RE: [Declude.Virus] Another new virus
I've seen one sample in the last few minutes. It arrives as jokes.zip, and www.virustotal.com describes the enclosed 123456.exe as: This is a report processed by VirusTotal on 04/16/2005 at 00:11:32 (CET) after scanning the file "123456.exe" file. Antivirus Version Update Result AntiVir 6.30.0.7 04.15.2005 no virus found AVG 718 04.15.2005 no virus found BitDefender 7.0 04.15.2005 BehavesLike:Win32.SiteHijack ClamAV devel-20050307 04.15.2005 Worm.Bagle.BB DrWeb 4.32b 04.15.2005 Win32.HLLM.Beagle.37888 eTrust-Iris 7.1.194.0 04.15.2005 Win32/Glieder.T!Trojan eTrust-Vet 11.7.0.0 04.15.2005 no virus found Fortinet 2.51 04.15.2005 no virus found F-Prot 3.16b 04.15.2005 no virus found Ikarus 2.32 04.15.2005 Email-Worm.Win32.Bagle.pac Kaspersky 4.0.2.24 04.16.2005 Email-Worm.Win32.Bagle.pac McAfee 4470 04.15.2005 W32/[EMAIL PROTECTED] NOD32v2 1.1064 04.15.2005 Win32/TrojanDownloader.Small.ZL Norman 5.70.10 04.14.2005 W32/Downloader Panda 8.02.00 04.15.2005 W32/Bagle.CA.worm Sybari 7.5.1314 04.15.2005 Troj/BagleDl-N Symantec 8.0 04.15.2005 Trojan.Tooso.F VBA32 3.10.3 04.15.2005 Email-Worm.Win32.Bagle.pac VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.> Go to: Home Contact En español www.virustotal.com :: @ Hispasec Sistemas 2004 :: e-mail [EMAIL PROTECTED] Andrew 8) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Tolmachoff (Lists) Sent: Friday, April 15, 2005 2:33 PM To: Declude.Virus@declude.com Subject: [Declude.Virus] Another new virus I am getting lots of banned attachment notices and lots of bounces in the last 90 minutes. THANKFULLY, I am blocking zip files which contain executables otherwise these would have all be delivered to users. Any one have an idea of what this one is, it is kind of acting like Bagle. John T eServices For You --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] Another new virus
You guys are all pretty funny with your "thankfully" stuff. Remember, this is all just a collection of opinions. I have no issues, and haven't for some time. Anyway, I don't bounce messages for any tagged virus so I haven't been having issues with Mytob causing backscatter since Declude doesn't seem to have added that as a forging virus yet. I figure that over 99% of all viruses are forging viruses and this is really only necessary when you are blocking things that might for instance contain a macro virus in an otherwise legitimate document, and I haven't had issues not bouncing for such things. Again, that's just my take on things, you guys can do whatever you want :) I also noted that the new Bagle is apparently prone to corruption, and while F-Prot is missing this, McAfee continues to pick it up: 04/15/2005 17:32:52 Q33049a10011849b8 MIME file: [text/html][7bit; Length=51 Checksum=3488] 04/15/2005 17:32:52 Q33049a10011849b8 MIME file: Jokes.zip [base64; Length=19311 Checksum=2484229] 04/15/2005 17:32:52 Q33049a10011849b8 Warning: file#=123456 (123456.EXE ... ) 04/15/2005 17:32:52 Q33049a10011849b8 Scanner 2: Virus=the W32/[EMAIL PROTECTED] Attachment=[Unknown: Err] [0] I 04/15/2005 17:32:52 Q33049a10011849b8 File(s) are INFECTED [the W32/[EMAIL PROTECTED]: 13] 04/15/2005 17:32:52 Q33049a10011849b8 Deleting file with virus 04/15/2005 17:32:52 Q33049a10011849b8 Deleting E-mail with virus! 04/15/2005 17:32:52 Q33049a10011849b8 Scanned: CONTAINS A VIRUS [Prescan OK][MIME: 2 19428] 04/15/2005 17:32:52 Q33049a10011849b8 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [incoming from 208.7.179.200] 04/15/2005 17:32:52 Q33049a10011849b8 Subject: I saw only one zip file from a virus in my Hold range today, but it was a zero byte file with a zip extension. The pattern that this virus uses results in an automatic hold on my system based on filters designed for zombies (for instance it forges the HELO to match the recipient domain), but most will also fail some DUL or other such tests. I think Sniffer hit that example if I recall correctly. Matt John Tolmachoff (Lists) wrote: I am getting lots of banned attachment notices and lots of bounces in the last 90 minutes. THANKFULLY, I am blocking zip files which contain executables otherwise these would have all be delivered to users. Any one have an idea of what this one is, it is kind of acting like Bagle. John T eServices For You --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. -- = MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ =
[Declude.Virus] Attachment=[Unknown: Err] ?
Hi, Any particular subject/attachment name that we can recognize it by? Also, for half a day I've seen lots of no subject and the attachmen of "Unknown Err". Seems as if Declude is choking on something here: 04/15/2005 16:43:42 Q275DA0790152A6BF Warning: file#=123456 (123456.EXE ... ) 04/15/2005 16:43:42 Q275DA0790152A6BF Scanner 1: Virus= the W32/[EMAIL PROTECTED] Attachment=[Unknown: Err] [17] I 04/15/2005 16:43:42 Q275DA0790152A6BF File(s) are INFECTED [ the W32/[EMAIL PROTECTED]: 13] 04/15/2005 16:43:42 Q275DA0790152A6BF Deleting file with virus 04/15/2005 16:43:42 Q275DA0790152A6BF Deleting E-mail with virus! 04/15/2005 16:43:42 Q275DA0790152A6BF Scanned: CONTAINS A VIRUS [MIME: 2 19430] 04/15/2005 16:43:42 Q275DA0790152A6BF From: [Forged] To: [EMAIL PROTECTED] [incoming from 207.30.155.52] 04/15/2005 16:43:42 Q275DA0790152A6BF Subject: Best Regards Andy Schmidt Phone: +1 201 934-3414 x20 (Business) Fax:+1 201 934-9206 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Tolmachoff (Lists) Sent: Friday, April 15, 2005 05:33 PM To: Declude.Virus@declude.com Subject: [Declude.Virus] Another new virus I am getting lots of banned attachment notices and lots of bounces in the last 90 minutes. THANKFULLY, I am blocking zip files which contain executables otherwise these would have all be delivered to users. Any one have an idea of what this one is, it is kind of acting like Bagle. John T eServices For You --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] Another new virus
Looks like yesterday's RAR's coming in as ZIPs. And my F-Prot/ClamAV and desktop Trend Micro still don't see anything!! Deleting them nevertheless. John -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Tolmachoff (Lists) Sent: Friday, April 15, 2005 4:33 PM To: Declude.Virus@declude.com Subject: [Declude.Virus] Another new virus I am getting lots of banned attachment notices and lots of bounces in the last 90 minutes. THANKFULLY, I am blocking zip files which contain executables otherwise these would have all be delivered to users. Any one have an idea of what this one is, it is kind of acting like Bagle. John T eServices For You --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
[Declude.Virus] Another new virus
I am getting lots of banned attachment notices and lots of bounces in the last 90 minutes. THANKFULLY, I am blocking zip files which contain executables otherwise these would have all be delivered to users. Any one have an idea of what this one is, it is kind of acting like Bagle. John T eServices For You --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] Skipifforging not working on Mytob
I also had to add the SKIPIFVIRUSNAMEHAS Mytob to my eml files. - Original Message - From: "John Carter" <[EMAIL PROTECTED]> To: Sent: Friday, April 15, 2005 2:53 PM Subject: RE: [Declude.Virus] Skipifforging not working on Mytob Shayne: I haven't heard anything from anyone else. To the existing SKIPIFFORGING, I have added the following to sender, recip, and postmaster eml's. I know it is just covering up the underlying problem, but a cure is a cure. Will let you know if it helps. SKIPIFVIRUSNAMEHAS Mytob John -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Shayne Embry Sent: Friday, April 15, 2005 11:53 AM To: Declude.Virus@declude.com Subject: RE: [Declude.Virus] Skipifforging not working on Mytob I have also been experiencing this, for over a week. I'm only using F-Prot, but have added the appropriate lines to eml and virus.cfg files as John has. The only other difference is that I'm using SmarterMail. Shayne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Carter Sent: Friday, April 15, 2005 10:48 AM To: Declude.Virus@declude.com Subject: [Declude.Virus] Skipifforging not working on Mytob Shortly after adding ClamAV to the Imail Server a few days ago, my system started sending virus notices on Mytob (and so far, only Mytob) even though I have SKIPIFFORGING in the sender.eml, recip.eml and postmaster.eml, plus I have Mytob in the list of forging viruses in the virus.cfg. In the virus log lines below, scanner 1 is F-Prot and scanner 2 is ClamAV. The timing to the addition to ClamAV may be only a coincidence. Any ideas about what's happening? Thanks, John Notice lines: == Declude Virus 2.0.5 caught a incoming virus Subject: hello From: [Forged] To: [EMAIL PROTECTED] Msg ID: <[EMAIL PROTECTED]> Queue#: D74590703010e25a9.SMD Remote IP: 63.197.109.187 Virus Name/File: W32/[EMAIL PROTECTED] data.zip postmaster.eml == SKIPIFFORGING From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: E-mail virus notice Declude Virus %VERSION% caught a %INOROUT% virus Subject: %SUBJECT% From: %MAILFROM% To: %ALLRECIPS% Msg ID: %MSGID% Queue#: %QUEUENAME% Remote IP: %REMOTEIP% Virus Name/File: %VIRUSNAME% %VIRUSFILE% Headers: %HEADERS% Virus log lines: 04/15/2005 02:59:36 Q74590703010e25a9 Banning .ZIP file with exe extension. 04/15/2005 02:59:36 Q74590703010e25a9 Scanner 1: Virus=W32/[EMAIL PROTECTED] Attachment=data.zip [36] I 04/15/2005 02:59:37 Q74590703010e25a9 Scanner 2: Virus= Worm.Mytob.T-2 Attachment=data.zip [36] I 04/15/2005 02:59:37 Q74590703010e25a9 File(s) are INFECTED [W32/[EMAIL PROTECTED]: 1] 04/15/2005 02:59:37 Q74590703010e25a9 Deleting file with virus 04/15/2005 02:59:37 Q74590703010e25a9 Deleting E-mail with virus! 04/15/2005 02:59:37 Q74590703010e25a9 Scanned: CONTAINS A VIRUS [MIME: 2 58859] 04/15/2005 02:59:37 Q74590703010e25a9 From: [Forged] To: [EMAIL PROTECTED] [incoming from 63.197.109.187] 04/15/2005 02:59:37 Q74590703010e25a9 Subject: hello --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] Skipifforging not working on Mytob
Shayne: I haven't heard anything from anyone else. To the existing SKIPIFFORGING, I have added the following to sender, recip, and postmaster eml's. I know it is just covering up the underlying problem, but a cure is a cure. Will let you know if it helps. SKIPIFVIRUSNAMEHAS Mytob John -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Shayne Embry Sent: Friday, April 15, 2005 11:53 AM To: Declude.Virus@declude.com Subject: RE: [Declude.Virus] Skipifforging not working on Mytob I have also been experiencing this, for over a week. I'm only using F-Prot, but have added the appropriate lines to eml and virus.cfg files as John has. The only other difference is that I'm using SmarterMail. Shayne > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of John Carter > Sent: Friday, April 15, 2005 10:48 AM > To: Declude.Virus@declude.com > Subject: [Declude.Virus] Skipifforging not working on Mytob > > > Shortly after adding ClamAV to the Imail Server a few days ago, my > system started sending virus notices on Mytob (and so far, only Mytob) > even though I have SKIPIFFORGING in the sender.eml, recip.eml and > postmaster.eml, plus I have Mytob in the list of forging viruses in > the virus.cfg. In the virus log lines below, scanner 1 is F-Prot and > scanner 2 is ClamAV. > The timing to the addition to ClamAV may be only a coincidence. > > Any ideas about what's happening? > > Thanks, > John > > Notice lines: > == > Declude Virus 2.0.5 caught a incoming virus > > Subject: hello >From: [Forged] > To: [EMAIL PROTECTED] > Msg ID: <[EMAIL PROTECTED]> > Queue#: D74590703010e25a9.SMD > Remote IP: 63.197.109.187 > Virus Name/File: W32/[EMAIL PROTECTED] data.zip > > postmaster.eml > == > SKIPIFFORGING > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > Subject: E-mail virus notice > > Declude Virus %VERSION% caught a %INOROUT% virus > > Subject: %SUBJECT% >From: %MAILFROM% > To: %ALLRECIPS% > Msg ID: %MSGID% > Queue#: %QUEUENAME% > Remote IP: %REMOTEIP% > Virus Name/File: %VIRUSNAME% %VIRUSFILE% > > Headers: > %HEADERS% > > Virus log lines: > > 04/15/2005 02:59:36 Q74590703010e25a9 Banning .ZIP file with exe > extension. 04/15/2005 02:59:36 Q74590703010e25a9 Scanner > 1: Virus=W32/[EMAIL PROTECTED] Attachment=data.zip [36] I > 04/15/2005 02:59:37 Q74590703010e25a9 Scanner 2: Virus= > Worm.Mytob.T-2 Attachment=data.zip [36] I 04/15/2005 02:59:37 > Q74590703010e25a9 File(s) are INFECTED [W32/[EMAIL PROTECTED]: 1] > 04/15/2005 02:59:37 Q74590703010e25a9 Deleting file with virus > 04/15/2005 02:59:37 Q74590703010e25a9 Deleting E-mail with virus! > 04/15/2005 02:59:37 Q74590703010e25a9 Scanned: > CONTAINS A VIRUS [MIME: 2 58859] 04/15/2005 02:59:37 > Q74590703010e25a9 From: [Forged] To: [EMAIL PROTECTED] [incoming > from 63.197.109.187] 04/15/2005 02:59:37 > Q74590703010e25a9 Subject: hello > > --- > This E-mail came from the Declude.Virus mailing list. To unsubscribe, > just send an E-mail to [EMAIL PROTECTED], and > type "unsubscribe Declude.Virus".The archives can be found > at http://www.mail-archive.com. > --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] BANnotify.eml
Without the attachments. Darrell Check out http://www.invariantsystems.com for utilities for Declude And Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Robert Perez writes: I know this is a rookie question but anyway: Does BANnotify.eml file send the email with or without the attachment/s? --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
[Declude.Virus] BANnotify.eml
I know this is a rookie question but anyway: Does BANnotify.eml file send the email with or without the attachment/s?
RE: [Declude.Virus] Skipifforging not working on Mytob
I have also been experiencing this, for over a week. I'm only using F-Prot, but have added the appropriate lines to eml and virus.cfg files as John has. The only other difference is that I'm using SmarterMail. Shayne > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of John Carter > Sent: Friday, April 15, 2005 10:48 AM > To: Declude.Virus@declude.com > Subject: [Declude.Virus] Skipifforging not working on Mytob > > > Shortly after adding ClamAV to the Imail Server a few days > ago, my system started sending virus notices on Mytob (and so > far, only Mytob) even though I have SKIPIFFORGING in the > sender.eml, recip.eml and postmaster.eml, plus I have Mytob > in the list of forging viruses in the virus.cfg. In the virus > log lines below, scanner 1 is F-Prot and scanner 2 is ClamAV. > The timing to the addition to ClamAV may be only a coincidence. > > Any ideas about what's happening? > > Thanks, > John > > Notice lines: > == > Declude Virus 2.0.5 caught a incoming virus > > Subject: hello >From: [Forged] > To: [EMAIL PROTECTED] > Msg ID: <[EMAIL PROTECTED]> > Queue#: D74590703010e25a9.SMD > Remote IP: 63.197.109.187 > Virus Name/File: W32/[EMAIL PROTECTED] data.zip > > postmaster.eml > == > SKIPIFFORGING > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > Subject: E-mail virus notice > > Declude Virus %VERSION% caught a %INOROUT% virus > > Subject: %SUBJECT% >From: %MAILFROM% > To: %ALLRECIPS% > Msg ID: %MSGID% > Queue#: %QUEUENAME% > Remote IP: %REMOTEIP% > Virus Name/File: %VIRUSNAME% %VIRUSFILE% > > Headers: > %HEADERS% > > Virus log lines: > > 04/15/2005 02:59:36 Q74590703010e25a9 Banning .ZIP file with > exe extension. 04/15/2005 02:59:36 Q74590703010e25a9 Scanner > 1: Virus=W32/[EMAIL PROTECTED] Attachment=data.zip [36] I > 04/15/2005 02:59:37 Q74590703010e25a9 Scanner 2: Virus= > Worm.Mytob.T-2 Attachment=data.zip [36] I 04/15/2005 02:59:37 > Q74590703010e25a9 File(s) are INFECTED [W32/[EMAIL PROTECTED]: 1] > 04/15/2005 02:59:37 Q74590703010e25a9 Deleting file with > virus 04/15/2005 02:59:37 Q74590703010e25a9 Deleting E-mail > with virus! 04/15/2005 02:59:37 Q74590703010e25a9 Scanned: > CONTAINS A VIRUS [MIME: 2 58859] 04/15/2005 02:59:37 > Q74590703010e25a9 From: [Forged] To: [EMAIL PROTECTED] > [incoming from 63.197.109.187] 04/15/2005 02:59:37 > Q74590703010e25a9 Subject: hello > > --- > This E-mail came from the Declude.Virus mailing list. To > unsubscribe, just send an E-mail to [EMAIL PROTECTED], and > type "unsubscribe Declude.Virus".The archives can be found > at http://www.mail-archive.com. > --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
[Declude.Virus] Skipifforging not working on Mytob
Shortly after adding ClamAV to the Imail Server a few days ago, my system started sending virus notices on Mytob (and so far, only Mytob) even though I have SKIPIFFORGING in the sender.eml, recip.eml and postmaster.eml, plus I have Mytob in the list of forging viruses in the virus.cfg. In the virus log lines below, scanner 1 is F-Prot and scanner 2 is ClamAV. The timing to the addition to ClamAV may be only a coincidence. Any ideas about what's happening? Thanks, John Notice lines: == Declude Virus 2.0.5 caught a incoming virus Subject: hello From: [Forged] To: [EMAIL PROTECTED] Msg ID: <[EMAIL PROTECTED]> Queue#: D74590703010e25a9.SMD Remote IP: 63.197.109.187 Virus Name/File: W32/[EMAIL PROTECTED] data.zip postmaster.eml == SKIPIFFORGING From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: E-mail virus notice Declude Virus %VERSION% caught a %INOROUT% virus Subject: %SUBJECT% From: %MAILFROM% To: %ALLRECIPS% Msg ID: %MSGID% Queue#: %QUEUENAME% Remote IP: %REMOTEIP% Virus Name/File: %VIRUSNAME% %VIRUSFILE% Headers: %HEADERS% Virus log lines: 04/15/2005 02:59:36 Q74590703010e25a9 Banning .ZIP file with exe extension. 04/15/2005 02:59:36 Q74590703010e25a9 Scanner 1: Virus=W32/[EMAIL PROTECTED] Attachment=data.zip [36] I 04/15/2005 02:59:37 Q74590703010e25a9 Scanner 2: Virus= Worm.Mytob.T-2 Attachment=data.zip [36] I 04/15/2005 02:59:37 Q74590703010e25a9 File(s) are INFECTED [W32/[EMAIL PROTECTED]: 1] 04/15/2005 02:59:37 Q74590703010e25a9 Deleting file with virus 04/15/2005 02:59:37 Q74590703010e25a9 Deleting E-mail with virus! 04/15/2005 02:59:37 Q74590703010e25a9 Scanned: CONTAINS A VIRUS [MIME: 2 58859] 04/15/2005 02:59:37 Q74590703010e25a9 From: [Forged] To: [EMAIL PROTECTED] [incoming from 63.197.109.187] 04/15/2005 02:59:37 Q74590703010e25a9 Subject: hello --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
