Results 1 to 5 of 5
  1. #1
    Join Date
    August 30th, 2007
    mhosts.exe and WLlogin.exe - can I trace where they came from?
    Hey peeps, my first time posting here, all the way from Northern Ireland!!!

    I opened an email entitled: has recebido una tarjeta de

    which means: you have received an electronic card from

    I lived in spain for a few years and had spent time in mexico too, so its not unusal for me to receive cards or emails with spanish content.

    Of course there was no card to receive, but I got a trojan instead. In a spanish speaking forum it warned about cards from having trojans that allow third parties to access email accounts.

    Otherwise seems to be a legitimate website, registered in mexico.

    I traced the IP address of the email and it is registered to softlayer techologies in dallas, texas.

    Now here is where the Murder She Wrote part comes in to play - I am an active member of a discussion forum for former members of a cult, myself being an exmember. The discussion forum publicly denounces the cult and we publish materials that the cult is trying to keep secret (rule books, recruitment methodology etc).

    Just this month they are sueing us for theft of property (the rule books) and they tried to get an pretrial injunction to seize our computers and to reveal the identity and address details etc of the posters of the discussion board.

    The lawyers for this cult are based in Dallas Texas, and the cult is of mexican origin and has most members and influence in Mexico.

    Is it a coincidence that a mexican cult tries to get hold of my computer using a texan lawyer and then a mexican website sends me a trojan via a texas IP?

    Perhaps Im on the wrong website here, but how can I dig up more information to see if these are just coincidences or if the cult is acting illegally?

    Any suggestions?

  2. #2
    ABW Ambassador
    Join Date
    January 18th, 2005
    Nunya, Business
    I went searching for Google and your post was already in there: - 44 minutes ago -


    Not sure, should be somebody else that can help. I tried searching gusanito and see a lot of hacker, msn, hotmail type stuff showing up.

  3. #3
    Full Member ske9963's Avatar
    Join Date
    January 3rd, 2006
    Don't speak spanish but dig around, did not get much at all.
    All I know. is a spanish card website. Can find much info about the 2 .exe file except lots of complaints.

    That being said, I am seeing a surge (within last 2 months) in fake greeting cards from Hallmark. About a 1/2 dozen a day saying i got a greeting card. Never opened it as I know it's either a virus or I won a billion dollars in gold which is in the swiss bank.

    No comments on the legal stuff. Sorry..
    Ma, where the beer? :escape:

  4. #4
    Moderator MichaelColey's Avatar
    Join Date
    January 18th, 2005
    Mansfield, TX
    As widespread as greeting card virii have been lately, I wouldn't be surprised if it were a coincidence.

  5. #5
    OPM and Moderator Chuck Hamrick's Avatar
    Join Date
    April 5th, 2005
    Park City Utah
    I agree on the coincidence as I am getting at least 5 per day on two unrelated email addys.

  6. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Editing exe file for clickbank
    By swecs in forum Programming / Datafeeds / Tools
    Replies: 0
    Last Post: April 2nd, 2009, 07:20 PM
  2. Got a virus prunnet.exe
    By Rhea in forum Virtual Family and Off-Topic
    Replies: 17
    Last Post: December 23rd, 2008, 10:30 PM
  3. Exact Advertising : nls.exe
    By Chris - AMWSO in forum Suspicious Activity!
    Replies: 7
    Last Post: September 23rd, 2004, 08:18 PM
  4. Command.exe Virus - Watch out!
    By Akiva in forum Midnight Cafe'
    Replies: 1
    Last Post: May 23rd, 2003, 11:35 AM
  5. Topsites.exe
    By Dynamoo in forum Suspicious Activity!
    Replies: 5
    Last Post: March 11th, 2003, 04:54 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts