Jump to content

Recommended Posts

Hey guys,

I use Raptr, a common program to track and log your gaming hours and achievements, and is used as a cross-Instant Messanger for XBoXLive, PSN, Yahoo, MSN and a few others.

Just yesterday I bought the Pro service, and noticed that the progam frequently calls out. To me, this makes sense because I think every 3-5 minutes it synchronizes with the computer in order to track my hours on a PC game, and synchronizes with me and the website in case I'm playing a game on a different platform, so I can accurately check any recent hours or achievements.

As a side note, I know Raptr to be a reputable company, based in either Canada or North America, and the program itself does not display any ads.

But when I was Google searching some of these IPs, I noticed that some were coming from China. Specifically the 200.0.0.0+ IP addresses, and one (222.68.183.118) was said to come from "Jiangsu Sumeida International Freight Substitute Co. Ltd Shanghai Office". Then I found some from a country named Moldova.

In comparison, I have a few IPS from the 70/80.0.0.0+, and then the rest are 200.0.0.0+.

Anyways, I was originally going to ask if there was a way to add the actual program raptr.exe to the exceptions to get these notifications to cease, since I'd want the normal traffic to flow, but when I saw the Chinese IPs, I can't help but be suspicious. So far all of my blocked traffic notifications have come from the program (raptr.exe), in the port 6881 with the varying incoming traffic on mixed IPs.

Is there an explanation or solution? this is a new machine, and has not been compromised (yet), and I'd like to keep it that way. I think shutting down Raptr is the best idea at the moment -.-;

Link to post
Share on other sites

Hello and welcome to MBAM forum, V3rdict: :)

svchost.exe is a file often targeted by malware. The other worrisome thing is that the IP blocks continue even after Raptr is closed.

Here's some additional info about the IP blocking module -- it would probably be best to proceed as if you might be infected....

IP blocks can indicate a number of things:

  • They could indicate that MBAM is doing its job of blocking bad content on websites.

  • In some cases the blocks are a false positive.

  • However, they can also be a sign of infection, especially if the blocks are outgoing and they occur when no browsers are open.

--> There is more information about the IP blocking module in the FAQ - Section G (and in the Helpdesk topics HERE and HERE).

They also contain instructions on how to determine what process might be trying to make the connections.

You may also research the IP in question at www.ip-lookup.net or a similar site.

On the other hand, if you think the IP blocks might be a false positive, then please read this article before starting a new topic in the False Positives forum.

Alternatively, if you think you might be infected, based on the IP blocks and/or other suspicious computer behavior, then please read the following to begin the cleaning process.

  • When starting your new post, please note the following:
  • Please do NOT post in a topic started by someone else, even if their problem sounds similar.
  • Please COPY/PASTE the requested logs into your post, rather than attaching them.
  • Under options, please be sure to select "track this topic" and "immediate email notification", so you'll know when a helper responds.
  • Please be patient - it may be 48 hours or more before a helper can assist you, especially when the forum is very busy.
  • Please do NOT "bump" your topic or reply back to it for at least 48 hours.
  • Doing so may cause your topic to be overlooked, as it will appear that you are already being helped.

Please be patient - someone will assist you as soon as possible.

Thanks!

daledoc1

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.