 |
| We will keep you updated on the latest progress of our
service level. |
 |
|
|
|
|
Announcement |
|
|
30th.
July 2003
Subject : Upgrading of e-mail system.
We are proud to
announce that we have successfully upgraded our mail
servers hardware and software to serve you better. New
improvement include:
01. Our new mail server are now equipped with Dual Xeon
2.4 processor, 1GB RAM and dual 36GB SCSI hard drive.
02. Ipswitch Mail server upgrade from Ver 7.15 to 8.0.
Some of the benefit include, enhanced security validation,
anti-spamming mechanism and enhanced mail queue system
03. We have also added a new Linux mail server. Now client
will have a choice of hosting their email either on
Windows 2000 or Linux platform.
In view of the recent SMTP policy changed, we have
enhanced all emails sending from our SMTP server will
required authentication.
We trust that with the enhancement above, we have
increased the level of reliability of the mail systems.
|
|
|
 |
|
|
19th.
May 2003
Subject : W32/Fizzer@mm Spreading At Extreme Pace
You are probably
aware now about the new worm/virus W32/Fizzer in
town. Have you been bombarded with virus email? Is your PC
infected? Or have you been bombarded with virus
notification mail?
W32/Fizzer@mm was first discovered on the 8th of May but
did not gain wide distribution until early this week. It
seems now to be reaching such a wide distribution that
computer users should be even more careful about unknown
emails and attachments than before. Do make sure that you
have latest version of anti virus using virus signature
files from the 15th of May or later to detect
W32/Fizzer@mm.
No worry, our network/mail servers here at WebServer
are all virus protected, we have a schedule to download
new virus patterns from our suppliers everyday and as soon
as we received the most updated virus pattern from our
suppliers, we applied it to all our mail servers, almost
immediately, to make them virus free/safe.
If you suspect your PC may be infected, it is important to
act fast by quickly disconnecting your PC/network from the
internet, updated your virus pattern/anti-virus software
and clean up all internet PC first before connecting to
the internet again. Protect your
network and at the same time stop the spreading of the
virus.
About the virus notification mail, do not be alarm. Most
network/mail servers are virus protected hence when the
server detect any virus email, server will delete it and
send out two notification mail, one to sender and one to
receiver, informing both parties about the virus mail.
Some people may not appreciate
the notification mail but is important/necessary to inform
both sender and recipient about the virus mail and we are
sure that many people do like to have such virus
notification email features.
If you have been accused of sending virus email when you
are sure that your PC/network are virus free, well... that
virus email may not have come from your domain @yourdomainname.com
at all, but from people with PC still infected with virus
who happen to have email addresses of your domain on their
PC (mail address book, ICQ database, local files... etc)
and will create and send out emails using your domain
email account name! Any PC infected with virus will
contribute to the propagation of the virus mail.
Method of Infection - W32/Fizzer.A
This worm spreads via KaZaa and email, mass-mailing itself
to many addresses and sometimes forging the sender
address. It is received as an executable attachment and
requires users to "double-click" on the virus in order to
get infected. The worm stores various compressed
information in its resource section. This information can
vary from sample to sample resulting in different lengths
of infected files. The virus injects its ISERVC.DLL file
into each process that is run after infection occurs.
Prior to the deletion of this DLL, it must be unloaded.
The 4.2.40 engine is required for repair of this threat.
If a file called UNINSTALL.PKY exists in %WINDIR%, the
worm does not infected the machine. The content of this
file does not matter.
Symptoms - W32/Fizzer.A
- Unexpected traffic on port 6667 (IRC) or 5190 (AIM)
- Presence of the aforementioned filenames and registry
keys
Manual Removal Instructions - W32/Fizzer.A
To remove this virus, please follow these steps:
1. Reboot the system into Safe Mode (hit the F8 key as
soon as the Starting Windows text is displayed, choose
Safe Mode)
2. Delete the following files from your WINDOWS directory
(typically c:\windows or c:\winnt)
• initbak.dat
• iservc.exe
• ProgOp.exe
• iservc.dll
3. Edit registry
• Under the key: "HKEY_CLASSES_ROOT\txtfile\shell\open\command"
• Set the value to "NOTEPAD.EXE %1"
• Delete the "SystemInit" value from
• "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run"
• Delete the key "HKEY_CLASSES_ROOT\Applications\ProgOp.exe"
• Delete the key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\S1TRACE"
4. Reboot the system
For more information - W32/Fizzer.A
Please see these websites for more information regarding
this new updated virus pattern...
http://vil.nai.com
http://www.f-prot.com
http://securityresponse.symantec.com
|
|
|
|
|
|
|
