Customer Service - Our No. 1 Priority since 1993

¤   Home   ¤   About Us   ¤   Contact Us   ¤   Business Opportunities   ¤   Investment Opportunities   ¤   Our Portals   ¤

Telephone - INT+65-6299-6007
Fascimile - INT+65-6298-1324
Email - sales@online.com.sg

Internet Related Services
  • Web Hosting
  • e-Commerce Hosting
  • Payment Gateway
  • Database Server Hosting
  • Turnkey Solutions
  • E-mail Services
  • Internet Promotions
  • Portal Developments
  • Leased Lines Access

    • Non-Internet Services
  • Data Communication
  • IT Automation/Networking
  • IT Maintenance
  • IT Project Management
  • IT Consultation
  • Corporate Messaging
  • Network Faxing

    • Others
  • System Status
  • Security Alerts

    		• This section is applicable only to Online Technology's IT maintenance clients. We do not offer support to non IT-maintenance clients.
    Security Alert
    Mass Mailing Worm - WORM_MYPARTY.A
    Alert Code - Alert Amber

    There is a new mass-mailing worm, which arrives as an e-mail with the subject line ‘new photos from my party’.

    The email claims to contain the URL to a Web page containing pictures of a friend’s party. However what appears to be the URL www.myparty.yahoo.com is in fact an executable attachment capable of infecting a local machine with a copy of the virus. The actual URL does not exist.

    The worm is UXP compressed, and when it is opened, it copies itself to the C:\Recycled\regctrl.exe and executes that file. It then uses the victim’s default SMTP mail server to send itself out to all the addresses in the victim’s Windows Address Book and addresses in .DBX files.

    Release: [29 January 2002 / 0745hrs]
    More Viruses, Trojans, Worms..

    There are several new offenders spreading. Below summarized the offenders and what they do:

    W32.Anset.Worm
    Alert Code - Alert Amber

    Dubbed "Anset". You will receive an email with the subject line "ANTS Version 3.0" and contains the following content:
    "Attached you will find the brand new Version 3.0 of ANTS, the unique freeware Trojan scanner. To install ANTS simply run the attached setup file."

    Mails copies of itself via Outlook, and makes a copy in the root Windows installation folder. Saves its code in a randomly generated filename.

    Has the ability to communicate with mail servers directly rather than relying on Outlook's mail-transfer capabilities.


    W32.Nimda.E@mm
    Alert Code - Alert Amber

    New version of W32.Nimda.A@mm. Contains bug-fixes and other modifications designed to prevent detection of this variant by AV software.

    Differences from the original version includes:

  • Attachment has been changed to "sample.exe"
  • Dropped .dll file is now "httpodbc.dll"
  • Copies itself to \windows\system folder as "csrss.exe" instead of "mmc.exe".


    W32.Klez.A@mm or W32.Poverty.A@mm
    Alert Code - Alert RED ** Malicious **

    Another mass-mailing email worm. Attempts to copy itself into folders on both your local machine and network drives.

    Exploits a vulnerability in MS Outlook and Outlookg Express, so it will try to open itself when you open or even preview the message.

    Information and patch for this vulnerability can be found at:
    http://www.microsoft.com/technet/security/bulletin/MS01-020.asp

    It also inserts the virus W32.ElKern.3326, and W32.ElKern.3326 can also infect W32.Klez.A@mm.

    Executes its payload on the 13th of every month. This will cause files on local and mapped network drives to be zero bytes in size.


    W32.ElKern.3326
    Alert Code - Alert RED ** Malicious **

    Infects files over shared/mapped drives/directories. Will also try to infect all executables in the \windows\system folder.

    Windows NT/200 users - this virus will crash when first activated
    Windows 9x users - if you have mapped network shares that is write-protected, this virus will crash your computer after a short period.

    Some files that become infected with this virus will not change in size.


    Please contact your Online Technology account manager or system engineer for assistance if you are hit by the above offenders.

    • Release: [30 October 2001 / 0720hrs]
    Win32.Vote.A@mm
    This is another trojan that is spreading like crazy all over the world.

    Due to the malicious nature, we are rating it Alert RED.

    The trojan spreads itself by e-mails with the following details:

    Subject: Peace Between America and Islam
    Message Body: Hi! iS iT A waR Against AmeriCa Or IsLam! Let’s Vote To Live in Peace!
    Attachment: WTC.EXE

    What it does:

  • Delete files from your anti-virus directory
  • Installs the trojan into your system
  • Modifies your Internet Explorer start-up page to reflect "Few Days WiLL Show You What We Can Do !!! It's Our Turn >>> ZaCkEr is So Sorry For You."
  • Sends itself out to all your email address book entries
  • Modifies your autoexec.bat file to format your harddisk the next time you start your machine.

    Our recommendation is NOT to open the e-mail at all. By not opening attachments does not solve your problem completely! This habit applies to all emails, not only for this trojan!

    If you are facing the signs described above, please do not switch off your machine and contact your Online Technology account manager or system engineer for assistance.

    • Release: [25 September 2001 / 0600hrs]
    Mass Mailing Worm - W32.Nimda.A@mm
    Last Minute Additions: Nimba has been upgraded to Alert RED.

    Nimda (reverse order - Admin), also known as W32.Nimda.A@mm (Aliases: W32.Nimda.A@mm, Code Rainbow, Minda) is a new mass mailing worm that uses multiple methods to spread itself.

    If you receive an email with the file attachment as "README.EXE", DO NOT OPEN IT, chances of it being the worm is extremely high!

    This worm has began propagating itself across the Internet, slowing several networks across USA, Europe and certain parts of Asia, to a crawl.

    We are rating it Alert Amber, due to the multiple methods it uses to propagates, it will be in no time that it spreads like wildfire.

    If you are experiencing problems using your Internet browser or accessing your e-mail, please contact your Online Technology account manager or system engineer for assistance.

    Release: [19 September 2001 / 0900hrs]
    "Offensive" Trojan
    It has been reported that a Trojan that uses ActiveX is lurking on the Internet. It could either arrive via email or from websites you visit.

    When open, you will see a display showing a button that says "Start". When pressed, the trojan will severly damage your Windows Operating System. When affected, you will not be able to shut down Windows, no icons will be visible on your desktop, no programs will execute/run and you cannot work around even in Safe Mode.

    You can work around this trojan by disabling ActiveX on your web browser or selectively accepting ActiveX components on sites you are not sure of.

    Due to the malicious nature of this Trojan, we are ranking it Alert Amber. It is not wildly spreaded yet, but please exercise caution.

    If this trojan has hit your systems, please contact your Online Technology account manager or system engineer for assistance.

    Release: [26 August 2001 / 0700hrs]
    SirCam Virus/Worm
    This virus is reported to be on the wild, affecting hundreds of thousands of machines worldwide. We have upgraded the this virus to Alert RED.

    If this virus has hit your systems, please contact your Online Technology account manager or system engineer for assistance.

    Release: [23 July 2001 / 0700hrs]
    W32/Parrot-A
    Rated AMBER. Do not open attachments with "parrot.scr" in it. It should be a virus/worm.

    If this virus has hit your systems, please contact your Online Technology account manager or system engineer for assistance.

    Release: [31 July 2001 / 0700hrs]


    v6.0 look'n'feel - contents updated 23 March 2007 © Copyright 1996-2008 Online Technology. All Rights Reserved.