I THINK that speedtest.net has been recently compromised.
I used the site to run a speed test tonight & saw a window pop up reporting that 1file_saw.exe was running.
Following that a number of system programs & other programs were caught by my anti-virus program (AVG Free 2014) & quarantined & a number were completely deleted (i.e. not in Recycle Bin).
I ended up having to perform a system restore back to a recent date.
I tested this 3 times & the same thing happened each time.
This last time, I haven't been to the speedtest.net site & there have been no ill effects.
AVG did report that 1file_saw.exe & 2file_saw.exe were located in the C:\Users\Paul\Appdata\temp folder.
That's usually a 'hidden' folder, but I unhide those folders anyway & there they were, with very, very recent timestamps.
Performing a system restore did get rid of them though.
This is a great shame as speedtest.net is/was my favourite speed test site & I have recommended it to others in the past.
It's also unfortunate that AVG only partially caught this virus/malware.
So, make sure you have recent restore points if any of you are brave enough to risk using speedtest.net for the time being.
I did find a couple of articles mentioning that this had also happened to speedtest.net a few months ago too.
The filenames 1file_saw.exe & 2file_saw.exe weren't mentioned in the articles though.