Sign in to follow this  
Followers 0
marenqo

svchost.exe killing me

25 posts in this topic

Any news on this? My pc has been infected now for over a week and I have been posting on my different forums, unfortunately without success of resolving this....

0

Share this post


Link to post
Share on other sites

Of course, you didn't do what MagicAndre1981 asked. If you don't post a full memory dump generated at time the you get the peak of memory usage, then nobody can know what going wrong on your computer. Don't blame on others your lack of knowledge and abilities.

0

Share this post


Link to post
Share on other sites

configure your system to generate a full crash dump:

zip the dump and upload it to mediafire.com

Here is the memory dump instructions again.

Also, I fixed the typo in the topic title, seeing the word "svshot" was killing me

0

Share this post


Link to post
Share on other sites

It would be worthwhile to run sfc /scannow. You could also use Dial-a-fix since you're on XP.

0

Share this post


Link to post
Share on other sites

Sorry for the delay, I was on the Kaspersky channel. They don't know what it is there either and I uploaded a million of things there. Fortunately I am not the only one and they are working on it

Please find the zipped file here: http://www.mediafire.com/?bm0ztu36736502r

BTW: I cant do a sfc /scannow, because I don't have the CD here, windows was preinstalled.

0

Share this post


Link to post
Share on other sites

the dump is damaged, I can't read the data:


Kernel Complete Dump File: Full address space is available

************************************************************
WARNING: Dump file has been truncated. Data may be missing.

Unable to read KLDR_DATA_TABLE_ENTRY at 8b3b33a0 - Win32 error 0n38
GetContextState failed, 0x80070026


0: kd> !vm

*** Virtual Memory Usage ***
Physical Memory: 783871 ( 3135484 Kb)
00000000: Unable to get page file
00000000: Unable to get paged pool info
unable to get nt!MmTotalFreeSystemPtes
unable to get nt!MmTotalPagesForPagingFile
unable to get nt!MiSpecialPagesNonPaged
unable to get nt!MiSpecialPagesNonPagedMaximum
Error reading free nonpaged PTEs 00000004
unable to get nt!MmSpecialPagesInUse
Available Pages: 666391 ( 2665564 Kb)
ResAvail Pages: 695793 ( 2783172 Kb)
Locked IO Pages: 0 ( 0 Kb)
Free System PTEs: 0 ( 0 Kb)

********** Running out of system PTEs **************

Free NP PTEs: 0 ( 0 Kb)
Free Special NP: 0 ( 0 Kb)
Modified Pages: 4353 ( 17412 Kb)
Modified PF Pages: 0 ( 0 Kb)
80564d20: Unable to get pool descriptor
NonPagedPool Usage: 0 ( 0 Kb)
NonPagedPool Max: 65536 ( 262144 Kb)
PagedPool Usage: 0 ( 0 Kb)
PagedPool Maximum: 92160 ( 368640 Kb)
Unable to get Session WsListEntry
Session Commit: 0 ( 0 Kb)
Shared Commit: 2278 ( 9112 Kb)
Special Pool: 0 ( 0 Kb)
Shared Process: 2202 ( 8808 Kb)
PagedPool Commit: 10330 ( 41320 Kb)
Driver Commit: 4535 ( 18140 Kb)
Committed pages: 61417 ( 245668 Kb)
Commit limit: 755565 ( 3022260 Kb)


ProcessCommitUsage could not be calculated

so I can't see the process memory usage of the svchost.exe. Do you really only have 768MB RAM? Try to upgrade the RAM.

0

Share this post


Link to post
Share on other sites

so I can't see the process memory usage of the svchost.exe. Do you really only have 768MB RAM? Try to upgrade the RAM.

Have you tried both dumps? Were both of them damaged? If so, what to do now?

No, I have 3gb but had to limit the size, otherwise the file would be 2gb big

0

Share this post


Link to post
Share on other sites

don't limit the size. Compress it with 7z (LZMA2 - ultra). This reduces the size a lot.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.