As much as I can see, no, at least not with the start page set at yandex search... In the attachment are the startup connections that I can see, but perhaps a more thorough analysis is needed. If someone's willing to check in detail, it'd be nice to know.
As much as I can see, no, at least not with the start page set at yandex search... In the attachment are the startup connections that I can see, but perhaps a more thorough analysis is needed. If someone's willing to check in detail, it'd be nice to know.
Thanks for the read, interesting. I flew over it as I'm at work now, waiting for something to render... I can only conclude (time and time again and again and again) that everyone is corrupt and we can rely only to ourselves to protect, and not on any single entity...
Anyway, I logged the connections made from starting up Yandex - see if anything stands out:
Event Time Event Remote Address Remote Host Name
21.11.2017. 11.24.50 Open 77.88.21.232 sba.search.yandex.net
21.11.2017. 11.24.50 Open 213.180.193.82 api.browser.yandex.ru
21.11.2017. 11.24.51 Open 93.158.134.82 api.browser.yandex.ru
21.11.2017. 11.24.51 Open 93.158.134.82 api.browser.yandex.ru
21.11.2017. 11.24.51 Open 64.233.162.106 li-in-f106.1e100.net
21.11.2017. 11.24.51 Open 194.177.22.167 194-177-22-167.flops.ru
21.11.2017. 11.24.52 Open 213.180.204.194 translate.yandex.net
21.11.2017. 11.24.57 Open 5.45.205.235 cdn.yandex.net
21.11.2017. 11.24.57 Open 5.45.205.235 cdn.yandex.net
21.11.2017. 11.24.57 Open 5.45.205.235 cdn.yandex.net
21.11.2017. 11.24.57 Open 5.45.205.235 cdn.yandex.net
21.11.2017. 11.24.57 Open 5.45.247.13 cache-ams05.cdn.yandex.net
21.11.2017. 11.24.57 Open 5.45.247.13 cache-ams05.cdn.yandex.net
21.11.2017. 11.24.57 Open 5.45.247.13 cache-ams05.cdn.yandex.net
21.11.2017. 11.24.57 Open 5.45.247.11 cache-ams03.cdn.yandex.net
21.11.2017. 11.24.58 Open 77.88.21.232 sba.search.yandex.net
21.11.2017. 11.24.59 Open 77.88.21.237 webzen.stable.qloud-b.yandex.net
21.11.2017. 11.25.02 Close 5.45.205.235 cdn.yandex.net
21.11.2017. 11.25.02 Close 5.45.205.235 cdn.yandex.net
21.11.2017. 11.25.02 Close 5.45.205.235 cdn.yandex.net
21.11.2017. 11.25.02 Close 5.45.205.235 cdn.yandex.net
21.11.2017. 11.25.12 Close 5.45.247.13 cache-ams05.cdn.yandex.net
21.11.2017. 11.25.12 Close 5.45.247.13 cache-ams05.cdn.yandex.net
21.11.2017. 11.25.12 Close 5.45.247.13 cache-ams05.cdn.yandex.net
21.11.2017. 11.25.13 Close 5.45.247.11 cache-ams03.cdn.yandex.net
21.11.2017. 11.25.19 Open 87.250.250.55 browser-storage-proxy.stable.qloud-b.yandex.net
21.11.2017. 11.26.02 Close 194.177.22.167 194-177-22-167.flops.ru
21.11.2017. 11.26.51 Close 213.180.193.82 api.browser.yandex.ru
21.11.2017. 11.26.51 Close 93.158.134.82 api.browser.yandex.ru
21.11.2017. 11.26.51 Close 93.158.134.82 api.browser.yandex.ru
21.11.2017. 11.26.52 Close 213.180.204.194 translate.yandex.net
21.11.2017. 11.26.59 Close 77.88.21.237 webzen.stable.qloud-b.yandex.net
21.11.2017. 11.27.19 Close 87.250.250.55 browser-storage-proxy.stable.qloud-b.yandex.net
21.11.2017. 11.28.51 Close 64.233.162.106 li-in-f106.1e100.net
21.11.2017. 11.29.49 Open 213.180.204.82 api.browser.yandex.ru
21.11.2017. 11.29.49 Open 213.180.204.82 api.browser.yandex.ru
21.11.2017. 11.29.49 Open 213.180.204.82 api.browser.yandex.ru
21.11.2017. 11.29.49 Open 213.180.204.82 api.browser.yandex.ru
21.11.2017. 11.29.49 Open 213.180.204.82 api.browser.yandex.ru
21.11.2017. 11.29.49 Open 213.180.204.82 api.browser.yandex.ru
EDIT: I should mention that I wasn't touching the browser during the logging time...
EDIT2: Indeed there is a Google connection made, at 64.233... but that was a last closed page from previous session.
Thanks for the read, interesting. I flew over it as I'm at work now, waiting for something to render... I can only conclude (time and time again and again and again) that everyone is corrupt and we can rely only to ourselves to protect, and not on any single entity...
Anyway, I logged the connections made from starting up Yandex - see if anything stands out:
Event Time Event Remote Address Remote Host Name
21.11.2017. 11.24.50 Open 77.88.21.232 sba.search.yandex.net
21.11.2017. 11.24.50 Open 213.180.193.82 api.browser.yandex.ru
21.11.2017. 11.24.51 Open 93.158.134.82 api.browser.yandex.ru
21.11.2017. 11.24.51 Open 93.158.134.82 api.browser.yandex.ru
21.11.2017. 11.24.51 Open 64.233.162.106 li-in-f106.1e100.net
21.11.2017. 11.24.51 Open 194.177.22.167 194-177-22-167.flops.ru
21.11.2017. 11.24.52 Open 213.180.204.194 translate.yandex.net
21.11.2017. 11.24.57 Open 5.45.205.235 cdn.yandex.net
21.11.2017. 11.24.57 Open 5.45.205.235 cdn.yandex.net
21.11.2017. 11.24.57 Open 5.45.205.235 cdn.yandex.net
21.11.2017. 11.24.57 Open 5.45.205.235 cdn.yandex.net
21.11.2017. 11.24.57 Open 5.45.247.13 cache-ams05.cdn.yandex.net
21.11.2017. 11.24.57 Open 5.45.247.13 cache-ams05.cdn.yandex.net
21.11.2017. 11.24.57 Open 5.45.247.13 cache-ams05.cdn.yandex.net
21.11.2017. 11.24.57 Open 5.45.247.11 cache-ams03.cdn.yandex.net
21.11.2017. 11.24.58 Open 77.88.21.232 sba.search.yandex.net
21.11.2017. 11.24.59 Open 77.88.21.237 webzen.stable.qloud-b.yandex.net
21.11.2017. 11.25.02 Close 5.45.205.235 cdn.yandex.net
21.11.2017. 11.25.02 Close 5.45.205.235 cdn.yandex.net
21.11.2017. 11.25.02 Close 5.45.205.235 cdn.yandex.net
21.11.2017. 11.25.02 Close 5.45.205.235 cdn.yandex.net
21.11.2017. 11.25.12 Close 5.45.247.13 cache-ams05.cdn.yandex.net
21.11.2017. 11.25.12 Close 5.45.247.13 cache-ams05.cdn.yandex.net
21.11.2017. 11.25.12 Close 5.45.247.13 cache-ams05.cdn.yandex.net
21.11.2017. 11.25.13 Close 5.45.247.11 cache-ams03.cdn.yandex.net
21.11.2017. 11.25.19 Open 87.250.250.55 browser-storage-proxy.stable.qloud-b.yandex.net
21.11.2017. 11.26.02 Close 194.177.22.167 194-177-22-167.flops.ru
21.11.2017. 11.26.51 Close 213.180.193.82 api.browser.yandex.ru
21.11.2017. 11.26.51 Close 93.158.134.82 api.browser.yandex.ru
21.11.2017. 11.26.51 Close 93.158.134.82 api.browser.yandex.ru
21.11.2017. 11.26.52 Close 213.180.204.194 translate.yandex.net
21.11.2017. 11.26.59 Close 77.88.21.237 webzen.stable.qloud-b.yandex.net
21.11.2017. 11.27.19 Close 87.250.250.55 browser-storage-proxy.stable.qloud-b.yandex.net
21.11.2017. 11.28.51 Close 64.233.162.106 li-in-f106.1e100.net
21.11.2017. 11.29.49 Open 213.180.204.82 api.browser.yandex.ru
21.11.2017. 11.29.49 Open 213.180.204.82 api.browser.yandex.ru
21.11.2017. 11.29.49 Open 213.180.204.82 api.browser.yandex.ru
21.11.2017. 11.29.49 Open 213.180.204.82 api.browser.yandex.ru
21.11.2017. 11.29.49 Open 213.180.204.82 api.browser.yandex.ru
21.11.2017. 11.29.49 Open 213.180.204.82 api.browser.yandex.ru
EDIT: I should mention that I wasn't touching the browser during the logging time...
EDIT2: Indeed there is a Google connection made, at 64.233... but that was a last closed page from previous session.
Wow. All I can say is thank you, I have missed that one. Thus far it looks, it is not required by sync at all. When I was googling for it, I had found mentioned, that it is required by Google Sync and I had sort of ignored the difference. Yandex mentions only 443/5222. I have removed the port and it is all clean now.
Has no one else noticed that it tries to re-direct to "troviDOTcom" when using the address bar to search? I used this browser for a long while until I noticed this months ago. Even tweeted at them a few times and got nothing. I have no malware on my pc by the way. I thought for sure at least someone would have mentioned this on here. I can't find any one else even talking about this.
Edit: Of course as I typed this up someone did mention this and noticed it's only when using Bing (which I use) for default browser. The search string is set to go through trovi...what in the hell?
DNSSEC is a nice addition to DNS security, but it is overrated, since it can be easily bypassed.- recdnsfp by recdnsfp
Well then, version 17.11 has also introduced an exe, which runs nonstop doing something and as if that was not bad enough, it does it without my permission and it does not actually do anything, it is disabled. I might have overlook it, if it was up only when the browser is opened, but when I close the browser, I expect it to be closed along with everything related to it (like steam service does), thus the reason, I have unchecked "Allow background processes to run when the browser is closed".
EDIT: OK, it is just the service, which can be disabled, still not happy about it. Yandex is testing my patience, again and again, maybe it is time for a change.
So Yandex Browser Protect can be actually uninstalled, so I have got a panic attack for no reason.
Still, the installer could have asked. When I first noticed ycs.exe, I thought, that I was infected by malware.
So Yandex Browser Protect can be actually uninstalled, so I have got a panic attack for no reason.
Still, the installer could have asked. When I first noticed ycs.exe, I thought, that I was infected by malware.
Yeah, I can't figure that out. The protect file is in program files, but the browser itself is in appdata.
Why do programs these days install themselves in appdata? What are the advantages?