:
Parent Commandline:
Involved File:
Inheritance Flags: 0x00000000
Security intelligence Version: 1.445.744.0
Engine Version: 1.1.26010.1
Product Version: 4.18.26010.5


Code: 
Date: 2026-03-24 13:00:37
Description:
Microsoft Defender Exploit Guard has blocked an operation that is not allowed by your IT administrator.
For more information please contact your IT administrator.
Detection time: 2026-03-24T20:00:37.770Z
Path: C:\Windows\System32\svchost.exe
Process Name: C:\Windows\System32\lsass.exe
Target Commandline:
Parent Commandline:
Involved File:
Inheritance Flags: 0x00000000
Security intelligence Version: 1.445.744.0
Engine Version: 1.1.26010.1
Product Version: 4.18.26010.5


Code: 
Date: 2026-03-24 12:44:36
Description:
Microsoft Defender Exploit Guard has blocked an operation that is not allowed by your IT administrator.
For more information please contact your IT administrator.
Detection time: 2026-03-24T19:44:36.718Z
Path: C:\Windows\System32\svchost.exe
Process Name: C:\Windows\System32\lsass.exe
Target Commandline:
Parent Commandline:
Involved File:
Inheritance Flags: 0x00000000
Security intelligence Version: 1.445.736.0
Engine Version: 1.1.26010.1
Product Version: 4.18.26010.5


Code: 
Date: 2026-03-24 09:09:01
Description:
Microsoft Defender Exploit Guard has blocked an operation that is not allowed by your IT administrator.
For more information please contact your IT administrator.
Detection time: 2026-03-24T16:09:01.227Z
Path: C:\Windows\System32\svchost.exe
Process Name: C:\Windows\System32\lsass.exe
Target Commandline:
Parent Commandline:
Involved File:
Inheritance Flags: 0x00000000
Security intelligence Version: 1.445.736.0
Engine Version: 1.1.26010.1
Product Version: 4.18.26010.5


Code: 
Date: 2026-03-24 08:58:58
Description:
Microsoft Defender Exploit Guard has blocked an operation that is not allowed by your IT administrator.
For more information please contact your IT administrator.
Detection time: 2026-03-24T15:58:58.877Z
Path: C:\Windows\System32\svchost.exe
Process Name: C:\Windows\System32\lsass.exe
Target Commandline:
Parent Commandline:
Involved File:
Inheritance Flags: 0x00000000
Security intelligence Version: 1.445.734.0
Engine Version: 1.1.26010.1
Product Version: 4.18.26010.5
 

My Computer My Computer

At a glance

Windows 10Intel(R) Core(TM) i7-4800MQ CPU @ 2.70GHz16 GB Total: Manufacturer : Samsung MemoryTyp...NVIDIA Quadro K3100M; Intel(R) HD Graphics 4600
OS
Windows 10
Computer type
Laptop
Manufacturer/Model
HP
CPU
Intel(R) Core(TM) i7-4800MQ CPU @ 2.70GHz
Motherboard
Product : 190A Version : KBC Version 94.56
Memory
16 GB Total: Manufacturer : Samsung MemoryType : DDR3 FormFactor : SODIMM Capacity : 8GB Speed : 1600
Graphics Card(s)
NVIDIA Quadro K3100M; Intel(R) HD Graphics 4600
Sound Card
IDT High Definition Audio CODEC; PNP Device ID HDAUDIO\FUNC_01&VEN_111D&DEV_76E0
Hard Drives
Model Hitachi HTS727575A9E364
Antivirus
Microsoft Defender
Other Info
Mobile Workstation
You must log in or register to reply here.

Similar threads

Solved Win11, Updates nuking computer? 'CRITICAL_PROCESS DIED', Boot loop
Replies
7
Views
6K
FreeBooter
FreeBooter
  • Article Article
Insider KB5009380 CU Windows 11 Insider Preview Dev Build 22518.1012 - Dec. 10
5 6 7
Replies
132
Views
30K
AdamE
AdamE

Latest Support Threads

Latest Tutorials

Back
Top Bottom