Hi, When recently logging in i noticed a request from my firewall to the local host 127.0.0.1 to 127.0.0.1 from port 49391 to 12080

File Name: 59553781-e898-4685-8ef1-30444b49dfef.exe
Location: [DISKPATH]:\Windows\Temp
Behaviour The file disappeared and vanished after i blocked the connection.
It seemed strange and when i started to look for the file it claimed i didnt have permission to look for it. Im very worried about this odd file which showed up.

Hopefully its something simple, I did search for it however it seems to have no orgin.

Hope you guys can help.

Thanks
Oliver

Just wondering if anyone knows anything about this exe. or even if dfef.exe is a bad file?

Anything you can do to assist would be most greatful.

Kind Regards
Oliver

Behaviour The file disappeared and vanished after i blocked the connection.

file info, try google search

http://forum.avast.com/index.php?topic=116530.msg904415;topicseen#msg904415 similar to this

Hi there, I have spoken to Avast Tech support, They have advised running CCleaner and ASWBoot to see whats going on, Have discovered a corrupt Zip file and am investigating further.

Just want to thank everyone for the quick turn around time, Its pretty awesome!

To me it does not appear bad, if it was you would be showing some symptoms… The other thread appears to have had an Avast emergency update about then

Hi, Was it around 7:30 pm GMT? If so i may have been having an emergency update.

Hmm I didn’t have one… But, then emergency updates are only if it finds a fault with one of the Avast files

ive been looking at the event viewer and we did have 1 error : 10 today reported on the WMI.

Infact ive had the same error yesturday. Just was digging in more it seems Kernel-EventTracing also had an error too.

starting to get worried…

The vast majority of errors in the event log do not really mean a great deal to the average user. There are more an analysis tool for back tracking

Hey Essexboy, As i guessed Thought i might as well mention it just in case it proves critical. Anyway im going to say its solved for now as ive not seen any new attempts to activate this new exe. My suspicion is that the file its self may have come from a recent Windows Platform update.

Many Thanks Essexboy & Pondas for your help!

Kind Regards
Oliver

No probs we are here to assist

Hi, Just wanted to quickly say how things are going, Seems to be going OK however i have noticed 11 svchost.exe’s running which is pretty strange.

Ill keep monitoring to see if anything happens.

SVCHOST runs a lot of windows files so the number running is not overly important … I have 12 on windows 7

Thanks Essexboy, So theres no need to run OTL?

Oliver

Not unless you would like me to take a peek ;D

Ill keep monitoring the machine, If it crops up again ill let you know. It seems ccleaner did the trick and removed what was there. I also did a boot scan which found nothing onto ward.

Thanks for your contiuned awesome support and help!

That is why we are here ;D

Hi Im back, sorry about this. After monitoring the A/V ive noticed that the engine isnt scanning all the files. Its mainly affecting the AppData folder. I am very concerned about what could be causing this issue as it seems its transfering to local caches.