OK, here’s a useful reply to my query when I had the same sort of problem though it was listed as a “system” connection. I think, for me, it turned out to be something like Itunes or Apple Update.

And the reply:

I don’t seem to be able so far to find where I posted the solution but I’m still looking.

OK thx!

Update: One of my svchost processes is currently using 86,000k of memory. Not normal, is it?

try running svchost viewer to see what is actually using that memory.
(runs on XP, Vista, Win7)

Useful little utility - thanks.

I’ve 5 instances running, total of 36MB.

I’ve set the firewall to block svchost.exe and there don’t seem to have been any problems.

svchost.exe should normally be set to ‘Outgoing Only’ in the firewall rules.

As earlier said, svchost viewer showed that I had a total of 15 processes running. None of the programs seem like trojans.

What’s the advantage in allowing this? I don’t think that there are any problems with the blocking of it but does allowing it out help anything at all? If so, Ill change it.

Well, I think it’s been because of some people thinking that M$ can collect habits off users etc… M$ requests some “Surfing habits?” and use it for them to “Improve ^_^” their service, $.

Just a theory Anyway - Svchost shouldn’t need incomming requests… And it doesn’t hurt to do that little bit extra to make them outgoing only.

Still not found the solution, think it was Apple Itunes related. You might want to try running “WireShark” http://www.wireshark.org/ It’s very good at monitoring traffic and will identify which actual programs are doing what.

P.S.Just uninstalled “Client For Microsoft Networks” since I don’t share my connection or a printer etc…

ripe.net doesn’t show you inforamtion for USA.
Your result is ripe.net’s information not for the 97.117.94.248.
If ripe doesn’t have any information for ip address , it shows people their own information(ripe.net)
You should check it at the https://www.arin.net/ (only for America)

Here lastest information for 97.117.94.248

OrgName: Qwest Communications Corporation
OrgID: QCC-22
Address: 1801 California Street
City: Denver
StateProv: CO
PostalCode: 80202
Country: US

NetRange: 97.112.0.0 - 97.127.255.255
CIDR: 97.112.0.0/12
OriginAS: AS209
NetName: QWEST-INET-125
NetHandle: NET-97-112-0-0-1
Parent: NET-97-0-0-0-0
NetType: Direct Allocation
NameServer: AUTHNS1.MPLS.QWEST.NET
NameServer: AUTHNS2.DNVR.QWEST.NET
NameServer: AUTHNS3.STTL.QWEST.NET
Comment:
RegDate: 2007-12-19
Updated: 2008-08-28

RAbuseHandle: QIA2-ARIN
RAbuseName: Qwest Abuse
RAbusePhone: +1-877-886-6515
RAbuseEmail: abuse[at]qwest.net

RNOCHandle: QIN-ARIN
RNOCName: Qwest IP NOC
RNOCPhone: +1-877-886-6515
RNOCEmail: support[at]qwestip.net

RTechHandle: QIA-ARIN
RTechName: Qwest IP Admin
RTechPhone: +1-877-886-6515
RTechEmail: ipadmin[at]qwestip.net

OrgAbuseHandle: QIA2-ARIN
OrgAbuseName: Qwest Abuse
OrgAbusePhone: +1-877-886-6515
OrgAbuseEmail: abuse[at]qwest.net

OrgNOCHandle: QIN-ARIN
OrgNOCName: Qwest IP NOC
OrgNOCPhone: +1-877-886-6515
OrgNOCEmail: support[at]qwestip.net

OrgTechHandle: QIA-ARIN
OrgTechName: Qwest IP Admin
OrgTechPhone: +1-877-886-6515
OrgTechEmail: ipadmin[at]qwestip.net

ARIN WHOIS database, last updated 2009-04-19 19:10

Enter ? for additional hints on searching ARIN’s WHOIS database.

I’ve checked your screen shots.
But there are nothing suspicious stuffs.
All p2p traffics.
15 svchost is not that much with Vista.
(if you have softwares which need to use svchost, it is possible)
Can you show me with HijackThis result?

One of my svchost processes is currently using 86,000k of memory. Not normal, is it?

It’s not that bit extra to allow outward only, Kyle, it’s that I have it blocked for both and I wondered if there was any advantage, over blocking both ways, to allowing it outward.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:25:48 PM, on 4/22/2009
Platform: Windows Vista SP2, v.286 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\vVX3000.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\UcanTV\PXPHost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ID Vault\IDVault.exe
C:\Program Files\uTorrent Turbo Booster\uTorrent Turbo Booster.exe
C:\Program Files\Xfire\Xfire.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\PROGRAM FILES\RISING\RAV\RSTRAY.EXE
C:\PROGRAM FILES\RISING\RFW\RSTRAY.EXE
C:\Windows\system32\WpcUmi.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\DAP\DAP.EXE
C:\Users\Lele’s PC KEEP OUT!!\Documents\My Completed Downloads\HiJackThis.exe

R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
R3 - URLSearchHook: (no name) - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: GuardId.MSIEBrowser.BHO - {5b0a01d2-b8a0-4e56-9e6b-cba0ef4b4eb5} - mscoree.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ?¨?¨é?í?°2è??úê? - {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM..\Run: [lifeCam] “C:\Program Files\Microsoft LifeCam\LifeExp.exe”
O4 - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM..\Run: [PXPHost] C:\Program files\UcanTV\PXPHost.exe -start
O4 - HKLM..\Run: [AdobeCS4ServiceManager] “C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe” -launchedbylogin
O4 - HKLM..\Run: [TkBellExe] “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM..\Run: [RavTray] “C:\Program Files\Rising\Rav\RsTray.exe” -system
O4 - HKLM..\Run: [RFWTray] “C:\Program Files\Rising\Rfw\RsTray.exe” -system
O4 - HKLM..\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM..\Run: [iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe”
O4 - HKLM..\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM..\Run: [COMODO Internet Security] “C:\Program Files\COMODO\COMODO Internet Security\cfp.exe” -h
O4 - HKLM..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU..\Run: [uTorrent] “C:\Program Files\uTorrent\uTorrent.exe”
O4 - HKCU..\Run: [DAEMON Tools Lite] “C:\Program Files\DAEMON Tools Lite\daemon.exe” -autorun
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU..\Run: [Steam] “C:\Program Files\Steam\Steam.exe” -silent
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-21-336198503-2190284810-947229827-1003..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User ‘Standard account’)
O4 - HKUS\S-1-5-21-336198503-2190284810-947229827-1003..\Run: [Speech Recognition] “C:\Windows\Speech\Common\sapisvr.exe” -SpeechUX -Startup (User ‘Standard account’)
O4 - HKUS\S-1-5-21-336198503-2190284810-947229827-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User ‘Standard account’)
O4 - HKUS\S-1-5-21-336198503-2190284810-947229827-1003..\Run: [BitTorrent DNA] “C:\Program Files\DNA\btdna.exe” (User ‘Standard account’)
O4 - HKUS\S-1-5-21-336198503-2190284810-947229827-1003..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent (User ‘Standard account’)
O4 - HKUS\S-1-5-21-336198503-2190284810-947229827-1003..\Run: [DAEMON Tools Lite] “C:\Program Files\DAEMON Tools Lite\daemon.exe” -autorun (User ‘Standard account’)
O4 - HKUS\S-1-5-21-336198503-2190284810-947229827-1003..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User ‘Standard account’)
O4 - S-1-5-21-336198503-2190284810-947229827-1003 Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User ‘Standard account’)
O4 - S-1-5-21-336198503-2190284810-947229827-1003 User Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User ‘Standard account’)
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: uTorrent Turbo Booster.lnk = C:\Program Files\uTorrent Turbo Booster\uTorrent Turbo Booster.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: ID Vault.lnk = C:\Program Files\ID Vault\IDVault.exe
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra ‘Tools’ menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {07246F83-6D48-4559-81EC-117CBAE54F1B} (Microsoft Office Live Workspace Upload Tool) - http://workspace.office.live.com/Misc/Microsoft.OfficeLive.Workspace.RichUpload.cab
O16 - DPF: {0F1B49C0-9894-4696-8E8D-DB1F5D02FBAB} (UltraMJCamX Class) - http://192.168.1.250/UltraMJCamX.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - Page Not Found | NVIDIA
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.126,85.255.112.150
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.126,85.255.112.150
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Norton 2009 Reset (.norton2009Reset) - Unknown owner - C:\ProgramData\Norton\Norton2009Reset.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Contrl Center of Storm Media (ccosm) - 北京暴风网际科技有限公司 - C:\Program Files\StormII\stormliv.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Update Service (gupdate1c9948740a60e10) (gupdate1c9948740a60e10) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Qvod Terminal - Shenzhen QVOD Technology Co.,Ltd - C:\Program Files\QvodPlayer\QvodTerminal.exe
O23 - Service: Rav Process Communication Center (RavCCenter) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\Rav\CCENTER.EXE
O23 - Service: Rising RavTask Manager (RavTask) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\Rav\RavTask.exe
O23 - Service: Rfw Process Communication Center (RfwCCenter) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\Rfw\CCENTER.EXE
O23 - Service: Rising Personal Firewall Service (RfwService) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\Rfw\rfwsrv.exe
O23 - Service: Rising RfwTask Manager (RfwTask) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\Rfw\RavTask.exe
O23 - Service: Rising RealTime Monitor (RsRavMon) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\Rav\RavMonD.exe
O23 - Service: Rising Scan Service (RsScanSrv) - Beijing Rising Information Technology Co., Ltd. - C:\Program Files\Rising\Rav\ScanFrm.exe
O23 - Service: Rising Vista Scanner (RsVScanner) - Unknown owner - C:\Program Files\Rising\Rav\scannerd.exe (file missing)
O23 - Service: Server Access Manager - Unknown owner - C:\Windows\system32\ccApp.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

–
End of file - 15406 bytes

Sorry it took me so long. I haven’t been on the computer

Ran your HJT logs through www.hijackthis.de and found some malware flagged. Your DNS seems hijacked:

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.126,85.255.112.150 Do you know the IP or Domain ‘85.255.112.126,85.255.112.150’? If not, fix this entry.
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.126,85.255.112.150 Do you know the IP or Domain ‘85.255.112.126,85.255.112.150’? If not, fix this entry.

O4 - HKLM..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe

I googled the DNS servers as they were flagged and found out they were rogue.

Check the mentioned HJT entries and fix them. Then reboot and rerun HJT and see if they are gone or not.

As a matter of exercise, copy/paste your HJT log in the textbox on www.hijackthis.de and have it analysed . You will see some question marks with programs unknown to the data base. Can you tell me if there are any unknown programs are known to you (you installed them)?

I use this site for a quick initial analysis of what may be rogues.