Well, first time on a computer: back in 1984 (13 years old).
First time on internet 1989, first time programming with TCP/ip socket 1990.
I’ve done socket programming in C, perl, java, C++ and other languages since then (both on unix and windows).
No offense at all, anyway. ;D
The program which is causing outgoing connections is svchost.exe and this is not normal.
I’m doing the step you are suggesting.
Oh now we tell our history ;D Let me surprise you:
Working with comps over 24 years
Running a comp repair store for almost ten years
Running a on-site-service (b2b) for 3 years
Programmed in, (not gonna tell all), ALL Basic dialects, Z80 assembler, 80286, 80386, 80486, Forth, Fortran, pascal, mnemonics, and many more
I was one of the people who programmed Tassword (the precessor of ms-word and wordperfect)
I was the one, together with a friend, who wrote a interpreter for basicode for the Sinclair comps, although Sinclair England said it wasn’t possible to do so
I’m the only one in my country who is officially allowed to help students with the practicum fase of their education in ALL aspects of the it/computer sector 
All of my ‘colleges’ (is this english?) in the region send people to me when they can’t solve a problem theirselfs.
Shall I go on? ;D ;D ;D
I dont think that the goal of this forum is to explain how cool we are.
I think i have a problem, i shared what i have seen, looking for similiar experiences and, hopefully, a solution.
That’s all the story.
AGREED! So take what I said in my prvious post with a little salt (see the smileys) It wasn’t ment all that serious and certainly not ment as “teaching” or so. Sorry if you have took it that way, but that was not my intention. Let’s blame it on the fact that my original language ain’t english. Again, sorry for this little misunderstanding :-X
so, back to business: ;D
is normal as soon as you’re connected !!
Blaster, Sasser & other network worms knocking on your door:
If you have all Windowsupdates applied, use secure passwords, have your System configured properly and/or have a firewall that BLOCKS TCP 135 (as example), there’s nothing to worry about this…
I don’t see many follow-ups & reports to the advice/links/Tools artras gave you…
you do imho have an excessiv lot of running processes & startup entries
→
→ install, update, scan & fix with Ad-aware, spybot and cwshredder
from http://www.lurkhere.com/~nicefiles/index.html & www.lavasoft.de
check all (Startup-)entries in HJT-Log if they are malicious or useless,
and fix them if so…
→ with Log-file from Hijackthis
http://www.spywareinfo.com/~merijn/htlogtutorial.html (english tutorial) in combination with:
a) database http://www.sysinfo.org/startuplist.php or OFFLINE: http://www.pacs-portal.co.uk/startup_pages/start_ups.exe or
http://www.windowsstartup.com/wso/search.php & http://www.reger24.de/processes.php & www.google.de
b) KAV-Scanner (see below)
reboot…
*
if problems remain, tell us exactly what you did so far, and post a new Hijackthis-Log
