Is this a trojan?

Status
Not open for further replies.

Mechakingkong

Posts: 39   +0
hello staff: today i downloaded some firewalls that you guys link like Comodo BOClean, PC Tools Firwall plus and Zone Alarm from the download section, wich are all very usefull.im greatful to you guys for making my pc alot safer. I just finished installing Zone Alarm and it showed me a weird ip. address 91.124.231.54 (Port:2612)...i searched on google and the results showed a link to a site called Project Honey Pot wich it says it only tracks spam on your e-mail, i don't know if this is true.
The other ip.address it showed was 190.51.13.86 (Port:48603) and this time the google results showed a link that said download "haha" followed by some sentences that i think were in portuguese language.(i never entered either links)
Do you know anything about this kind of stuff? is it normal to have them check my spam?i am very ignorant in this matters. thx for your time.
 
Code:
$ [B]whois -H -B 91.124.231.54[/B]
% This is the RIPE Whois query server #3.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/db/copyright.html

% Information related to '91.124.231.0 - 91.124.231.255'

inetnum:        [B]91.124.231.0 - 91.124.231.255[/B]
netname:        UKRTELNET
descr:          Ukrtelecom IP access network
descr:          NCC#2007092897 Approved IP assignment
country:        ua
remarks:        E-mail for SPAM and abuse  postmaster@ukrtel.net
admin-c:        ARM42-RIPE
tech-c:         ARM42-RIPE
status:         ASSIGNED PA
mnt-by:         AS6849-MNT
changed:        aremiga@ukrtel.net 20080408
source:         RIPE

person:         Remiga Alexander
address:        JSC UKRTELECOM
address:        18, Shevchenko blvd
address:        [COLOR="Red"]Ukraine, Kiev[/COLOR]
phone:          +380 (44) 230-9024
nic-hdl:        ARM42-RIPE
mnt-by:         AS6849-MNT
changed:        aremiga@ukrtel.net 20080407
source:         RIPE

% Information related to '91.124.0.0/16AS6849'

route:          91.124.0.0/16
descr:          AGGREGATE BLOCK FOR UKRTELECOM
origin:         AS6849
mnt-by:         AS6849-MNT
changed:        aremiga@ukrtel.net 20061006
source:         RIPE

Code:
whois -H  [B]190.51.13.86[/B]

% Joint Whois - whois.lacnic.net
%  This server accepts single ASN, IPv4 or IPv6 queries

% LACNIC resource: whois.lacnic.net


% Copyright LACNIC lacnic.net
%  The data below is provided for information purposes
%  and to assist persons in obtaining information about or
%  related to AS and IP numbers registrations
%  By submitting a whois query, you agree to use this data
%  only for lawful purposes.
%  2009-02-06 18:01:38 (BRST -02:00)

inetnum:     190.51/16
status:      allocated
owner:       Telefonica de Argentina
ownerid:     AR-TEAR7-LACNIC
responsible: Agustín Gomez Dhers
address:     AV. ING. HUERGO - OBS. JUDICIALES, 723,
address:     1065 - Buenos Aires - CF
country:     AR
phone:       +54 11 4332-2220 []
owner-c:     TEA
tech-c:      TEA
abuse-c:     TEA
inetrev:     190.51/16
nserver:     DNS1.MRSE.COM.AR
nsstat:      20090204 AA
nslastaa:    20090204
nserver:     DNS2.MRSE.COM.AR
nsstat:      20090204 AA
nslastaa:    20090204
nserver:     DNS3.MRSE.COM.AR
nsstat:      20090204 AA
nslastaa:    20090204
created:     20070130
changed:     20070130

nic-hdl:     TEA
person:      TELEFONICA DE ARGENTINA
e-mail:      tasamail@TELEFONICA.COM.AR
address:     AV. ING. HUERGO, 723,
address:     1065 - Capital Federal - BA
country:     AR
phone:       +54 11 4333-5000 []
created:     20030618
changed:     20081111

% whois.lacnic.net accepts only direct match queries.
% Types of queries are: POCs, ownerid, CIDR blocks, IP
% and AS numbers.
 
ok tyvm jobeard
why are they doing this to my pc.whats the motive?
also is it normal if i get norton scan logs even if i removed norton with the removal norton tool?ill post required steps in an hour

i did'nt get a malwarebytes log because the scan was clean.
 
this is an old malwarebytes log.i know old ones don't count but since kimsland always tells me to post the three of them without exeption here you go. it posted down here i don't know what happened.
 
Thanks ;)

But that's not exactly the Malwarebytes scan log :rolleyes:

Anyway, do this:

Uninstall your McAfee Antivirus
Then run the McAfee Removal Tool

Uninstall Spybot-S&D
Uninstall PC Tools Firewall Plus
Uninstall Comodo
Uninstall ZoneAlarm
Uninstall SUPERAntiSpyware

Restart

Run IE Reset: https://www.techspot.com/vb/post682762-2.html

Install Avira free AntiVirus

Startup Malwarebytes again. Update it, and then run a full scan

Attach the logs ;)
Actually, I can only read English, so I hope the above will fix everything up for you
 
Status
Not open for further replies.
Back