JS/TrojanDownloader.Pegel.BR

Discussion in 'ESET NOD32 Antivirus' started by JH99, Jun 11, 2010.

Thread Status:
Not open for further replies.
  1. JH99

    JH99 Registered Member

    Joined:
    May 13, 2008
    Posts:
    5
    For several days my NOD32's POP3 filter has been detecting incoming emails as having the a "JS/TrojanDownloader.Pegel.BR trojan". I've rarely gotten any infected emails, but now I'm getting 20+ per day. I don't see any reports indicating that this is an internet-wide phenomenom, so I'm wondering if I've been infected with something else that's publishing my email addresses (multiple addresses). I also can't find this trojan listed in ESET's knowledgebase. What is it?

    Should I be concerned, or is everyone getting hit with this thing?

    Thanks
     
  2. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,905
    Location:
    U.S.A.
  3. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    sound more like either your email is on a spammer's list or most probably somebody who has your email address stored got infected and is spreading now. but your email provider should pick it up in the first place, unless you run your own email server
     
  4. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    There was a window when the common spam processors (Spam Assassin, Barracuda) weren't filtering this one. There's nothing wrong with your system, everything worked as it should.
     
  5. JH99

    JH99 Registered Member

    Joined:
    May 13, 2008
    Posts:
    5
    Thanks JRViejo. I hit that page when I Googled TrojanDowloader.Pegel, but the page is for "Wins32/Netsky.Q Worm". Where do I look to see that the two are related?
     
  6. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
  7. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,905
    Location:
    U.S.A.
    JH99, SmackyTheFrog is correct, with the link being relative to a current threat.

    The link I provided was for Pegel.BR that day and that's why you see it differently today.

    Perhaps this Month Analysis for 2010/06 will offer a better picture, with Pegel.BR residing in the top 10 for the month of June.
     
Thread Status:
Not open for further replies.