Whenever and always as I open my “MSN EXPLORER” browser, my “Prevx Home” gives me the following “Intrusion Warnings”:
-
The application msn is trying to READ, DELETE the protected file/directory
C:\PROGRAM FILES\MSN\MSNUPDATE!@#@.EXE -
The application msn is trying to DELETE the protected file/directory
C:\PROGRAM FILES\MSN\MSNUPDATE!@#@.EXE
, which I can either Allow or Deny !
By the way “Prevx Home” explains:
“” Install Attempt (*.exe)
This is due to a protected file or directory in the Program Files directory being modified. Windows updates and software installations/configurations may modify these files. If you are not installing or updating any programs, then this may be malicious activity. “”
I allow each time, the “DELETE” of this file (MSNUPDATE!@#@.EXE) to happen, because it:
- has a strange name, nowhere in Google to be found.
- I cannot under any circumstances find it in my PC (in
the above directory and Avast shows no
virus/worm there either). - It is known that a worm called
“Backdoor.Win32.Codbot.z” hides in the same
directory in “msnupdate.exe” and has
the following capabilities:
"# Allows others to access the computerDownloads code from the Internet
Reduces system security
Installs itself in the Registry
Exploits system or software vulnerabilities "
By the way my PC was under control of a hacker for 2 months by two trojans (now removed) but I still see suspicious periodic escape of bytes, when I’m online.
Now my questions:
Am I taking the correct action by "Allow"ing the “application msn” to “DELETE” it??
And why is this file nowhere to be found (also in hidden files)?
Thanks a lot for your explanation & recommendations!