又回了2封
Dear customer,
Thank you for emailing CA Security Advisor.
This is to notify you of the results of your submission, issue number
1057283. Please keep this issue number for future reference.
Please see below for the final results of our analysis of your file
submission.
We successfully received the following files:
FILE SIZE CONCLUSION
------------------------------------------------------------------------
mailpart1 168 confirmed clean
------------------------------------------------------------------------
vip.zip 174732 clean
------------------------------------------------------------------------
Netijo.dll 53760 malware
------------------------------------------------------------------------
scrsys16_070806.dll 25088 malware
------------------------------------------------------------------------
vip.exe 26624 malware
------------------------------------------------------------------------
winsys32_070806.dll 183296 malware
------------------------------------------------------------------------
EMAILS TO VIRUS@CA.COM SHOULD BE FOR SAMPLE SUBMISSIONS ONLY. ALL OTHER
INQUIRIES SHOULD BE BROUGHT TO THE ATTENTION OF OUR CUSTOMER SUPPORT
TEAM AT
HTTP://SUPPORTCONNECT.CA.COM
INSTRUCTIONS ON HOW TO PROPERLY SUBMIT SAMPLE FILES FOR INVESTIGATION
ARE AVAILABLE AT
HTTP://WWW3.CA.COM/SECURITYADVIS ... ERAL.ASPX?CID=33514
This automated scanning service "Virtue" complements our regular
technical support service. It is not a replacement for it. For
technical support please visit http://www.ca.com/about/support.htm.
If you would like to comment on the quality of this automated service,
please send your suggestion to virtue.feedback@ca.com .
CA Security Advisor
------------------------------------------------------------------------
For the latest security advisories, including detailed analysis of the
latest vulnerabilities, viruses, trojans, worms and spyware, and for
complete information on how to protect yourself or your organization,
please visit
http://www.ca.com/securityadvisor
FILE
------------------------------------------------------------------------
mailpart1
------------------------------------------------------------------------
The ASCII Plain Text file "mailpart1" has been determined to be clean.
Our researchers have analyzed the file and found nothing suspicious.
Researcher comment:
This file is a message part, i.e. a forwarded e-mail attached.
FILE
------------------------------------------------------------------------
vip.zip
------------------------------------------------------------------------
The PkWare Zip Archive file "vip.zip" has been determined to be clean.
For the results of files contained please see below.
FILE
------------------------------------------------------------------------
Netijo.dll
------------------------------------------------------------------------
The Windows PE (I386,DLL) file "Netijo.dll" has been determined to be
malicious.
Aliases reported by other AV products are listed here:
(Trojan-PSW.Win32.WOW.ro)
CA products address this malware as follows:
--------------------------------------------
CA Anti-Virus
We will inform you by email ASAP when we have a signature update
available providing detection.
FILE
------------------------------------------------------------------------
scrsys16_070806.dll
------------------------------------------------------------------------
The Windows PE (I386,DLL) file "scrsys16_070806.dll" has been
determined to be malicious.
Aliases reported by other AV products are listed here:
(Trojan-Spy.Win32.Agent.pn) (W32.Hitapop)
CA products address this malware as follows:
--------------------------------------------
CA Anti-Virus
We will inform you by email ASAP when we have a signature update
available providing detection.
FILE
------------------------------------------------------------------------
vip.exe
------------------------------------------------------------------------
The Windows PE (I386,EXE) file "vip.exe" has been determined to be
malicious.
Aliases reported by other AV products are listed here:
(W32/Autorun.worm.b) (W32.SillyFDC)
CA products address this malware as follows:
--------------------------------------------
CA Anti-Virus
We will inform you by email ASAP when we have a signature update
available providing detection.
FILE
------------------------------------------------------------------------
winsys32_070806.dll
------------------------------------------------------------------------
The Windows PE (I386,DLL) file "winsys32_070806.dll" has been
determined to be malicious.
Aliases reported by other AV products are listed here:
(Trojan-Spy.Win32.Agent.pn)
CA products address this malware as follows:
--------------------------------------------
CA Anti-Virus
We will inform you by email ASAP when we have a signature update
available providing detection.
========================================================================
Dear customer,
Thank you for emailing CA Security Advisor.
This is to notify you of the results of your submission, issue number
1057285. Please keep this issue number for future reference.
We have successfully received the following files, and present to you
our preliminary findings based on automated analysis:
FILE SIZE CONCLUSION
------------------------------------------------------------------------
mailpart1 321
------------------------------------------------------------------------
vip.zip 174732 clean
------------------------------------------------------------------------
Netijo.dll 53760 malware
------------------------------------------------------------------------
scrsys16_070806.dll 25088 malware
------------------------------------------------------------------------
vip.exe 26624 malware
------------------------------------------------------------------------
winsys32_070806.dll 183296 malware
------------------------------------------------------------------------
You are receiving this message because you have either contacted our
support team, or submitted a file directly to Virtue - Computer
Associates automated virus scanning, information, replication and
tracking system.
Virtue is available 24 hours a day, 7 days a week and is used by our
Researchers to assist them in the process of malware and spyware
classification. For more information about Virtue, please visit
http://www3.ca.com/securityadvis ... eral.aspx?CID=53725
EMAILS TO VIRUS@CA.COM SHOULD BE FOR SAMPLE SUBMISSIONS ONLY. ALL OTHER
INQUIRIES SHOULD BE BROUGHT TO THE ATTENTION OF OUR CUSTOMER SUPPORT
TEAM AT
HTTP://SUPPORTCONNECT.CA.COM
INSTRUCTIONS ON HOW TO PROPERLY SUBMIT SAMPLE FILES FOR INVESTIGATION
ARE AVAILABLE AT
HTTP://WWW3.CA.COM/SECURITYADVIS ... ERAL.ASPX?CID=33514
This automated scanning service "Virtue" complements our regular
technical support service. It is not a replacement for it. For
technical support please visit http://www.ca.com/about/support.htm.
If you would like to comment on the quality of this automated service,
please send your suggestion to virtue.feedback@ca.com .
CA Security Advisor
------------------------------------------------------------------------
For the latest security advisories, including detailed analysis of the
latest vulnerabilities, viruses, trojans, worms and spyware, and for
complete information on how to protect yourself or your organization,
please visit
http://www.ca.com/securityadvisor
FILE
------------------------------------------------------------------------
mailpart1
------------------------------------------------------------------------
This file is being analyzed by our researchers. We will inform you of
their findings as soon as the analysis is complete.
FILE
------------------------------------------------------------------------
vip.zip
------------------------------------------------------------------------
The PkWare Zip Archive file "vip.zip" has been determined to be clean.
For the results of files contained please see below.
FILE
------------------------------------------------------------------------
Netijo.dll
------------------------------------------------------------------------
The Windows PE (I386,DLL) file "Netijo.dll" has been determined to be
malicious.
Aliases reported by other AV products are listed here:
(Trojan-PSW.Win32.WOW.ro)
CA products address this malware as follows:
--------------------------------------------
CA Anti-Virus
We will inform you by email ASAP when we have a signature update
available providing detection.
FILE
------------------------------------------------------------------------
scrsys16_070806.dll
------------------------------------------------------------------------
The Windows PE (I386,DLL) file "scrsys16_070806.dll" has been
determined to be malicious.
Aliases reported by other AV products are listed here:
(Trojan-Spy.Win32.Agent.pn) (W32.Hitapop)
CA products address this malware as follows:
--------------------------------------------
CA Anti-Virus
We will inform you by email ASAP when we have a signature update
available providing detection.
FILE
------------------------------------------------------------------------
vip.exe
------------------------------------------------------------------------
The Windows PE (I386,EXE) file "vip.exe" has been determined to be
malicious.
Aliases reported by other AV products are listed here:
(W32/Autorun.worm.b) (W32.SillyFDC)
CA products address this malware as follows:
--------------------------------------------
CA Anti-Virus
We will inform you by email ASAP when we have a signature update
available providing detection.
FILE
------------------------------------------------------------------------
winsys32_070806.dll
------------------------------------------------------------------------
The Windows PE (I386,DLL) file "winsys32_070806.dll" has been
determined to be malicious.
Aliases reported by other AV products are listed here:
(Trojan-Spy.Win32.Agent.pn)
CA products address this malware as follows:
--------------------------------------------
CA Anti-Virus
We will inform you by email ASAP when we have a signature update
available providing detection.
========================================================================
[ 本帖最后由 woai_jolin 于 2007-8-11 20:11 编辑 ] |
发表于 2007-8-11 19:15:24
发表于 2007-8-11 19:24:18
楼主
