Results 1 to 5 of 5
August 30th, 2007, 03:43 AM #1
mhosts.exe and WLlogin.exe - can I trace where they came from?
- Join Date
- August 30th, 2007
Hey peeps, my first time posting here, all the way from Northern Ireland!!!
I opened an email entitled: has recebido una tarjeta de gusanito.com
which means: you have received an electronic card from gusanito.com
I lived in spain for a few years and had spent time in mexico too, so its not unusal for me to receive cards or emails with spanish content.
Of course there was no card to receive, but I got a trojan instead. In a spanish speaking forum it warned about cards from gusanito.com having trojans that allow third parties to access email accounts.
Otherwise gusanito.com seems to be a legitimate website, registered in mexico.
I traced the IP address of the email and it is registered to softlayer techologies in dallas, texas.
Now here is where the Murder She Wrote part comes in to play - I am an active member of a discussion forum for former members of a cult, myself being an exmember. The discussion forum publicly denounces the cult and we publish materials that the cult is trying to keep secret (rule books, recruitment methodology etc).
Just this month they are sueing us for theft of property (the rule books) and they tried to get an pretrial injunction to seize our computers and to reveal the identity and address details etc of the posters of the discussion board.
The lawyers for this cult are based in Dallas Texas, and the cult is of mexican origin and has most members and influence in Mexico.
Is it a coincidence that a mexican cult tries to get hold of my computer using a texan lawyer and then a mexican website sends me a trojan via a texas IP?
Perhaps Im on the wrong website here, but how can I dig up more information to see if these are just coincidences or if the cult is acting illegally?
August 30th, 2007, 04:41 AM #2
- Join Date
- January 18th, 2005
- Nunya, Business
I went searching for Google and your post was already in there:
forum.abestweb.com/showthread.php?goto=newpost&t=94058 - 44 minutes ago -
Not sure, should be somebody else that can help. I tried searching gusanito and see a lot of hacker, msn, hotmail type stuff showing up.
August 30th, 2007, 06:16 AM #3
Don't speak spanish but dig around, did not get much at all.
All I know. gusanito.com is a spanish card website. Can find much info about the 2 .exe file except lots of complaints.
That being said, I am seeing a surge (within last 2 months) in fake greeting cards from Hallmark. About a 1/2 dozen a day saying i got a greeting card. Never opened it as I know it's either a virus or I won a billion dollars in gold which is in the swiss bank.
No comments on the legal stuff. Sorry..Ma, where the beer? :escape:
August 30th, 2007, 08:32 AM #4
As widespread as greeting card virii have been lately, I wouldn't be surprised if it were a coincidence.
August 31st, 2007, 01:09 AM #5
I agree on the coincidence as I am getting at least 5 per day on two unrelated email addys.
By swecs in forum Programming / Datafeeds / ToolsReplies: 0Last Post: April 2nd, 2009, 07:20 PM
By Rhea in forum Virtual Family and Off-TopicReplies: 17Last Post: December 23rd, 2008, 10:30 PM
By Chris - AMWSO in forum Suspicious Activity!Replies: 7Last Post: September 23rd, 2004, 08:18 PM
By Akiva in forum Midnight Cafe'Replies: 1Last Post: May 23rd, 2003, 11:35 AM
By Dynamoo in forum Suspicious Activity!Replies: 5Last Post: March 11th, 2003, 04:54 AM