Weird Source in event viewer

D

DomQk

I was looking for the process that was preventing my shutdown in Event Viewer, I found it and it was BTServer.exe that was stopping it, but the Source of it was called Winsrv, I did a goole search on it and it said that it was a trojan, I have strong doubt because it said Winsrv.exe was a trojan but I just want to make sure its normal or not. So is the source Winsrv in Event Viewer Normal?

(Also if anyone knows how to fix the BTServer.exe preventing shutdown thing, that would also help)


Log for it:

Log Name: Application
Source: Microsoft-Windows-Winsrv
Date: 6/2/2020 11:45:13 PM
Event ID: 10001
Task Category: None
Level: Information
Keywords:
User: SYSTEM
Computer: DESKTOP-EEKID34
Description:
The following application attempted to veto the shutdown: BTServer.exe.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Winsrv" Guid="{9d55b53d-449b-4824-a637-24f9d69aa02f}" />
<EventID>10001</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2020-06-03T03:45:13.133768300Z" />
<EventRecordID>6447</EventRecordID>
<Correlation />
<Execution ProcessID="12456" ThreadID="11388" />
<Channel>Application</Channel>
<Computer>DESKTOP-EEKID34</Computer>
<Security UserID="S-1-5-18" />
</System>
<UserData>
<VetoAppEvent xmlns="http://manifests.microsoft.com/win/2004/08/windows/winsrv">
<AppName>BTServer.exe</AppName>
<ResponseTime>47</ResponseTime>
</VetoAppEvent>
</UserData>
</Event>

Continue reading...
 

Similar threads

Back
Top Bottom