When I went to check my norton logs this afternoon, I noticed I had a firewall entry regarding windows\explorer.exe accessing the internet.

Firewall rules were automatically created for Windows Explorer.

Windows Explorer

C:\Windows\explorer.exe

No Action Required

Automatically Create rules

"pc name" (192.168.X.X.) 56778

Outbound TCP, www-http

A quick glance at SANS reveals spikes in usage for port 56778 every 4-5 days or so, behavior like this is not unlike what a trojan/keylogger would engage in. I realize this isn't the first time I've posted here regarding a similar issue, and that Windows Explorer is a necessary component,  but this entry was just a bit too alarming to ignore.