An Accepted Solution is available for this post.
Possible Infection
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I received an email today purporting to be from Verizon. The attached ZIP file is for a program named "balancechecker.exe"
The sender server appears to be in Mexico, based on a WhoIs of the sending IP address.
(No, I didn't run it.) McAfee is inconclusive.
Any experience?
2 Replies
An Accepted Solution is available for this post.
Re: Possible Infection
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Symantec identified this "balancechecker.exe" file as (containing) the Downloader.Ergrun, a trojan which will download malware from various sites. McAfee didn't detect it (with most current signatures). Other antivirus products may detect it and identify it with another name.
The file is clearly not from Verizon, and should not be opened.
An Accepted Solution is available for this post.
Re: Possible Infection
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for posting the follow up, gwinters. I'm sure it will be of some help to others.