Possible Infection
gwinters
Newbie

I received an email today purporting to be from Verizon. The attached ZIP file is for a program named "balancechecker.exe"

The sender server appears to be in Mexico, based on a WhoIs of the sending IP address.

(No, I didn't run it.) McAfee is inconclusive.

Any experience?

Tags (1)
0 Likes
Re: Possible Infection
gwinters
Newbie

Symantec identified this "balancechecker.exe" file as (containing) the Downloader.Ergrun, a trojan which will download malware from various sites. McAfee didn't detect it (with most current signatures). Other antivirus products may detect it and identify it with another name.

The file is clearly not from Verizon, and should not be opened.

0 Likes
Re: Possible Infection
ElizabethS
Moderator Emeritus

Thank you for posting the follow up, gwinters. I'm sure it will be of some help to others. Smiley Happy

0 Likes