More Spam e-mails - how can I stop them???

Money_Grabber13579

Should I post it up if I remove all the e-mail addresses?

davb

There is a lot of stuff in there that could give out info you wouldn't want on a public forum, so be careful what you leave in.
What you really need to do is compare it to a genuine header, so email from one of your accounts to the other, and have a look. So if for example your emails are on Hotmail, and the dodgy one came from say Virgin - then it looks spoofed. If however they are very similar, then it could be your problem - or the spoofing is from a similar email domain.

If your PC scans clean for Viruses and malware, and you change the passwords for your accounts, there isn't much more you can do. Maybe mentioning to the lecturer that you think your email address is being spoofed will hopefully help.
May also be worth setting up a clean email account on say Googlemail, so you have a fallback.

Money_Grabber13579

The thing is, they are totally different. The e-mails I actually send have properties of about 10 lines. This has properties of about 40 lines! The only e-mail addresses I see appearing are mine and the lecturers. There are several IP addresses, none of which are mine. They start 65. or 119. Mine currently starts 92.

davb

If they are very different, then they could well be spoofed. It won't normally be as clear as having the spammer's email address in there, its more that you can see the IP's and domains it came from, which will hopefully help to trace the origin (if only for peace of mind if it's not you).
Time for some sleep now, but if you want to remove the email addresses and PM me the two headers, I will take a look in the morning. No problem either way, it's up to you.
The other thing you may be able to do is let the IT Techs at the College/Uni have a look at them. Nothing like a second opinion.

Money_Grabber13579

Okay, many thanks. Sent it there now.

Money_Grabber13579

Malwarebytes' Anti-Malware 1.41
Database version: 3259
Windows 6.1.7600

30/11/2009 01:01:37
mbam-log-2009-11-30 (01-01-37).txt

Scan type: Full Scan (C:\|G:\|)
Objects scanned: 293753
Time elapsed: 2 hour(s), 31 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

davb

I have had a look at the headers you sent, and it does seem that there is something iffy. The bit in question is

X-Originating-IP: [119.1.164.2]

which indicates for a Hotmail email, the IP Address of the computer that sent the email - which in this case resolves to China. So unless you really are in China, it looks like it's not from you
It still raises the question as to how the spammers have got your email addresses and those of your contacts. As I mentioned before though,it could be someone else in your circle of contacts - are you getting bounces from anyone you don't know or haven't dealt with?
I'm not an expert on headers, but that's what it seems to me.

Money_Grabber13579

I've eventually found the e-mail that was sent. It had been transferred to the deleted folder, and it had under bcc all the addresses of the people it had been sent to. Everyone that got a copy had been in contact with me before, so all their address would have been on the e-mails that were saved in the inbox. I presume then that they just had some software to skim these addresses and then send this spam on?

I have changed my password and my security question so I'll monitor it and see what happens in the next few days. Thanks everyone for your help so far!