Well, I have the same issue. Except I have outgoing TCP requests.
Every 10 minutes or so I get a pop up message "Spygate RAT Activity detected"
Ever since I tried installing an application I probably shouldn't had.
Following is an extract from my log file. I changed the user name & domain.
289 6/11/2014 5:26:24 PM Intrusion Prevention Critical Outgoing TCP 54.69.32.99 00-00-00-00-00-00 10.0.0.13 AC-7B-A1-B2-11-73 C:\Windows\System32\svchost.exe USER DOMAIN HOME DOMAIN Offline 1 6/11/2014 5:25:22 PM 6/11/2014 5:25:22 PM [SID: 27950] System Infected: Spygate RAT Activity detected.
The IP address 54.69.32.99 = nginx. Nginx (pronounced engine-x) is a free, open-source, high-performance HTTP server and reverse proxy
A scan using Symantec Endpoint Protection does not find any problem.
A scan using Malwarebytes also finds no problems.
I would greatly appreciate any help in cleaning this malware.