A problem domain hosted by you

["scott" <scott () graphictype com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I just found a trojan backdoor virus on my system,
and when i hexdumped the file, i found the domain name
http://2001-007.com/ referenced in it (about 3/4 the
way down the file)... it looks as if the trojan virus
is submitting information to this domain name (but
i cannot say 100% certainty yet, since i have not
setup a honeypot machine, infected it, and tcpdumped
the network traffic)

I have sent emails to vuln-dev () securityfocus com previously
(and Cc'd this email) and posted up all relevant information
on my website http://furt.com/grokster/ (I have attached the
relevant binaries also), along with the two infected binaries
(where you can verify for yourself that 2001-007.com
is in fact the domain referenced).

I ask for your help and cooperation in verifying whether
or not this domain name is collecting user information
submitted by the backdoor trojan that infected me, or
in fact, finding any information about the website
or its owner (as the phone number given in the Whois
information is not correct, a person claiming to NOT
be John Casey answered the telephone and said that
he had never heard of John Casey)

I thank you for your time.

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBPCvRc8aXTGgZdrSUEQLx/wCfVacXBNbK51tEQx/7iR5gqZHPJTIAoIU+
KXXa9gVsg9PdbrBd8PdLBKK8
=axT7
-----END PGP SIGNATURE-----

Attachment: files.zip
Description: