cancel
Showing results for 
Search instead for 
Did you mean: 

Internet was blocked for a so called virus????????

Dantheman2000
I've been around

My internet was blocked twice for apparently having a virus I was not aware of. The second time we called the tech support they told us to do the same procedure as the first using the anti virus  provided over an email. I had done that hole procedure before and no infection was detected on any of my laptops. I was even suggested an anti virus by the second tech guy which I scanned my main laptop and still no infection. So IM very confused on what the problem may be. He told me of a virus that could get by the virus things but even after the one he had recommended to me which is a strong anti virus apparently... Still nothing... And my main laptop is brand new. Im still left confused because I do not know of any virus going on at all. And I can keep having my internet blocked as I'm a college student and really need the internet for my studies. Smiley Frustrated

 

 

***edited labels***

68 REPLIES 68

Re: Internet was blocked for a so called virus????????

jjhkkww
I've been around

I got a message today too.

 

IP 174.115.252.61 .
 data: SOURCE TIME: 2020-09-09 00:34:39Z
IP: 174.115.252.61
ASN: 812
AS NAME: ROGERS-COMMUNICATIONS, CA
MALWARE FAMILY: gumblar
TYPE: botnet drone
DESCRIPTION: This host is most likely infected with malware.
DESTINATION IP: 50.63.89.1
DESTINATION PORT: 80
PROTOCOL: 6
UUID
: fb932bf7-92ae-4fed-880e-830605914f39

 

We have 2 Macbooks, 1 PC, 2 iPhones, XBOX, and a smart TV that have all been accessing the Internet in the last few days. We ran scans on the 3 computers and the iPhones (using Avast on the Apple products). Not sure how to scan the TV and XBOX?

I'm really confused by all the different advice here. What should my next steps be?

Re: Internet was blocked for a so called virus????????

mhs2
I plan to stick around

Received my first email today regarding this matter and apparently it is a final notice.  None of my windows PCs have this UUID

 

IP 99.242.XXX.XXX .
 data: SOURCE TIME: 2020-09-15 04:20:56Z
IP: 99.242.XXX.XXX
ASN: 812
AS NAME: ROGERS-COMMUNICATIONS, CA
TYPE: scanner
DESCRIPTION: This host has most likely been performing port scanning related activity.
DESTINATION PORT: 55764
PROTOCOL: 6
UUID
: b05979dd-d36f-4770-9d40-c79eba43c530

Re: Internet was blocked for a so called virus????????

firewater99
I plan to stick around

Important Security Message About Your Rogers Internet Service General-Port-Scanning

 

Hello All

 

Just received a message from rogers says my host is doing general-port-scanning, do not have much idea about it. Could anyone shed some lights? Thanks in advance!

 

Here is some information:

IP xxx.xxx.xxx.xxx .
 data: SOURCE TIME: 2020-09-18 03:04:47Z
IP: xxx.xxx.xxx.xxx

ASN: 812
AS NAME: ROGERS-COMMUNICATIONS, CA
TYPE: scanner
DESCRIPTION: This host has most likely been performing port scanning related activity.
DESTINATION PORT: 32748
PROTOCOL: 17

Re: Internet was blocked for a so called virus????????

Hello and welcome @firewater99!

 

As per the information on the website provided...

 

This may be happening for a number of reasons:

  • Your device(s) is infected with Malware.
  • A device or software application on your network is not configured properly.
  • Someone is knowingly using your device(s) for this malicious activity.

Misconfigured services or daemons can allow outside internet users to connect to your device and use it as a relay agent. Software that could be used as a relay agent include: Wingate, Winproxy and Sygate, among others. You should review your system configuration for security vulnerabilities, and test your security via an outside connection if possible.

 

If you aren't sure how to proceed, you should remove any proxy server software from your network until a solution is found.

 

One possible option for removing these virus(es) or Malware is to perform a full system scan on your device(s) using an up-to-date antivirus program.

 

If you're not sure how to apply these solutions, then you will want to hire a private PC tech to make sure all the devices on your network are secure. 

 

Regards,

RogersCorey

Re: Internet was blocked for a so called virus???????

I keep getting the following message from Rogers and wonder if it is genuine or a scam of some kind. Has anyone else received this message?

Thanks

Al

 

Dear Valued Customer,
 
There's a problem with an internet-connected device in your home that's interfering with the Rogers network in your area. This may be a computer, phone, tablet, sensors or any other device connected to your Wi-Fi. Unfortunately, we're unable to help you identify the problem device.
 
A device connected to your Rogers Internet is showing signs of an exploitable NetBIOS vulnerability. You can learn more about this issue by clicking here. <https://www.rogers.com/customer/support/article/rogers-terms-of-service-netbios-vulnerability>
 
Because the problem is with your device and not the Rogers network, Rogers can't offer you additional support in this matter. We need you to take the necessary steps to resolve this issue.
 
We recommend you:
1. Run an anti-virus program to remove any infections.
2. Speak to a third-party computer repair technician.
 
Under the Rogers Terms of Service and Acceptable Use Policy, you are responsible for the security of any device you connect to the service.
 
If you fail to correct this issue, your service may be suspended and/or terminated as per the Rogers Terms of Service and Acceptable Use Policy. 
 
If you have services that require an internet connection (eg. Rogers Smart Home Monitoring) and your internet is suspended and/or terminated, these services will no longer work.
 
Please click here <http://www.rogers.com/cms/pdf/en/Rogers-Terms-of-Service-Acceptable-Use-Policy-and-Privacy-Policy-en...> to review the Acceptable Use Policy specific to this issue.
 
If you would like to contact us about this, visit rogers.com/contactus to see how you can reach us.
 
Thank you for your cooperation and for being a Rogers customer.
Please do not reply to this email, as this email inbox is not monitored.
 
^Trademarks of Rogers Communications, Rogers Communications, 855 York Mills Road, Don Mills ON, M3B 1Z1. © 2016
 
Please Be Advised: Rogers will never ask you for your password or other confidential personal information via email or phone.
If you would like to verify that this email is from Rogers you can contact us at the information listed on your monthly bill
 
Any emails/phone calls you receive purporting to be from Rogers that you believe to be fake, can be reported to abuse@rogers.com
 
12387542
 
The IP reported below is the IP responding to scans. It is possible a different IP may be listening and responding from the IP below.
IP 99.237.XXX
data: TIMESTAMP: 2020-10-25 03:21:06
IP: 99.237.XXX
PROTOCOL: udp
PORT: 137
HOSTNAME: cpe64777d618833-cm64777d618830.cpe.net.cable.rogers.com
TAG: netbios
MAC_ADDRESS: 00-00-00-00-00-00
ASN: 812
GEO: CA
REGION: ONTARIO
CITY: SCARBOROUGH
WORKGROUP: HITRON
MACHINE_NAME: CODA4582
USERNAME: CODA4582
NAICS: 517311
SECTOR: Communications
 
 
  •  

 

  •  
  •  
  •  

 


l

Re: Internet was blocked for a so called virus???????

stepy2015
I plan to stick around

If you are unsure if it is real or not check if port 137 is open on your router and disable UPNP as that may have triggered the port to open, there is probably an infected device device on your home network that opened that port look at the port forward section of your router to see if you can identify the device based on the internal ip 

Topic Stats