Whenever and always as I open my "MSN EXPLORER" browser, my "Prevx Home" gives me the following "Intrusion Warnings":
_______
1) The application msn is trying to READ, DELETE the protected file/directory
C:\PROGRAM FILES\MSN\MSNUPDATE!@#@.EXE
2) The application msn is trying to DELETE the protected file/directory
C:\PROGRAM FILES\MSN\MSNUPDATE!@#@.EXE
______
, which I can either Allow or Deny !
_______
By the way "Prevx Home" explains:
"" Install Attempt (*.exe)
This is due to a protected file or directory in the Program Files directory being modified. Windows updates and software installations/configurations may modify these files. If you are not installing or updating any programs, then this may be malicious activity. ""
_______
I allow each time, the "DELETE" of this file (MSNUPDATE!@#@.EXE) to happen, because it:
1) has a strange name, nowhere in Google to be found.
2) I cannot under any circumstances find it in my PC (in
the above directory and Avast shows no
virus/worm there either).
3) It is known that a worm called
"Backdoor.Win32.Codbot.z" hides in the same
directory in "msnupdate.exe" and has
the following capabilities:
"# Allows others to access the computer
# Downloads code from the Internet
# Reduces system security
# Installs itself in the Registry
# Exploits system or software vulnerabilities "
________
By the way my PC was under control of a hacker for 2 months by two trojans (now removed) but I still see suspicious periodic escape of bytes, when I'm online.
________
Now my questions:
Am I taking the correct action by "Allow"ing the "application msn" to "DELETE" it??
And why is this file nowhere to be found (also in hidden files)?
________
Thanks a lot for your explanation & recommendations!
