Rogers Community

Dantheman2000 · ‎01-17-2014

My internet was blocked twice for apparently having a virus I was not aware of. The second time we called the tech support they told us to do the same procedure as the first using the anti virus provided over an email. I had done that hole procedure before and no infection was detected on any of my laptops. I was even suggested an anti virus by the second tech guy which I scanned my main laptop and still no infection. So IM very confused on what the problem may be. He told me of a virus that could get by the virus things but even after the one he had recommended to me which is a strong anti virus apparently... Still nothing... And my main laptop is brand new. Im still left confused because I do not know of any virus going on at all. And I can keep having my internet blocked as I'm a college student and really need the internet for my studies.

***edited labels***

jjhkkww · ‎09-11-2020

I got a message today too.

IP 174.115.252.61 .
data: SOURCE TIME: 2020-09-09 00:34:39Z
IP: 174.115.252.61
ASN: 812
AS NAME: ROGERS-COMMUNICATIONS, CA
MALWARE FAMILY: gumblar
TYPE: botnet drone
DESCRIPTION: This host is most likely infected with malware.
DESTINATION IP: 50.63.89.1
DESTINATION PORT: 80
PROTOCOL: 6
UUID
: fb932bf7-92ae-4fed-880e-830605914f39

We have 2 Macbooks, 1 PC, 2 iPhones, XBOX, and a smart TV that have all been accessing the Internet in the last few days. We ran scans on the 3 computers and the iPhones (using Avast on the Apple products). Not sure how to scan the TV and XBOX?

I'm really confused by all the different advice here. What should my next steps be?

mhs2 · ‎09-16-2020

Received my first email today regarding this matter and apparently it is a final notice. None of my windows PCs have this UUID

IP 99.242.XXX.XXX .
data: SOURCE TIME: 2020-09-15 04:20:56Z
IP: 99.242.XXX.XXX
ASN: 812
AS NAME: ROGERS-COMMUNICATIONS, CA
TYPE: scanner
DESCRIPTION: This host has most likely been performing port scanning related activity.
DESTINATION PORT: 55764
PROTOCOL: 6
UUID
: b05979dd-d36f-4770-9d40-c79eba43c530

firewater99 · ‎09-22-2020

Important Security Message About Your Rogers Internet Service General-Port-Scanning

Hello All

Just received a message from rogers says my host is doing general-port-scanning, do not have much idea about it. Could anyone shed some lights? Thanks in advance!

Here is some information:

IP xxx.xxx.xxx.xxx .
data: SOURCE TIME: 2020-09-18 03:04:47Z
IP: xxx.xxx.xxx.xxx

ASN: 812
AS NAME: ROGERS-COMMUNICATIONS, CA
TYPE: scanner
DESCRIPTION: This host has most likely been performing port scanning related activity.
DESTINATION PORT: 32748
PROTOCOL: 17

RogersCorey · ‎09-23-2020

Hello and welcome @firewater99!

As per the information on the website provided...

This may be happening for a number of reasons:

Your device(s) is infected with Malware.
A device or software application on your network is not configured properly.
Someone is knowingly using your device(s) for this malicious activity.

Misconfigured services or daemons can allow outside internet users to connect to your device and use it as a relay agent. Software that could be used as a relay agent include: Wingate, Winproxy and Sygate, among others. You should review your system configuration for security vulnerabilities, and test your security via an outside connection if possible.

If you aren't sure how to proceed, you should remove any proxy server software from your network until a solution is found.

One possible option for removing these virus(es) or Malware is to perform a full system scan on your device(s) using an up-to-date antivirus program.

If you're not sure how to apply these solutions, then you will want to hire a private PC tech to make sure all the devices on your network are secure.

Regards,

RogersCorey

ALLAN707 · ‎10-26-2020

I keep getting the following message from Rogers and wonder if it is genuine or a scam of some kind. Has anyone else received this message?

Thanks

Al

Dear Valued Customer,

There's a problem with an internet-connected device in your home that's interfering with the Rogers network in your area. This may be a computer, phone, tablet, sensors or any other device connected to your Wi-Fi. Unfortunately, we're unable to help you identify the problem device.

A device connected to your Rogers Internet is showing signs of an exploitable NetBIOS vulnerability. You can learn more about this issue by clicking here. <https://www.rogers.com/customer/support/article/rogers-terms-of-service-netbios-vulnerability>

Because the problem is with your device and not the Rogers network, Rogers can't offer you additional support in this matter. We need you to take the necessary steps to resolve this issue.

We recommend you:

1. Run an anti-virus program to remove any infections.

2. Speak to a third-party computer repair technician.

Under the Rogers Terms of Service and Acceptable Use Policy, you are responsible for the security of any device you connect to the service.

If you fail to correct this issue, your service may be suspended and/or terminated as per the Rogers Terms of Service and Acceptable Use Policy.

If you have services that require an internet connection (eg. Rogers Smart Home Monitoring) and your internet is suspended and/or terminated, these services will no longer work.

Please click here <http://www.rogers.com/cms/pdf/en/Rogers-Terms-of-Service-Acceptable-Use-Policy-and-Privacy-Policy-en...> to review the Acceptable Use Policy specific to this issue.

If you would like to contact us about this, visit rogers.com/contactus to see how you can reach us.

Thank you for your cooperation and for being a Rogers customer.

Please do not reply to this email, as this email inbox is not monitored.

Please Be Advised: Rogers will never ask you for your password or other confidential personal information via email or phone.

If you would like to verify that this email is from Rogers you can contact us at the information listed on your monthly bill

Any emails/phone calls you receive purporting to be from Rogers that you believe to be fake, can be reported to abuse@rogers.com

12387542

The IP reported below is the IP responding to scans. It is possible a different IP may be listening and responding from the IP below.

IP 99.237.XXX

data: TIMESTAMP: 2020-10-25 03:21:06

IP: 99.237.XXX

PROTOCOL: udp

PORT: 137

HOSTNAME: cpe64777d618833-cm64777d618830.cpe.net.cable.rogers.com

TAG: netbios

MAC_ADDRESS: 00-00-00-00-00-00

ASN: 812

GEO: CA

REGION: ONTARIO

CITY: SCARBOROUGH

WORKGROUP: HITRON

MACHINE_NAME: CODA4582

USERNAME: CODA4582

NAICS: 517311

SECTOR: Communications

l

stepy2015 · ‎10-27-2020

If you are unsure if it is real or not check if port 137 is open on your router and disable UPNP as that may have triggered the port to open, there is probably an infected device device on your home network that opened that port look at the port forward section of your router to see if you can identify the device based on the internal ip

Rogers Community

Internet was blocked for a so called virus????????

Re: Internet was blocked for a so called virus????????

Re: Internet was blocked for a so called virus????????

Re: Internet was blocked for a so called virus????????

Re: Internet was blocked for a so called virus????????

Re: Internet was blocked for a so called virus???????

Re: Internet was blocked for a so called virus???????