Multiple Request to LogMeIn
Daddy
I recently signed up for a public DNS service called OpenDNS. It lets me
see the DNS requests coming from my network.
I notice that every day, my 'network' (1 PC, 1 HDTV, 2 printers) is
making thousands of attempts to contact logmein.com. Also a large number
of requests for patch.everquest.com, which I understand is needed to
play Everquest.
At first I thought "I'm hacked" but Malwarebytes and Norton Power Eraser
say I'm clean. I recognize every item in my HiJackThis log and they're
all valid.
Then I thought "My wireless network is hacked" but I have a completely
random (maximum entropy)24-character password behind WPA2/AES
encryption. Anyway, I changed my network password, and the requests for
logmein and patch.everquest are still coming.
OpenDNS lets me block access to these servers (i.e., it won't return an
IP address) and I've been doing that for days. And yet I get no error
messages and everything on my PC seems to be working fine.
So now I'm thinking: maybe this is all legitimate, albeit puzzling.
Perhaps something installed on my PC is legitimately contacting these
servers? Maybe it's Firefox just doing its thing? Or maybe the maker of
my video card (Sapphire) once had a tie-in with Everquest and never
removed all the code from its bundled software?
So, after all this, my question: Has anyone else experienced this, and
is it expected behavior, that I just have to live with?
Daddy
Jay Garcia
--- Original Message ---
Everquest may be using the logmein service, see: https://secure.logmein.com/
That would make sense as far as I can tell.
--
*Jay Garcia - Netscape Champion*
www.ufaq.org
Netscape - Firefox - SeaMonkey - Thunderbird
Daddy
Thanks for your help. I did find out that it's possible to play
Everquest by using LogMeIn to login to a server on which Everquest is
installed. But for reasons described above, it's pretty much impossible
for a third party to be using my LAN to login to Everquest.
It's been several days since I blocked access to logmein and Everquest,
and I changed my network password, but those domains are still being
requested hundreds of times a day. Which leads me to suspect that it's
my own computer that's making those requests...
Daddy
Jay Garcia
--- Original Message ---
In your Windows command line, type netstat and you may be able to find
the source.
Daddy
> On 16.08.2011 10:46, Daddy wrote:
>
> --- Original Message ---
>
>> Thanks for your help. I did find out that it's possible to play
>> Everquest by using LogMeIn to login to a server on which Everquest is
>> installed. But for reasons described above, it's pretty much impossible
>> for a third party to be using my LAN to login to Everquest.
>>
>> It's been several days since I blocked access to logmein and Everquest,
>> and I changed my network password, but those domains are still being
>> requested hundreds of times a day. Which leads me to suspect that it's
>> my own computer that's making those requests...
>>
>> Daddy
>
> In your Windows command line, type netstat and you may be able to find
> the source.
>
>
these DNS requests when I have Firefox open) but surely Firefox isn't
doing this on its own?
I'm also aware that the internet is filled with 'chatter' that has
nothing to do with my own computer or my own LAN. Maybe my cable
internet company is routing these DNS requests through me and others on
its network? Simply load balancing, perhaps?
Daddy
pop
logmein (but you don't really need it). It probably is contacting the
logmein site to check for updates (or posting the status of your system
to the site although I believe the running service probably does this).
I have LogMeIn installed but leave the service disabled (but running)
until I need to use it.
HTH
pop