Let's see if I can explain the things I want (english ain't my native language)
We are talking here about data traffic. Data traffic can be incomming and outgoing. Most applications are using them both. eg: a browser. You want to open a webpage so the browser sends data (outgoing), when the requisted page(site) is found it sends you the page (incomming). Nothing wrong with that, but the same goes for all aplications. So in order to find out if something is normal or not you need to know (find out) what application is causing the traffic, where it goes to and where it comes from and (if possible) what traffic it is. eg what the data content is.
At htis point, I think we better start from scratch since I got the impression you don't know much about computers and how everyhting is working (no offense!)
01) visit one of my webpages (click on the link in my signature)
02) get/install the applications mentioned there
03) Update them
04) terminate the internet connection (unplug the cable)
05) run them (after doing so your system will be clean of viruses, spy-/adware and such)
06) Clean/remove everything harmfull things they find
07) Reboot
08) remove the firewall
09) reboot
10) install the firewall
11) plug back in to the internet
12) if the firewall asks if something is allowed, find out what exactly it is that is asking permission before saying yes/no
If you follow these steps, all traffic that still takes place should be 'normal' (not harmfull) I know I am asking a lot, but I truly believe this is what you should do at this point.