By chance, I've just noticed a strange file which has been allowed firewall access in my Network Applicaions list in Secure Anywhere (188.8.131.52).
It's called sd7sfnzj.exe.part, which was apparently in my %TEMP% folder. This looks suspiciously like malware to me. I realise that .part files are Firefox download files, but I don't normally used Firefox's own download manager, and I wouldn't expect it to be executing .part files anyway.
The file is no longer present, and I can't find any reference to it if I save and examine a scan log. I've run a few checks with various AV tools, none of which reported anything.
Webroot did block a couple of websites yesterday when I searched for thunderbird in Google - it was complaining about some sites at rediff.com. Could this be the source of the trouble?
Can you shed any light on why there is seemingly no log of this .part file having been examined by Webroot, but it is an allowed network application? Does this mean that it was blocked before actually running?
Best answer by MikeRView original