Internet was blocked for a so called virus????????

Need Help?

That's what we're here for! The goal of the Rogers Community is to help you find answers on everything Rogers. Can't find what you're looking for? Just ask!
cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Highlighted
Moderator
Moderator
Posts: 24

Re: Internet was blocked for a so called virus????????

Hey @GSGSGS

 

Congrats on your first post and welcome to the Rogers Community Forums! 🙌 I hope you're staying safe and sound. I know first hand how frustrating it is to be affected with a virus and how inconvenient it is. Are you able to find the root cause of the malware? Have you checked your other devices as well? 

 

Our Resident Expert @Datalink had a great response pertaining to this very issue. You can check out his post HERE

 

Please let us know if that helps and feel free to reach out in the event that you require additional assistance! 

 

Cheers! 

 

RogersJo 

Highlighted
I've Been Around
Posts: 1

Re: Internet was blocked for a so called virus????????

I experienced same issue for the last couple of months ,  had my internet services suspended a few times.  Ran Malwarebytes ,  AVG and Rogers Anti-virus scan on all my Windows machines per Rogers tech support, also re-install Windows.  Everything came out clean and this is frustrating.  

Finally I added a D-Link router to Rogers modem running as bridge mode , configure DIR-2640 firewall rule to block all internal DHCP IP addresses to connect to DESTINATION IP: 195.22.26.248 and  DESTINATION PORT: 80 .  Hopefully this will stop Rogers Internet suspension , if this does not work, I most likely switch to another provider.  

I am kind of disappointed that Rogers known this is issue since 2014 and they did not take action to secure customers router or provide solution to block Malware Botnet drone.  Rather Roger suspends internet service to upset customers.

Highlighted
Resident Expert
Resident Expert
Posts: 14,245

Re: Internet was blocked for a so called virus????????

Unfortunately, outside of blocking ports (which, could potentially block GOOD software as well), there is not much they can do for protection wise.
There are so many 100's of 1000's of internet connectivity type devices, there is no way they could have/provide something to protect each one.  Any end user devices are always up to the end user.

That being said.. seeing more of these lately.. i am thinking of 1-2 things (leaning towards number 2)

1 ) With other internet connected devices (outside of phones, and computers), there are some other internet connected devices which can over time been prone to some hacks, etc over time.   All these sorts of devices often have firmware upgrades available, often through the attached app for them.

2 ) Modem MAC cloning.   People are not noticing this as much now, with unlimited plans, if their usage might be up, etc.
That someone has a modem, using SOMEONE ELSES MAC address cloned onto it.   That to rogers side, anything coming from this modem, would be tied to your account as well.  That the people with these things, are doing things from illegal downloading, to running specifically SPAM, Malware bots, etc.    So any of that bad stuff would be triggering on the real users accounts.
The only real way to try and fix this is to do a modem swap.



Highlighted
I've Been Around
Posts: 1

Re: Internet was blocked for a so called virus????????

I got a message today too.

 

IP 174.115.252.61 .
 data: SOURCE TIME: 2020-09-09 00:34:39Z
IP: 174.115.252.61
ASN: 812
AS NAME: ROGERS-COMMUNICATIONS, CA
MALWARE FAMILY: gumblar
TYPE: botnet drone
DESCRIPTION: This host is most likely infected with malware.
DESTINATION IP: 50.63.89.1
DESTINATION PORT: 80
PROTOCOL: 6
UUID
: fb932bf7-92ae-4fed-880e-830605914f39

 

We have 2 Macbooks, 1 PC, 2 iPhones, XBOX, and a smart TV that have all been accessing the Internet in the last few days. We ran scans on the 3 computers and the iPhones (using Avast on the Apple products). Not sure how to scan the TV and XBOX?

I'm really confused by all the different advice here. What should my next steps be?

Highlighted
I Plan to Stick Around
Posts: 27

Re: Internet was blocked for a so called virus????????

Received my first email today regarding this matter and apparently it is a final notice.  None of my windows PCs have this UUID

 

IP 99.242.XXX.XXX .
 data: SOURCE TIME: 2020-09-15 04:20:56Z
IP: 99.242.XXX.XXX
ASN: 812
AS NAME: ROGERS-COMMUNICATIONS, CA
TYPE: scanner
DESCRIPTION: This host has most likely been performing port scanning related activity.
DESTINATION PORT: 55764
PROTOCOL: 6
UUID
: b05979dd-d36f-4770-9d40-c79eba43c530

Highlighted
I Plan to Stick Around
Posts: 13

Re: Internet was blocked for a so called virus????????

Important Security Message About Your Rogers Internet Service General-Port-Scanning

 

Hello All

 

Just received a message from rogers says my host is doing general-port-scanning, do not have much idea about it. Could anyone shed some lights? Thanks in advance!

 

Here is some information:

IP xxx.xxx.xxx.xxx .
 data: SOURCE TIME: 2020-09-18 03:04:47Z
IP: xxx.xxx.xxx.xxx

ASN: 812
AS NAME: ROGERS-COMMUNICATIONS, CA
TYPE: scanner
DESCRIPTION: This host has most likely been performing port scanning related activity.
DESTINATION PORT: 32748
PROTOCOL: 17

Highlighted
Moderator
Moderator
Posts: 1,285

Re: Internet was blocked for a so called virus????????

Hello and welcome @firewater99!

 

As per the information on the website provided...

 

This may be happening for a number of reasons:

  • Your device(s) is infected with Malware.
  • A device or software application on your network is not configured properly.
  • Someone is knowingly using your device(s) for this malicious activity.

Misconfigured services or daemons can allow outside internet users to connect to your device and use it as a relay agent. Software that could be used as a relay agent include: Wingate, Winproxy and Sygate, among others. You should review your system configuration for security vulnerabilities, and test your security via an outside connection if possible.

 

If you aren't sure how to proceed, you should remove any proxy server software from your network until a solution is found.

 

One possible option for removing these virus(es) or Malware is to perform a full system scan on your device(s) using an up-to-date antivirus program.

 

If you're not sure how to apply these solutions, then you will want to hire a private PC tech to make sure all the devices on your network are secure. 

 

Regards,

RogersCorey