Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Spam von meiner e-mail-Adresse? (https://www.trojaner-board.de/70180-spam-meiner-e-mail-adresse.html)

5ven 19.02.2009 18:39
Spam von meiner e-mail-Adresse?
 
Hallo Leute,
ich habe gestern eine e-mail mit fragwürdigem Inhalt bekommen, bei der ich als Absender eingetragen war. Nun würde ich gerne wissen, ob sich da evtl jemand meines Mail-Clients bemächtigt, und unter meinem Namen Spam versendet, oder ob es einfach nur ein gefakter mail-header seitens des Versenders ist.
Hier mal die E-Mail (Quelltext):
Code:
From - Sun Feb 15 23:15:37 2009
X-Account-Key: account2
X-UIDL: adfd0676589c116205bbf919aa9f696e
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:                                                                               
Return-Path: <warezd@checklinks.org>
X-Flags: 0000
Delivered-To: GMX delivery to sv***@gmx.de
Received: (qmail invoked by alias); 15 Feb 2009 22:14:18 -0000
Received: from kayseriserver.net (EHLO clipgamers.com) [85.17.***.***]
  by mx0.gmx.net (mx009) with SMTP; 15 Feb 2009 23:14:18 +0100
Received: from apache by clipgamers.com with local (Exim 4.67)
        (envelope-from <warezd@checklinks.org>)
        id 1LYp4L-0007Kd-9T
        for sv***@gmx.de; Sun, 15 Feb 2009 23:02:33 +0100
To: sv***@gmx.de
Subject: Free Sex Downloads!
X-PHP-Script: checklinks.org/css/email0.php for 80.186.***.***
From: sv***@gmx.de
Message-Id: <E1LYp4L-0007Kd-9T@clipgamers.com>
Date: Sun, 15 Feb 2009 23:02:33 +0100
X-GMX-Antivirus: 0 (no virus found)
X-GMX-Antispam: 0 (Sender is in whitelist: %ssv***@gmx.de)
X-GMX-UID: jqGhcSBIYW0+z9Nh52dpwGJ0amthcxuC

www.DL-Porn.com - Free XXX Movies/Videos!
Visit us Today You wont be disappointed
;)

Or

Go to www.DL-Warez.com if you want FREE:
Software
Music
Movies
eBooks
And mutch more!


mein HJT-Log:
Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:36:34, on 19.02.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\cFosSpeed.v4.02.1312\spd.exe
C:\WINDOWS\system32\cisvc.exe
C:\Programme\FileZilla Server\FileZilla Server.exe
C:\Programme\Firebird\Firebird_1_5\bin\fbguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Firebird\Firebird_1_5\bin\fbserver.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\cFosSpeed.v4.02.1312\cFosSpeed.exe
C:\Programme\Razer\Copperhead\razerhid.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\Internet Download Manager\IDMan.exe
C:\Programme\Razer\Copperhead\razertra.exe
C:\Programme\Razer\Copperhead\razerofa.exe
C:\Programme\snapsaver\snapsaver.exe
C:\Programme\BinarySense\HDDlife\HDDlifePro.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\SpeedFan\speedfan.exe
C:\Programme\Internet Download Manager\IEMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\iPod\bin\iPodService.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Dokumente und Einstellungen\Sven\Programme\uTorrent\uTorrent.exe
C:\Programme\Mozilla Firefox\firefox.exe
F:\Downloads\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = h**p://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://google.icq.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = h**p=:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = :;*.local
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Programme\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [cFosSpeed] C:\Programme\cFosSpeed.v4.02.1312\cFosSpeed.exe
O4 - HKLM\..\Run: [Copperhead] C:\Programme\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [AVP] "C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe"
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Programme\RivaTuner v2.11\RivaTuner.exe" /S
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [IDMan] C:\Programme\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [snapsaver] C:\Programme\snapsaver\snapsaver.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: HDDlife.lnk = C:\Programme\BinarySense\HDDlife\HDDlifePro.exe
O4 - Startup: speedfan.lnk = C:\Programme\SpeedFan\speedfan.exe
O8 - Extra context menu item: Download aller Links mit IDM - C:\Programme\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV Video Inhalt mit IDM - C:\Programme\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download mit IDM - C:\Programme\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Hinzufügen zu Kaspersky Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Statistik für Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\SCIEPlgn.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Programme\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O15 - Trusted Zone: h**p://www.apple.com
O16 - DPF: {A20B1BB0-AC3D-4530-85F3-791B81303190} (ICQDevilImg Control) - h**p://xtraz.icq.com/xtraz/products/photo/english/ICQDevilImg.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Security Suite CBE (AVP) - Kaspersky Lab - C:\Programme\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Programme\cFosSpeed.v4.02.1312\spd.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Unknown owner - C:\Programme\Creative\Shared Files\CTAudSvc.exe (file missing)
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Programme\FileZilla Server\FileZilla Server.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Programme\Firebird\Firebird_1_5\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Programme\Firebird\Firebird_1_5\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: JNGFJHUPGCSTX - Unknown owner - C:\DOKUME~1\Sven\LOKALE~1\Temp\JNGFJHUPGCSTX.exe (file missing)
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Virtual CD v9 Management Service (VC9SecS) - Unknown owner - C:\Programme\Virtual CD v9\System\vc9secs.exe (file missing)

--
End of file - 8639 bytes
Es wäre super, wenn ihr mir weiterhelfen könntet.
Viel Grüße, 5ven

KarlKarl 19.02.2009 18:59
Hi,

einfach nur ein Fake. Das ist recht normal, ich bekomme eine ganze Menge Spam von mir selber.

Gruß, Karl

Yopie 19.02.2009 22:04
Siehe auch FAQs: E-Mail-Header lesen und verstehen

Gruß :daumenhoc
Yopie

5ven 19.02.2009 23:04
OK, :dankeschoen: :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:32 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131