þ¨½Â ¨ÅÃ…¤¸Ç¢ý ¦¾¡ø¨Ä ¾¡í¸ ÓÊÂÅ¢ø¨Ä. Á¢ýÉïºø ãÄõ «ýÈ¡¼õ ±ÁìÌ ÅÕõ ¨Åʸ¨Çì ¸¡Å¢ÅÕõ Á¢ýÉïºø¸¨Çò ¾¡ý ÜÚ¸¢ý§Èý. ±ÁìÌ «ýÈ¡¼õ ¬Â¢Ã츽츢ø ¨Åʸ¨Çò ¾¡í¸¢ Á¢ýÉïºø¸û ÅÕ¸¢ýÈÉ. ±ÁÐ þ¨½Âò ¾Çò¾¢ý Á¢ýÉïºø Ó¸Åâ ±ÁÐ ¾ÇòÐìÌ ÅÕ¨¸ ¾Õõ Å¡º¸÷¸Ç¢ý ¸½¢É¢¸Ç¢ø þÕôÀ¾¡ø «Å÷¸ÇÐ ¸½¢É¢¸û §ÁüÀÊ Á¢ýÉïºø ¨Åʸǡø À¡¾¢ì¸ôÀÎõ ºÁÂí¸Ç¢¦ÄøÄ¡õ «ì¸½¢É¢¸Ç¢Ä¢ÕóÐ ´ù¦Å¡Õ¿¡Ùõ ¬Â¢Ã츽츢ø ¨Åʸټý ÜÊ Á¢ýÉïºø¸û ÅÕ¸¢ýÈÉ. þò¾¨¸Â ¨Åʸû ¾Õõ þý¦É¡Õ þ¨¼ïºø ±ýɦÅýÈ¡ø ¯í¸û Á¢ýÉïºø Ó¸Åâ¢ĢÕó§¾ ¯í¸ÙìÌõ ÁüÈÅ÷¸ÙìÌõ ¨Åʸټý ÜÊ Á¢ýÉïºø¸û ÅÃÄ¡õ. ¯í¸û ¸½¢É¢ ¨ÅÃ…¡ø À¡¾¢ì¸ô À¼¡ÁÄ¢Õó¾¡Öõ, À¡¾¢ì¸ô Àð¼ ¸½¢É¢¦Â¡ýÈ¢ø ¯í¸û Ó¸Åâ þÕìÌõ Àðºò¾¢ø þÐ º¡ò¾¢ÂÁ¡¸¢ýÈÐ. º¢Ä §Å¨Ç¸Ç¢ø þò¾¨¸Â Á¢ýÉïºø ¨Åʸû ÀÄ §¾¨ÅÂüÈ þì¸ð¼¡É ¿¢¨Ä¸¨Ç ¯í¸ÙìÌ ²üÀÎò¾¢ Å¢¼Ä¡õ. ¯¾¡Ã½Á¡¸ 'I Love You' ±ýÚ ÜȢ즸¡ñÎ ÅÕõ ¨ÅÊ ¾¡í¸¢ ÅÕõ Á¢ýÉïºø¸û ¯í¸ÙìÌ ¦¾Ã¢ó¾ Á⡨¾ìÌâ ¿À÷¸ÙìÌî ¦ºýÚ Å¢¼Ä¡õ. ÀÄÕìÌ þó¾ Á¢ýÉïºø ¨Åʸû ÀüȢ §À¡¾¢Â «È¢× þøÄ¡¾¢ÕôÀ¾¡ø º¢Ä §Å¨Ç¸Ç¢ø «Å÷¸û À¢¨Æ¡¸ ¿£í¸û ¾¡ý §ÅñΦÁý§È «Å÷¸ÙìÌ ¨Åʸ¨Çò ¾¡í¸¢Â Á¢ýÉïºø¸¨Ç «ÛôÒž¡¸ì ¸Õ¾¢ Å¢¼Ä¡õ. ±É§Å þò¾¨¸Â Á¢ýÉïºø ¨Åʸ¨Çô ÀüȢ , ¦À¡ÐÅ¡¸ì ¸½¢É¢ ¨Åʸ¨Çô ÀüÈ¢ ¿£í¸û ¦À¡ÐÅ¡¸§ÅÛõ «È¢ó¾¢ÕôÀÐ «Åº¢Âõ. þò¾¨¸Â ¨Åʸ¨Çò ¾¡í¸¢ ÅÕõ Á¢ýÉïºø¸¨Ç «õÁ¢ýÉïºø¸û ¯í¸ÙìÌò ¦¾Ã¢ó¾ Á¢¸ Ó츢ÂÁ¡É ¿À÷¸Ç¢¼Á¢ÕóÐ Åó¾¡Öõ ܼ ¾¢ÈóÐ ÀÊò¾¢¼ ÓÂýÚ Å¢¼¡¾£÷¸û. ¯¼§É§Â «Æ¢òРŢÎí¸û. 

«òмý ¯í¸û ¸½¢É¢¸¨Ç ¨ÅʸÙìÌ ±¾¢Ã¡¸ô À¡Ð¸¡ì¸ ¨ÅÊ ±¾¢÷ôÒ ¦Áý¦À¡Õð¸¨Ç (Norton Anti Virus «øÄÐ Macafee antivirus §À¡ýÈÅüÈ¢ø ²¾¡Å¦¾¡ý¨È) ¯í¸û ¸½¢É¢¸Ç¢ø ¿¢ÚÅ¢ì ¦¸¡ûÙí¸û. ÀÄ÷ þùÅ¢¾õ §ÁüÀÊ ¦Áý¦À¡Õð¸¨Ç ¿¢ÚÅ¢ÂÐõ ¾í¸û §Å¨Ä ÓÊóРŢ𼦾ýÚ ¿¢¨ÉòРŢθ¢ýÈ¡÷¸û. ´ù¦Å¡Õ ¿¡Ùõ Ò¾¢Ð Ò¾¢¾¡¸ ¨Åʸû ¯ÕÅ¡¸¢ô Àø¸¢ô ¦ÀÕÌž¡ø §ÁüÀÊ ¦Áý¦À¡Õû ¿¢ÚÅÉí¸û þò¾¨¸Â Ò¾¢Â ¨Åʸ¨Ç ±¾¢÷ìÌõ §Áľ¢¸ ¦Áý¦À¡Õð¸¨Ç ¯Õš츢ò ¾ÁÐ ²ü¸É§Å¢Õó¾ ¦Áý¦À¡Õð¸¨Çò ¾¢¼Á¡ì̸¢ýÈ¡÷¸û. «Åü¨È þÄźÁ¡¸ «Å÷¸ÇÐ þ¨½Âò ¾Çí¸Ç¢ÕóÐ þÄźÁ¡¸ô ¦ÀüÚì ¦¸¡ûÇ×õ ź¾¢¸û ¦ºöÐ ¾Õ¸¢ýÈ¡÷¸û. ±É§Å ¿£í¸û ²ü¸É§Å ¯í¸û ¸½¢É¢Â¢ø ¿¢ÚŢ ¨ÅÊ ±¾¢÷ôÒ ¦Áý¦À¡Õð¸ÙìÌâ ¯ÕÅ¡ì¸ô Àð¼ Ò¾¢Â ¦Áý¦À¡Õð¸¨Ç (Updates) «Å÷¸ÇÐ þ¨½Âò ¾Çí¸Ç¢Ä¢ÕóÐ þÄźÁ¡¸§Å þÈ츢 ¯í¸û ¸½¢É¢¸Ç¢ø ¿¢ÚÅ¢ì ¦¸¡ûÅÐ Á¢¸×õ «Åº¢Âõ. «òмý «Êì¸Ê ¨ÅÊ ±¾¢÷ôÒ ¦Áý¦À¡Õ¨Ç þÂ츢 ¯í¸û ¸½¢É¢¸¨Çî Íò¾õ ¦ºöÐ ¦¸¡ûÅÐõ «Åº¢Âõ.  «ñ¨Áì ¸¡ÄÁ¡¸ þ¨½Âò¾¢ø ÀÃÅ¢ÅÕõ Á¢ýÉïºø ¨ÅʸǢø Ó츢ÂÁ¡ÉÐ ¦¿ðŠ¸¢.Ê (Netsky.D). þÐ ÀüȢ «È¢Ó¸ò¾¢¨Éì ¸£§Æ ¸¡½Ä¡õ:

Netsky email virus!
Virus type: Worm 
Destructive: No 
Aliases: W32.Netsky.D@mm, W32/Netsky.d@MM, W32/Netsky-D, NetSky.D 
Pattern file needed: 794 
Scan engine needed: 5.600 

Overall risk rating:  Medium 
Reported infections:  Medium 
Damage Potential:  High 
Distribution Potential:  High 

Description:
This memory-resident worm uses its own SMTP engine to propagate via email. It sends email with the following details: 

Subject: (any of the following)
Re: Approved 
Re: Details 
Re: Document
Re: Excel file 
Re: Hello 
Re: Here 
Re: Here is the document 
Re: Hi 
Re: My details 
Re: Re: Document 
Re: Re: Message 
Re: Re: Re: Your document 
Re: Re: Thanks! 
Re: Thanks! 
Re: Word file 
Re: Your archive 
Re: Your bill 
Re: Your details 
Re: Your document 
Re: Your letter 
Re: Your music 
Re: Your picture 
Re: Your product 
Re: Your software 
Re: Your text 
Re: Your website 

Message Body:(any of the following) 
Your file is attached. 
Please read the attached file. 
Please have a look at the attached file. 
See the attached file for details. 
Here is the file. 
Your document is attached. 

Attachment:(any of the following)
all_document.pif 
application.pif 
document.pif 
document_4351.pif 
document_excel.pif 
document_full.pif 
document_word.pif 
message_details.pif 
message_part2.pif 
mp3music.pif 
my_details.pif 
your_archive.pif 
your_bill.pif 
your_details.pif 
your_document.pif 
your_file.pif 
your_letter.pif 
your_picture.pif 
your_product.pif 
your_text.pif 
your_website.pif 
yours.pif 

Below is a screenshot of a sample email sent out by this worm:

This worm drops a copy of itself as the file WINLOGON.EXE in the Windows folder. It creates a thread for searching email addresses, which it gathers from files with specific extensions, in drives C to Z (except for the CD-ROM drive). 

(Note: On Windows NT, 2000 and XP, there is a normal application named WINLOGON.EXE in the Windows system folder.) 

It connects to a local or several external DNS servers, which it uses as its SMTP server, to search for a mail exchanger that matches the domain yahoo.com. 

This malware arrives as a Petite-compressed executable file and is written using Microsoft Visual C++, a high-level programming language. 

It runs on Windows 95, 98, ME, NT, 2000, and XP. 

Note that one reported sample of this NETSKY variant sends the spammed email through BCC. For more informatio.

Courtesy:http://www.trendmicro.com/

Solution!

If you are receiving bounce back messages or virus notifications for 
messages you did not send, you may want to again ensure that your 
computer is not infected with a virus. If you have virus scanning 
software on your computer, ensure this software is up to date and do a 
complete scan your system, including the boot files. Some viruses can 
generate email messages from an infected computer without the user's 
knowledge. 

Another reason why you may be receiving these messages is that, because 
your email address may exist in the address book of an infected computer
other than your own, the virus is placing your address in the reply to 
address of an outgoing message from that computer. 

A third reason is that a spammer has knowingly placed one or more of your ISP''s email addresses as the "From:" address in emails. He/she could be doing 
this in an attempt to "frame" our subscriber for sending the email, or 
to simply confuse the recipient of the message to avoid a complaint 
being sent to his/her ISP regarding the Spam. 

Please note when a message appears to be from your email address and you
did not send it, the sender has spoofed your address.  They are using 
another, but making it appear to be coming from yours.

As a result of the above, you may also be receiving replies from other 
people stating you sent the email Spam. Please disregard the complaints 
and delete them.  We suggest you do not reply as it may cause further 
aggravation to both you and the complainant.