Windows Explorer (explorer.exe) is trying to connect to updates.ms-windows.net [66.98.166.103] using remote port 80
This happens every time I try to start explorer to simply browse files on my hard drive. I block it, but I have this 5-10 second lag time everytime this happens. I'm NOT happy about that solution as I spent a lot getting this machine built and it is fast in all other respects.
Unfortunately, the first time I got the Sygate warning I let it connect. That was about a week or so ago. I then noticed some other funny things going on where all of the sudden my mouse pointer jumps to another part of my screen when I'm using it. (As if someone had remotely taken control for a split second.) Also, just prior to this post I kept getting errors when I tried to drag and drop files into directories. The files did copy but also remained where I'd dragged them from.
I did a whois on the IP above and it doesn't look like microsoft to me. I also can't get to that site in a browser. (As if it didn't exist)
I did updates and ran my AVG virus software, spybot search and destroy and adaware. They all came back ok.
I use firefox and have no problems with that but interestingly when I tried Intenet Explorer it tries to connect to that site too according to Sygate. I went ahead and let it connect and I didn't notice anything happen. I just ended up at msn.com.
I suspect trojan, virus, worm, spyware is the problem but am at a lose after searching the web about explorer trying to connect to things. Only solution I found was to block it but again, it's frustrating WAITING for it to finish trying to connect before I can move through directories.
I downloaded hijackthis and will follow an experts instructions. I would very much appreciate anyones help with this. I'd hate to have to reinstall my OS. Meanwhile here are the results of my whois on the suspect IP above:
Search results for: 66.98.166.103
OrgName: Everyones Internet, Inc.
OrgID: EVRY
Address: 390 Benmar
Address: Suite 200
City: Houston
StateProv: TX
PostalCode: 77060
Country: US
NetRange: 66.98.128.0 - 66.98.255.255
CIDR: 66.98.128.0/17
NetName: EVRY-BLK-14
NetHandle: NET-66-98-128-0-1
Parent: NET-66-0-0-0-0
NetType: Direct Allocation
NameServer: NS1.EV1.NET
NameServer: NS2.EV1.NET
Comment:
RegDate: 2003-07-02
Updated: 2004-02-06
TechHandle: RW172-ARIN
TechName: Williams, Randy
TechPhone: +1-713-579-2850
TechEmail: [email protected]
OrgAbuseHandle: ABUSE477-ARIN
OrgAbuseName: ABUSE
OrgAbusePhone: +1-713-579-2850
OrgAbuseEmail: [email protected]
OrgNOCHandle: NOC1445-ARIN
OrgNOCName: NOC
OrgNOCPhone: +1-713-579-2850
OrgNOCEmail: [email protected]
OrgTechHandle: RW172-ARIN
OrgTechName: Williams, Randy
OrgTechPhone: +1-713-579-2850
OrgTechEmail: [email protected]
OrgTechHandle: VST3-ARIN
OrgTechName: Stinson, Valarie
OrgTechPhone: +1-713-579-2850
OrgTechEmail: [email protected]