deleted by creator
- 1 Post
- 12 Comments
Joined 3 days ago
Cake day: September 3rd, 2025
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
I wish I could bring it to an expert. Do you know how to find one? Here is the file: https://paste.centos.org/view/5df16fbe Sorry for the delay
I will try it, thank you :)
The answers are good enough for me here
I’m not just trying to get rid of the malware but also understand what it’s doing. Besides, wiping the system doesn’t help as some viruses can permanently corrupt bios. So before wiping out, I think it’s a good idea to know what’s going on my pc and where do my data go, if there is a malware. I’m a rookie with network monitoring, that’s why I’m trying to learn from more experienced users. Here is the part of the original capture: https://limewire.com/?referrer=pq7i8xx7p2. I will disable tor and close all apps along with some serviced and record again. I will let you know, thanks for your help
No, it wasn’t at the time of recording. It was a confirmation later on that tor and network manager were the only apps using the ports with brave opened.
Does also your computer connect to Amazon, Hetzner, 1337 Services GmbH, Evanzo GmbH and ThomasFamilyInvestments without a reason?
Yes, .100 is me. I have a Zyxel router, should it show the intended recipient? I’m running Linux. What do you mean by a high port to a low port? I also think there is a malware.
Thank you for the informations. There were nothing in the foreground but tor was apparently running in the background. But I’m still not sure if these services were all due to Tor. I need to run another record I guess
Thanks for the informations. This clarifies a lot.
i only have these over long term but brave was closed when recording:
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
udp ESTAB 0 0 192.168.1.100%wlan0:68 192.168.1.1:67 users:((“NetworkManager”,pid=1065,fd=27))
tcp ESTAB 0 0 192.168.1.100:57728 185.246.86.175:9001 users:((“tor”,pid=1143,fd=16))
tcp ESTAB 0 0 192.168.1.100:60406 54.36.178.108:443 users:((“brave”,pid=5153,fd=27))
tcp ESTAB 0 0 192.168.1.100:40606 89.58.56.112:587 users:((“tor”,pid=1143,fd=12))
so am i running a relay in the background although tor browser is closed?
LineageOS sends connectivity checks and time adjustment requests to google servers as far as I know. Are you sure it doesn’t send anything to google? On the other hand, there is an app Invizible Pro on FDroid, which is perfect to prevent such connections. Maybe you assume the user will install it?