Investigate your network places. Investigate events logs. Investigate startup programs. HiJackThis (HJT) is an excellent tool for this.
There are plenty of fake alerts. I would have expected your description to have implicated a browser. If your AV and/or FW protection is current, there is a small risk to inspecting the certificate to further analyze the source.