Hallo habe plötzlich nen Prob bekomme seit heute 100 dieser mails mit
solchem Inhalt
Hi. This is the qmail-send program at mail.gmx.net.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<joettully370@yahoo.com>:
66.94.236.34_failed_after_I_sent_the_message./Remote_host_said:_554_delivery_error:_dd_Sorry_your_message_to_joettully370@yahoo.com_cannot_be_delivered._This_account_has_been_disabled_or_discontin ued_[#102]._-_mta1153.mail.mud.yahoo.com/
--- Below this line is a copy of the message.
Return-Path: <meine email add>
Received: (qmail invoked by alias); 19 Oct 2010 18:54:06 -0000
Received: from unknown (EHLO vwgo) [60.10.194.107]
by mail.gmx.net (mp070) with SMTP; 19 Oct 2010 20:54:06 +0200
X-Authenticated: #19456934
X-Provags-ID: V01U2FsdGVkX1+1120kBWS1S4CkyAQvU8gun69Pctq2BwlmTNTM6/
XUjmH4Wk87t1SC
Reply-To: <wowaccountadmin@blizzard.com>
Sender: meine email add
Message-ID: <826A906AE9ED0E90DE5847E015F09CF3@vwgo>
From: =?utf-8?B?QmxpenphcmQgRW50ZXJ0YWlubeKAi2VudA==?= <wowaccountadmin@blizzard.com>
To: <joettully370@yahoo.com>
Subject: Cataclysm Beta Opt-In
Date: Wed, 20 Oct 2010 02:50:42 +0800
MIME-Version: 1.0
Content-Type: text/html;
charset="utf-8"
Content-Transfer-Encoding: base64
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5512
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512
X-Y-GMX-Trusted: 0
X-GMX-Antivirus: 0 (no virus found)
PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9XM0MvL0RURCBIVE1MIDQuMCBUcmFuc2l0aW9uYWwv
L0VOIj4NCjxIVE1MPjxIRUFEPg0KPE1FVEEgaHR0cC1lcXVpdj1Db250ZW50LVR5cGUgY29udGVu
dD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxNRVRBIGNvbnRlbnQ9Ik1TSFRNTCA2LjAw
LjM3OTAuNDE4NiIgbmFtZT1HRU5FUkFUT1I+PC9IRUFEPg0KPEJPRFk+DQo8RElWIGNsYXNzPSIi
IHN0eWxlPSJGT05ULVNJWkU6IDEycHg7IENPTE9SOiBncmF5Ij48U1BBTiBjbGFzcz1BcHBsZS1z
dHlsZS1zcGFuIA0Kc3R5bGU9IkZPTlQtU0laRTogMTNweDsgQ09MT1I6IHJnYig0Miw0Miw0Mik7
IExJTkUtSEVJR0hUOiBub3JtYWw7IEZPTlQtRkFNSUxZOiBUYWhvbWEsIFZlcmRhbmEsIEFyaWFs
LCBzYW5zLXNlcmlmIj48UFJFIHN0eWxlPSJMSU5FLUhFSUdIVDogMTdweDsgV0hJVEUtU1BBQ0U6
IG5vcm1hbCI+R3JlZXRpbmdzLDxCUiBzdHlsZT0iTElORS1IRUlHSFQ6IDE3cHgiPjxCUiBzdHls
ZT0iTElORS1IRUlHSFQ6IDE3cHgiPldlIGFyZSBleGNpdGVkIHRvIGFubm91bmNlIHRoZSBXb3Js
ZCBvZiBXYXJjcmFmdDogQ2F0YWNseXNtIGJldGEgb3B0LWluIGlzIG5vdyBhdmFpbGFibGUuJm5i
c3A7PEJSIHN0eWxlPSJMSU5FLUhFSUdIVDogMTdweCI+PEJSIHN0eWxlPSJMSU5FLUhFSUdIVDog
MTdweCI+SW4gdGhlIGJldGEgdGVzdCB5b3Ugd2lsbCBiZSBnaXZlbiBhbiBvcHBvcnR1bml0eSB0
byBwcm92aWRlIHlvdXIgZmVlZGJhY2sgb24gdGhlIG92ZXJhbGwgZ2FtZXBsYXkgZXhwZXJpZW5j
ZSBhcyB3ZWxsIGFzJm5ic3A7PEJSIHN0eWxlPSJMSU5FLUhFSUdIVDogMTdweCI+ZXhwZXJpZW5j
ZSBuZXcgcGxheWFibGUgd29yZ2VuIGFuZCBnb2JsaW4gcmFjZXMsIG5ldyB6b25lcywgcHJvZmVz
c2lvbnMgYW5kIG1vcmUuIEZvciBhIGZ1bGwgbGlzdCBvZiBmZWF0dXJlcyBwbGVhc2UgZm9sbG93
Jm5ic3A7PEJSIHN0eWxlPSJMSU5FLUhFSUdIVDogMTdweCI+dGhpcyBsaW5rOiZuYnNwOzxBIHN0
eWxlPSJDVVJTT1I6IHBvaW50ZXI7IENPTE9SOiByZ2IoMCwxMDQsMjA3KTsgTElORS1IRUlHSFQ6
IDE3cHg7IFRFWFQtREVDT1JBVElPTjogdW5kZXJsaW5lIiBocmVmPSJodHRwOi8vdXMuYmF0dGxl
Lm5ldC5iaHR0bGUubmV0L2xvZ2luL2VuL2xvZ2luLmh0bWw/YXBwPXdhbSZhbXA7cmVmPWh0dHBz
Oi8vd3d3Lndvcmxkb2Z3YXJjcmFmdC5jb20vYWNjb3VudC8mYW1wO2Vvcj0wJmFtcDthcHA9YmFt
IiB0YXJnZXQ9X2JsYW5rPmh0dHBzOi8vdXMuYmF0dGxlLm5ldC9sb2dpbi9lbi9sb2dpbi5odG1s
P2FwcD13YW0mYW1wO3JlZj1odHRwczovL3d3dy53b3JsZG9md2FyY3JhZnQuY29tL2FjY291bnQv
JmFtcDtlb3I9MCZhbXA7YXBwPWJhbTwvQT4uJm5ic3A7PEJSIHN0eWxlPSJMSU5FLUhFSUdIVDog
MTdweCI+PEJSIHN0eWxlPSJMSU5FLUhFSUdIVDogMTdweCI+V2Ugd2lsbCBiZSBzZWxlY3Rpbmcg
YWNjb3VudCBob2xkZXJzIG9mIEJhdHRsZS5uZXQgYW5kIFdvcmxkIG9mIFdhcmNyYWZ0IGFjY291
bnRzIHdobyBvcHRlZC1pbiBhdCByYW5kb20gdG8gcGFydGljaXBhdGUgaW4mbmJzcDs8QlIgc3R5
bGU9IkxJTkUtSEVJR0hUOiAxN3B4Ij50aGUgV29ybGQgb2YgV2FyY3JhZnQ6IENhdGFjbHlzbSBC
ZXRhIFRlc3QuIFRvIG9wdC1pbiBmb3IgdGhlIGJldGEgdGVzdCBwbGVhc2UgdmlzaXQgdGhlIFdv
cmxkIG9mIFdhcmNyYWZ0OiBDYXRhY2x5c20mbmJzcDs8QlIgc3R5bGU9IkxJTkUtSEVJR0hUOiAx
N3B4Ij53ZWJzaXRlIHdoaWNoIGNhbiBiZSBhY2Nlc3NlZCBoZXJlLjxCUiBzdHlsZT0iTElORS1I
RUlHSFQ6IDE3cHgiPjxCUiBzdHlsZT0iTElORS1IRUlHSFQ6IDE3cHgiPkluIG9yZGVyIHRvIGJl
IGVsaWdpYmxlIGZvciB0aGUgV29ybGQgb2YgV2FyY3JhZnQ6IENhdGFjbHlzbSAtIEJldGEgT3B0
IEluIHlvdSB3aWxsIG5lZWQgdG8gaGF2ZSBhIHZhbGlkIFdvcmxkIG9mIFdhcmNyYWZ0Jm5ic3A7
PEJSIHN0eWxlPSJMSU5FLUhFSUdIVDogMTdweCI+c3Vic2NyaXB0aW9uIGluIGdvb2Qgc3RhbmRp
bmcgd2hlbiB0aGUgYmV0YSB0ZXN0IGlzIHNjaGVkdWxlZCB0byBjb21tZW5jZS4gU2hvdWxkIHlv
dSBiZSBzZWxlY3RlZCB0byBwYXJ0aWNpcGF0ZSBpbiB0aGUmbmJzcDs8QlIgc3R5bGU9IkxJTkUt
SEVJR0hUOiAxN3B4Ij5iZXRhIHRlc3QgeW91IHdpbGwgYmUgYWJsZSB0byB0cmFuc2ZlciB5b3Vy
IGNoYXJhY3RlcnMgb250byBvdXIgdGVzdCByZWFsbSBhbmQgZW1iYXJrIG9uIHRoZSBlcGljIGpv
dXJuZXkgYWdhaW5zdCB0aGUmbmJzcDs8QlIgc3R5bGU9IkxJTkUtSEVJR0hUOiAxN3B4Ij5kcmVh
ZGVkIERlYXRod2luZyEmbmJzcDs8QlIgc3R5bGU9IkxJTkUtSEVJR0hUOiAxN3B4Ij48QlIgc3R5
bGU9IkxJTkUtSEVJR0hUOiAxN3B4Ij5XZSBsb29rIGZvcndhcmQgdG8gd29ya2luZyB3aXRoIHlv
dSBpbiB0aGUgV29ybGQgb2YgV2FyY3JhZnQ6IENhdGFjbHN5bSBCZXRhIHRlc3QuJm5ic3A7PEJS
IHN0eWxlPSJMSU5FLUhFSUdIVDogMTdweCI+PEJSIHN0eWxlPSJMSU5FLUhFSUdIVDogMTdweCI+
UmVnYXJkcyw8QlIgc3R5bGU9IkxJTkUtSEVJR0hUOiAxN3B4Ij48QlIgc3R5bGU9IkxJTkUtSEVJ
R0hUOiAxN3B4Ij5CZXRhIEFjY291bnQgU3VwcG9ydCZuYnNwOzxCUiBzdHlsZT0iTElORS1IRUlH
SFQ6IDE3cHgiPkJsaXp6YXJkIEVudGVydGFpbm1lbnQ8QlIgc3R5bGU9IkxJTkUtSEVJR0hUOiAx
N3B4Ij48QlIgc3R5bGU9IkxJTkUtSEVJR0hUOiAxN3B4Ij48QlIgc3R5bGU9IkxJTkUtSEVJR0hU
OiAxN3B4Ij5DYXRhY2x5c20gQmV0YSBPcHQtSW48QlIgc3R5bGU9IkxJTkUtSEVJR0hUOiAxN3B4
Ij5CTElaWkFSRCAobm9yZXBseUBibGl6emFyZC5jb20pPC9QUkU+PC9TUEFOPjwvRElWPjwvQk9E
WT48L0hUTUw+DQo=
Anbei hänge ich gleich mal einen HiJackthis Logfile mit an
HiJackthis Logfile:
Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:11:12, on 19.10.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\MPK\mpk.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Master\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.winfuture.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 74.208.10.249 gs.apple.com
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Master\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [VNC server for X64_win32] C:\Program Files\UltraVNC\winvnc.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Master\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Master\AppData\Roaming\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC683FAE-A533-4345-8B5C-C2054CFE100F}: NameServer = 192.168.178.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FSPro Filter Service (fsproflt) - FSPro Labs - C:\Windows\SysWOW64\fsproflt.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Windows Media Player-Netzwerkfreigabedienst (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9355 bytes
--- --- ---
Hoffe kann mir einer sagen wo durch das kommt. Wird da mit meiner email gespamt ?