I don’t seem to have problems but I found some suspicious files. It began when I did a regular scan with MBAM which found a file called “nengine.dll”: trying to understand how I got that file I searched for other files created the same day, 16th of February 2014, and among them there are:
-
in “All Users\Dati applicazioni\AVAST Software\Avast” there is a text file called “clickstream”: is it normal?
-
in “Administrator\Impostazioni locali\Dati applicazioni\cache” (impostazioni locali = local settings) there is a folder called “data7” with 16 subfolders (called “0”, “1”… “a”, “b”…) with inside several files with “d” extension (for example “2agp4wlp.d”); I’ve read that they may be related to Java.
-
in “Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\bzwsme3g.Andrea” there is a folder called “nspdl” and inside a “fav-groups” file, a “favs##c1280528f64875c6873cab32319d72cb” file and a “fav_thumbs” folder with inside 10 files with long cryptic names.
Then I did a scan with AdwCleaner and it found “user.js” (created the same day of the previous ones) in “Administrator\Dati applicazioni\Mozilla\Firefox\Profiles\bzwsme3g.Andrea” and it removed it. It also found “prefs.js” in the same folder but it didn’t remove it (but I can do it manually). I’ve noticed that AdwCleaner finds it even if I personally create a new prefs.js file and put it in that folder. Maybe it’s a false positive? I also noticed in the file’s properties that its creation date changes when using Firefox but maybe it’s normal.
Maybe I’ve nothing but I think that these files created the same day (and similar hour for some) are kinda suspicious.