Svhost.exe using 100% Processor on XP Professional

I have one desktop that is running XP Professional SP3 on a server 2003
Domain, all security patches are up to date, all systems run Symentec
Endpoint Protection 11.0.5.

This one system starting using 100% processor for svhost.exe when the system
boots up a few days ago, we go to task manager see the svhost.exe that is
using all of the processor, end that task, and the user is back in business.

I saw some information on the net that is may be a virus --- I boot the
machine up in safe mode, with system restore off, ran a full scan and no
threats, also ran a full scan while not in safe mode and still all clear.
There are a lot of ideas on the net as to how to fix this ---- just wondering
if anyone ran into this problem and if successfully resolved. Any assistance
would be appreciated.

Thanks,
Bob

Google for Svhost. Also try the system with Symantec disabled.
"Bob" wrote in message
...

I have one desktop that is running XP Professional SP3 on a server 2003
Domain, all security patches are up to date, all systems run Symentec
Endpoint Protection 11.0.5.

This one system starting using 100% processor for svhost.exe when the
system
boots up a few days ago, we go to task manager see the svhost.exe that is
using all of the processor, end that task, and the user is back in
business.

I saw some information on the net that is may be a virus --- I boot the
machine up in safe mode, with system restore off, ran a full scan and no
threats, also ran a full scan while not in safe mode and still all clear.
There are a lot of ideas on the net as to how to fix this ---- just
wondering
if anyone ran into this problem and if successfully resolved. Any
assistance
would be appreciated.

Thanks,
Bob

Google for Svhost. Also try the system with Symantec disabled.
"Bob" wrote in message
...

I have one desktop that is running XP Professional SP3 on a server 2003
Domain, all security patches are up to date, all systems run Symentec
Endpoint Protection 11.0.5.

This one system starting using 100% processor for svhost.exe when the
system
boots up a few days ago, we go to task manager see the svhost.exe that is
using all of the processor, end that task, and the user is back in
business.

I saw some information on the net that is may be a virus --- I boot the
machine up in safe mode, with system restore off, ran a full scan and no
threats, also ran a full scan while not in safe mode and still all clear.
There are a lot of ideas on the net as to how to fix this ---- just
wondering
if anyone ran into this problem and if successfully resolved. Any
assistance
would be appreciated.

Thanks,
Bob

On Jul 14, 4:38*pm, Bob wrote:
I have one desktop that is running XP Professional SP3 on a server 2003
Domain, all security patches are up to date, all systems run Symentec
Endpoint Protection 11.0.5.

This one system starting using 100% processor for svhost.exe when the system
boots up a few days ago, we go to task manager see the svhost.exe that is
using all of the processor, end that task, and the user is back in business.

I saw some information on the net that is may be a virus --- I boot the
machine up in safe mode, with system restore off, ran a full scan and no
threats, also ran a full scan while not in safe mode and still all clear.
There are a lot of ideas on the net as to how to fix this ---- just wondering
if anyone ran into this problem and if successfully resolved. Any assistance
would be appreciated.

Thanks,
Bob

Did any of those ideas have a happy ending?

You should normally see several svchost,exe in Task Manager (if that
is where you are looking). If you are curious why that is, read this
article:

http://www.bleepingcomputer.com/tuto...torial129.html

Malicious software will sometimes hide underneath or hijack a
legitimate XP svchost.exe process. Sometimes malicious software will
run using a Process Image Name that looks like a legitimate process in
order to fool you. If you really see svhost.exe, that sounds
suspicious.

I would not put all your malicious software detection eggs in the
Symantec basket.

Perform some scans for malicious software, then fix any remaining
issues:

Download, install, update and do a full scan with these free malware
detection programs:

Malwarebytes (MBAM): http://malwarebytes.org/
SUPERAntiSpywa (SAS): http://www.superantispyware.com/

They can be uninstalled later if desired.

If you have the same problem, we can then figure it out and fix it
(not try things).

On Jul 14, 4:38*pm, Bob wrote:
I have one desktop that is running XP Professional SP3 on a server 2003
Domain, all security patches are up to date, all systems run Symentec
Endpoint Protection 11.0.5.

This one system starting using 100% processor for svhost.exe when the system
boots up a few days ago, we go to task manager see the svhost.exe that is
using all of the processor, end that task, and the user is back in business.

I saw some information on the net that is may be a virus --- I boot the
machine up in safe mode, with system restore off, ran a full scan and no
threats, also ran a full scan while not in safe mode and still all clear.
There are a lot of ideas on the net as to how to fix this ---- just wondering
if anyone ran into this problem and if successfully resolved. Any assistance
would be appreciated.

Thanks,
Bob

Did any of those ideas have a happy ending?

You should normally see several svchost,exe in Task Manager (if that
is where you are looking). If you are curious why that is, read this
article:

http://www.bleepingcomputer.com/tuto...torial129.html

Malicious software will sometimes hide underneath or hijack a
legitimate XP svchost.exe process. Sometimes malicious software will
run using a Process Image Name that looks like a legitimate process in
order to fool you. If you really see svhost.exe, that sounds
suspicious.

I would not put all your malicious software detection eggs in the
Symantec basket.

Perform some scans for malicious software, then fix any remaining
issues:

Download, install, update and do a full scan with these free malware
detection programs:

Malwarebytes (MBAM): http://malwarebytes.org/
SUPERAntiSpywa (SAS): http://www.superantispyware.com/

They can be uninstalled later if desired.

If you have the same problem, we can then figure it out and fix it
(not try things).

Bob - svchost functions as a "host container" for threads being executed -
several will be "running". Usually malware will have names similar to
system files. Is the title you posted "svhost" correct? If so it is
likely malware. or did you intend to mean "svchost"?

There are several utilities - "process monitor" in particular - at
Sysinternals site that will permit pinpointing the problem.

Bob - svchost functions as a "host container" for threads being executed -
several will be "running". Usually malware will have names similar to
system files. Is the title you posted "svhost" correct? If so it is
likely malware. or did you intend to mean "svchost"?

There are several utilities - "process monitor" in particular - at
Sysinternals site that will permit pinpointing the problem.

Nevertheless, there is a very good chance that you are seeing the effects of
a hijackware infection!

NB: If you had no anti-virus application installed or the subscription had
expired *when the machine first got infected* and/or your subscription has
since expired and/or the machine's not been kept fully-patched at Windows
Update, don't waste your time with any of the below: Format & reinstall
Windows. A Repair Install will NOT help!

Microsoft PCSafety provides home users (only) with no-charge support in
dealing with malware infections such as viruses, spyware (including unwanted
software), and adware.
https://support.microsoft.com/oas/de...prid=7552&st=1

Also available via the Consumer Security Support home page:
https://consumersecuritysupport.microsoft.com/

Otherwise...

1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/ma...e/default.mspx

NB: Run the FULL scan, not the QUICK scan! You may need to download the
MSRT on a non-infected machine, then transfer MRT.EXE to the infected
machine and rename it to SCAN.EXE before running it.

2a. WinXP = Run the Windows Live Safety Center's 'Protection' scan (only!)
in Safe Mode with Networking, if need be:
http://onecare.live.com/site/en-us/center/howsafe.htm

2b. Vista or Win7= Run this scan instead:
http://onecare.live.com/site/en-us/center/whatsnew.htm

3. Now post the requested logs in an appropriate forum for assistance by an
expert in such matters. DO NOT SKIP THIS STEP!!

I can recommend the expert assistance offered in these forums:
http://spywarehammer.com/simplemachi...php?board=10.0,
http://www.spywarewarrior.com/viewforum.php?f=5,
http://www.dslreports.com/forum/cleanup,
http://www.bluetack.co.uk/forums/index.php, and
http://aumha.net/viewforum.php?f=30

If these procedures look too complex - and there is no shame in admitting
this isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.

Bob wrote:
I have one desktop that is running XP Professional SP3 on a server 2003
Domain, all security patches are up to date, all systems run Symentec
Endpoint Protection 11.0.5.

This one system starting using 100% processor for svhost.exe when the
system
boots up a few days ago, we go to task manager see the svhost.exe that is
using all of the processor, end that task, and the user is back in
business.

I saw some information on the net that is may be a virus --- I boot the
machine up in safe mode, with system restore off, ran a full scan and no
threats, also ran a full scan while not in safe mode and still all clear.
There are a lot of ideas on the net as to how to fix this ---- just
wondering if anyone ran into this problem and if successfully resolved.
Any
assistance would be appreciated.

Thanks,
Bob

Nevertheless, there is a very good chance that you are seeing the effects of
a hijackware infection!

NB: If you had no anti-virus application installed or the subscription had
expired *when the machine first got infected* and/or your subscription has
since expired and/or the machine's not been kept fully-patched at Windows
Update, don't waste your time with any of the below: Format & reinstall
Windows. A Repair Install will NOT help!

Microsoft PCSafety provides home users (only) with no-charge support in
dealing with malware infections such as viruses, spyware (including unwanted
software), and adware.
https://support.microsoft.com/oas/de...prid=7552&st=1

Also available via the Consumer Security Support home page:
https://consumersecuritysupport.microsoft.com/

Otherwise...

1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/ma...e/default.mspx

NB: Run the FULL scan, not the QUICK scan! You may need to download the
MSRT on a non-infected machine, then transfer MRT.EXE to the infected
machine and rename it to SCAN.EXE before running it.

2a. WinXP = Run the Windows Live Safety Center's 'Protection' scan (only!)
in Safe Mode with Networking, if need be:
http://onecare.live.com/site/en-us/center/howsafe.htm

2b. Vista or Win7= Run this scan instead:
http://onecare.live.com/site/en-us/center/whatsnew.htm

3. Now post the requested logs in an appropriate forum for assistance by an
expert in such matters. DO NOT SKIP THIS STEP!!

I can recommend the expert assistance offered in these forums:
http://spywarehammer.com/simplemachi...php?board=10.0,
http://www.spywarewarrior.com/viewforum.php?f=5,
http://www.dslreports.com/forum/cleanup,
http://www.bluetack.co.uk/forums/index.php, and
http://aumha.net/viewforum.php?f=30

If these procedures look too complex - and there is no shame in admitting
this isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.

Bob wrote:
I have one desktop that is running XP Professional SP3 on a server 2003
Domain, all security patches are up to date, all systems run Symentec
Endpoint Protection 11.0.5.

This one system starting using 100% processor for svhost.exe when the
system
boots up a few days ago, we go to task manager see the svhost.exe that is
using all of the processor, end that task, and the user is back in
business.

I saw some information on the net that is may be a virus --- I boot the
machine up in safe mode, with system restore off, ran a full scan and no
threats, also ran a full scan while not in safe mode and still all clear.
There are a lot of ideas on the net as to how to fix this ---- just
wondering if anyone ran into this problem and if successfully resolved.
Any
assistance would be appreciated.

Thanks,
Bob

"PA Bear [MS MVP]" wrote:

Nevertheless, there is a very good chance that you are seeing the effects of
a hijackware infection!

NB: If you had no anti-virus application installed or the subscription had
expired *when the machine first got infected* and/or your subscription has
since expired and/or the machine's not been kept fully-patched at Windows
Update, don't waste your time with any of the below: Format & reinstall
Windows. A Repair Install will NOT help!

Microsoft PCSafety provides home users (only) with no-charge support in
dealing with malware infections such as viruses, spyware (including unwanted
software), and adware.
https://support.microsoft.com/oas/de...prid=7552&st=1

Also available via the Consumer Security Support home page:
https://consumersecuritysupport.microsoft.com/

Otherwise...

1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/ma...e/default.mspx

NB: Run the FULL scan, not the QUICK scan! You may need to download the
MSRT on a non-infected machine, then transfer MRT.EXE to the infected
machine and rename it to SCAN.EXE before running it.

2a. WinXP = Run the Windows Live Safety Center's 'Protection' scan (only!)
in Safe Mode with Networking, if need be:
http://onecare.live.com/site/en-us/center/howsafe.htm

2b. Vista or Win7= Run this scan instead:
http://onecare.live.com/site/en-us/center/whatsnew.htm

3. Now post the requested logs in an appropriate forum for assistance by an
expert in such matters. DO NOT SKIP THIS STEP!!

I can recommend the expert assistance offered in these forums:
http://spywarehammer.com/simplemachi...php?board=10.0,
http://www.spywarewarrior.com/viewforum.php?f=5,
http://www.dslreports.com/forum/cleanup,
http://www.bluetack.co.uk/forums/index.php, and
http://aumha.net/viewforum.php?f=30

If these procedures look too complex - and there is no shame in admitting
this isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.

Bob wrote:
I have one desktop that is running XP Professional SP3 on a server 2003
Domain, all security patches are up to date, all systems run Symentec
Endpoint Protection 11.0.5.

This one system starting using 100% processor for svhost.exe when the
system
boots up a few days ago, we go to task manager see the svhost.exe that is
using all of the processor, end that task, and the user is back in
business.

I saw some information on the net that is may be a virus --- I boot the
machine up in safe mode, with system restore off, ran a full scan and no
threats, also ran a full scan while not in safe mode and still all clear.
There are a lot of ideas on the net as to how to fix this ---- just
wondering if anyone ran into this problem and if successfully resolved.
Any
assistance would be appreciated.

Thanks,
Bob

.

Thank you for the replies all ----

I did spell the name wrong, the Process that we end in Task manager is
spelled ------ svchost.exe

Concerning the Symantec software --- it does have Antivus and Antispyware
protection, the corporate subscription is up to date, the definitions are up
to date daily, and I apply all MS patches via WSUS.

Now this morning --- the user did not have any problems with it robbing
their processor. I will download/run the mentioned scans to see if anything
found on the system.

Bob

"PA Bear [MS MVP]" wrote:

Nevertheless, there is a very good chance that you are seeing the effects of
a hijackware infection!

NB: If you had no anti-virus application installed or the subscription had
expired *when the machine first got infected* and/or your subscription has
since expired and/or the machine's not been kept fully-patched at Windows
Update, don't waste your time with any of the below: Format & reinstall
Windows. A Repair Install will NOT help!

Microsoft PCSafety provides home users (only) with no-charge support in
dealing with malware infections such as viruses, spyware (including unwanted
software), and adware.
https://support.microsoft.com/oas/de...prid=7552&st=1

Also available via the Consumer Security Support home page:
https://consumersecuritysupport.microsoft.com/

Otherwise...

1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/ma...e/default.mspx

NB: Run the FULL scan, not the QUICK scan! You may need to download the
MSRT on a non-infected machine, then transfer MRT.EXE to the infected
machine and rename it to SCAN.EXE before running it.

2a. WinXP = Run the Windows Live Safety Center's 'Protection' scan (only!)
in Safe Mode with Networking, if need be:
http://onecare.live.com/site/en-us/center/howsafe.htm

2b. Vista or Win7= Run this scan instead:
http://onecare.live.com/site/en-us/center/whatsnew.htm

3. Now post the requested logs in an appropriate forum for assistance by an
expert in such matters. DO NOT SKIP THIS STEP!!

I can recommend the expert assistance offered in these forums:
http://spywarehammer.com/simplemachi...php?board=10.0,
http://www.spywarewarrior.com/viewforum.php?f=5,
http://www.dslreports.com/forum/cleanup,
http://www.bluetack.co.uk/forums/index.php, and
http://aumha.net/viewforum.php?f=30

If these procedures look too complex - and there is no shame in admitting
this isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.

Bob wrote:
I have one desktop that is running XP Professional SP3 on a server 2003
Domain, all security patches are up to date, all systems run Symentec
Endpoint Protection 11.0.5.

This one system starting using 100% processor for svhost.exe when the
system
boots up a few days ago, we go to task manager see the svhost.exe that is
using all of the processor, end that task, and the user is back in
business.

I saw some information on the net that is may be a virus --- I boot the
machine up in safe mode, with system restore off, ran a full scan and no
threats, also ran a full scan while not in safe mode and still all clear.
There are a lot of ideas on the net as to how to fix this ---- just
wondering if anyone ran into this problem and if successfully resolved.
Any
assistance would be appreciated.

Thanks,
Bob

.

Thank you for the replies all ----

I did spell the name wrong, the Process that we end in Task manager is
spelled ------ svchost.exe

Concerning the Symantec software --- it does have Antivus and Antispyware
protection, the corporate subscription is up to date, the definitions are up
to date daily, and I apply all MS patches via WSUS.

Now this morning --- the user did not have any problems with it robbing
their processor. I will download/run the mentioned scans to see if anything
found on the system.

Bob

On Jul 15, 1:38*pm, Bob wrote:
"PA Bear [MS MVP]" wrote:



Nevertheless, there is a very good chance that you are seeing the effects of
a hijackware infection!

NB: If you had no anti-virus application installed or the subscription had
expired *when the machine first got infected* and/or your subscription has
since expired and/or the machine's not been kept fully-patched at Windows
Update, don't waste your time with any of the below: Format & reinstall
Windows. *A Repair Install will NOT help!

Microsoft PCSafety provides home users (only) with no-charge support in
dealing with malware infections such as viruses, spyware (including unwanted
software), and adware.
https://support.microsoft.com/oas/de...prid=7552&st=1

Also available via the Consumer Security Support home page:
https://consumersecuritysupport.microsoft.com/

Otherwise...

1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/ma...e/default.mspx

NB: Run the FULL scan, not the QUICK scan! *You may need to download the
MSRT on a non-infected machine, then transfer MRT.EXE to the infected
machine and rename it to SCAN.EXE before running it.

2a. WinXP = Run the Windows Live Safety Center's 'Protection' scan (only!)
in Safe Mode with Networking, if need be:
http://onecare.live.com/site/en-us/center/howsafe.htm

2b. Vista or Win7= Run this scan instead:
http://onecare.live.com/site/en-us/center/whatsnew.htm

3. Now post the requested logs in an appropriate forum for assistance by an
expert in such matters. DO NOT SKIP THIS STEP!!

I can recommend the expert assistance offered in these forums:
http://spywarehammer.com/simplemachi...php?board=10.0,
http://www.spywarewarrior.com/viewforum.php?f=5,
http://www.dslreports.com/forum/cleanup,
http://www.bluetack.co.uk/forums/index.php, and
http://aumha.net/viewforum.php?f=30

If these procedures look too complex - and there is no shame in admitting
this isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.

Bob wrote:
I have one desktop that is running XP Professional SP3 on a server 2003
Domain, all security patches are up to date, all systems run Symentec
Endpoint Protection 11.0.5.

This one system starting using 100% processor for svhost.exe when the
system
boots up a few days ago, we go to task manager see the svhost.exe that is
using all of the processor, end that task, and the user is back in
business.

I saw some information on the net that is may be a virus --- I boot the
machine up in safe mode, with system restore off, ran a full scan and no
threats, also ran a full scan while not in safe mode and still all clear.
There are a lot of ideas on the net as to how to fix this ---- just
wondering if anyone ran into this problem and if successfully resolved.
Any
assistance would be appreciated.

Thanks,
Bob

.

Thank you for the replies all ----

I did spell the name wrong, the Process that we end in Task manager is
spelled ------ *svchost.exe

Concerning the Symantec software --- *it does have Antivus and Antispyware
protection, the corporate subscription is up to date, the definitions are up
to date daily, and I apply all MS patches via WSUS.

Now this morning --- the user did not have any problems with it robbing
their processor. I will download/run the mentioned scans to see if anything
found on the system.

Bob

See all the rookus caused by your typo?!

Just kidding... we have almost all seen (and fixed) a system that has
a runaway svchost.exe. It is always explainable.

After scanning with MBAM and SAS, if you still have the issues:

....you should get Process Explorer so you can see what is "really"
running, especially behind those multiple svchosts you see running in
Task Manager. You'll like PE when you get the hang of it. PE is the
Windows Task manager on steroids. PE installs nothing, and only runs
on demand. It looks a little intimidating, but you will start to like
the way it works.

http://technet.microsoft.com/en-us/s.../bb896653.aspx

Using PE and the info from the other link I sent will help you see
what is going on and then you can fix it instead of trying things.

On Jul 15, 1:38*pm, Bob wrote:
"PA Bear [MS MVP]" wrote:



Nevertheless, there is a very good chance that you are seeing the effects of
a hijackware infection!

NB: If you had no anti-virus application installed or the subscription had
expired *when the machine first got infected* and/or your subscription has
since expired and/or the machine's not been kept fully-patched at Windows
Update, don't waste your time with any of the below: Format & reinstall
Windows. *A Repair Install will NOT help!

Microsoft PCSafety provides home users (only) with no-charge support in
dealing with malware infections such as viruses, spyware (including unwanted
software), and adware.
https://support.microsoft.com/oas/de...prid=7552&st=1

Also available via the Consumer Security Support home page:
https://consumersecuritysupport.microsoft.com/

Otherwise...

1. See if you can download/run the MSRT manually:
http://www.microsoft.com/security/ma...e/default.mspx

NB: Run the FULL scan, not the QUICK scan! *You may need to download the
MSRT on a non-infected machine, then transfer MRT.EXE to the infected
machine and rename it to SCAN.EXE before running it.

2a. WinXP = Run the Windows Live Safety Center's 'Protection' scan (only!)
in Safe Mode with Networking, if need be:
http://onecare.live.com/site/en-us/center/howsafe.htm

2b. Vista or Win7= Run this scan instead:
http://onecare.live.com/site/en-us/center/whatsnew.htm

3. Now post the requested logs in an appropriate forum for assistance by an
expert in such matters. DO NOT SKIP THIS STEP!!

I can recommend the expert assistance offered in these forums:
http://spywarehammer.com/simplemachi...php?board=10.0,
http://www.spywarewarrior.com/viewforum.php?f=5,
http://www.dslreports.com/forum/cleanup,
http://www.bluetack.co.uk/forums/index.php, and
http://aumha.net/viewforum.php?f=30

If these procedures look too complex - and there is no shame in admitting
this isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA or Geek Squad) computer repair shop.

Bob wrote:
I have one desktop that is running XP Professional SP3 on a server 2003
Domain, all security patches are up to date, all systems run Symentec
Endpoint Protection 11.0.5.

This one system starting using 100% processor for svhost.exe when the
system
boots up a few days ago, we go to task manager see the svhost.exe that is
using all of the processor, end that task, and the user is back in
business.

I saw some information on the net that is may be a virus --- I boot the
machine up in safe mode, with system restore off, ran a full scan and no
threats, also ran a full scan while not in safe mode and still all clear.
There are a lot of ideas on the net as to how to fix this ---- just
wondering if anyone ran into this problem and if successfully resolved.
Any
assistance would be appreciated.

Thanks,
Bob

.

Thank you for the replies all ----

I did spell the name wrong, the Process that we end in Task manager is
spelled ------ *svchost.exe

Concerning the Symantec software --- *it does have Antivus and Antispyware
protection, the corporate subscription is up to date, the definitions are up
to date daily, and I apply all MS patches via WSUS.

Now this morning --- the user did not have any problems with it robbing
their processor. I will download/run the mentioned scans to see if anything
found on the system.

Bob

See all the rookus caused by your typo?!

Just kidding... we have almost all seen (and fixed) a system that has
a runaway svchost.exe. It is always explainable.

After scanning with MBAM and SAS, if you still have the issues:

....you should get Process Explorer so you can see what is "really"
running, especially behind those multiple svchosts you see running in
Task Manager. You'll like PE when you get the hang of it. PE is the
Windows Task manager on steroids. PE installs nothing, and only runs
on demand. It looks a little intimidating, but you will start to like
the way it works.

http://technet.microsoft.com/en-us/s.../bb896653.aspx

Using PE and the info from the other link I sent will help you see
what is going on and then you can fix it instead of trying things.

Bob wrote:
Nevertheless, there is a very good chance that you are seeing the effects
of a hijackware infection!
snip
I did spell the name wrong, the Process that we end in Task manager is
spelled ------ svchost.exe

I assumed such was the case.

Bob wrote:
Nevertheless, there is a very good chance that you are seeing the effects
of a hijackware infection!
snip
I did spell the name wrong, the Process that we end in Task manager is
spelled ------ svchost.exe

I assumed such was the case.