Support NeoGAF

[DarknessTear]

Do a boot time scan with avast.

If it's a root kit (meaning it comes back after you remove the virus) then combofix is the way to go. It's not the type of program you use if you're not a professional but honestly it's simple to use.

 

[BigJonsson]

Nope, I'm fine.

And I just checked, the number did come from them. So yeah, Its real. I never heard of this before.

So ok, I'll call them tomorrow morning. But for now, what can I do software wise? AVG and malwarebytes both said this computer is fine.

Or you can try the live chat on their website and ask for more details

 

[AxeMan]

Nope, I'm fine.

And I just checked, the number did come from them. So yeah, Its real. I never heard of this before.

So ok, I'll call them tomorrow morning. But for now, what can I do software wise?

You've done it. Run some scans on your devices.

If you want to be really proactive do as the other poster suggested and use Wireshark to capture the traffic on your network. Depending on how your network is hooked up you might need to capture on each individual device.

It might not be much use for you though if you don't know how to interpret the results

 

[Stallion Dan]

Nope, I'm fine.

And I just checked, the number did come from them. So yeah, Its real. I never heard of this before.

So ok, I'll call them tomorrow morning. But for now, what can I do software wise? AVG and malwarebytes both said this computer is fine.

Two people have suggested it could be a router issue based on posts found on the net. Reset it.

 

[Zukuu]

That sounds like all kinds of bollocks.

 

[JAV Actress]

There's an off chance your pc may be 'zombie pc' for some russian guy and you don't even know it. Regardless, unless they're giving you actual proof such as logs of events that could show high volumes of usage that correlate with DDOS attacks then there's no possible way for them to assuming you have a -virus- on your pc without them have installing a trojan on your computer lmfao.

 

[mackattk]

Any isp that knows you have a virus on your computer sounds like a major invasion of privacy.

 

[SummitAve]

Your ISP!? Just give them what they want and don't cause any trouble.

 

[reKon]

curious to know if this ends up just being a scam lol

 

[CreepingFear]

Call your ISP directly. If for some reason this is legit, format your system and be more careful what you download.

 

[Dynamite Shikoku]

I love these threads

Everyone: you should do this
OP: ehhh ill do it later, what else can I do?

 

[clav]

What router do you use OP?

 

[Fusebox]

AVG Free, Ad-Aware and Spybot. All of it.

 

[riotous]

You guys are over-reacting; his machine might be infected with something that is performing a DDOS attack or something that Rogers would have every business detecting and shutting you down for.

It's possible they were even contacted; for all you know something on your network is attempting to DDOS Xbox Live/PSN right now or something.

 

[Zoolader]

Did you reset your modem?

 

[newtypepilot]

sounds fishy, pretty sure this is a scam.

Call Rogers. That's the first thing you should do.

 

[AxeMan]

You guys are over-reacting; his machine might be infected with something that is performing a DDOS attack or something that Rogers would have every business detecting and shutting you down for.

It's possible they were even contacted; for all you know something on your network is attempting to DDOS Xbox Live/PSN right now or something.

If that were the case his ISP could just block those connections for him and tell him to fix it rather than threaten to remove all his internet access.

They've provided no proof. I'd be 'show me the proof'.

 

[onipex]

ISPs would only block you like that if it a bot drone was sending out spam or something using one of your devices. It may not show up in a virus or spyware scan.

Edit: already mentioned above.

 

[xxracerxx]

Did you reset your modem?

 

[MidgarBlowedUp]

So yeah, they just left me a phone message saying that there is a virus on my network, and that I have 48 hours to get rid of it or they'll disable my Internet.

It's not a scam. It's real, it's from Rogers in Canada.

I have 3 computers. Computer 1 right now is in safe mode and it just got done with malwarebytes and right now it's doing avg. Malwarebytes found nothing, and avg looks OK so far.

But yeah, I have no experience in this shit, and apparently they will legitimately cut you from the internet if you don't fix it.

Should I just say fuck it and reformat everything?

Or are there any other programs I should try first?

Funny thing, I wouldn't be surprised if my computer is being used as some bot to take down XBL and PSN for Christmas. Ohh the irony.

Thanks guys. Any help would be great. I'm running Windows 8. Just 8.

I've had this before. Best Buy sells a virus cleaner that should work. It comes in a spray bottle for spraying down your computers and modem. Be sure and buy the optional wipes and clean the network cables and printer.

Edit. Almost forgot. Pick up a set of anti bacterial HDMI cables while you are there. Shouldn't Be over 5 to 6 hundred dollars.

 

[jstripes]

It may not be a scam.

Years and years ago I had Cogeco (another Canadian ISP) call me and tell me basically the same thing. A computer inside our house was acting as a spam server, and we had to do something about it or they'd cut us off. (Funny coincidence: I had been fixing a computer that someone brought to me that had been having "issues".)

Most ISPs will try to email you first, on that stupid useless email address they assign you when you sign up, but since no one uses those they'll call you after a few tries.


OP: Do you have any other computers using your connection? Maybe change your WiFi password?

 

[Hoho for breakfast]

So it was an automated message telling you to call tech support as the mod on the forum said? It sounds like a bunch of bullshit to me. Especially if there is no email from Rogers.

Anyway if you think it's real and want to get rid of it I'd personally just back my shit up and reformat.

 

[xxracerxx]

I've had this before. Best Buy sells a virus cleaner that should work. It comes in a spray bottle for spraying down your computers and modem. Be sure and buy the optional wipes and clean the network cables and printer.

Sensible chuckle.

 

[erpg]

Rogers is going to cut you off because you're not using their terrible, slow DNS?

Change providers.

 

[riotous]

If that were the case his ISP could just block those connections for him and tell him to fix it rather than threaten to remove all his internet access.

They've provided no proof. I'd be 'show me the proof'.

Sure, call them, ask for proof. I'm just saying it's not neccesarily a scam; immediately blocking their access to something could turn off someone's Xbox Live/PSN/Netflix or whatever so instead they have a warning time.

This thread is full of people claiming this whole concept is dumb and a virus can't hurt them, etc. That's not really true at all in the case of Roger's customers being involved in criminal activity.

It's a perfectly reasonable action for them to take is my point; reasonable for them to cut you off immediately really as you suggested (in the case of those IPs being spammed at least.) But defnitely call to confirm.

 

[opoth]

You guys are over-reacting; his machine might be infected with something that is performing a DDOS attack or something that Rogers would have every business detecting and shutting you down for.

It's possible they were even contacted; for all you know something on your network is attempting to DDOS Xbox Live/PSN right now or something.

I work on a team that handles network security for an ISP (processing abuse notifications, et al) - yes it probably sounds like a scam to you, but we regularly encounter customers unknowingly caught in botnets used for DDOS/spamming that have to be reached out to on an individual basis to resolve the problem.

If they gave you a real Rogers phone number, you don't want to sleep on it - throw everything you have at cleaning up any machine on your network ASAP (including any friends/family/roommates) - you might be clean, but if you have any other people in your house, they might not be.

 

[oneran]

If you have a wi-fi network change your password and ensure your using wpa2, if someone is piggybacking off your signal it may not be your machine that's infected.

But as others have said call rogers because it does sound like a scam.

 

[Kave_Man]

Do note that this USED to be a problem maybe 10-15 years ago. I remember these phone calls from Bell in the olden days and I usually confirmed and I fixed the issue. I haven't had these issues anytime lately or heard about it.

Do confirm with the ISP.

I remember this happening to me as well with Rogers at least 10 years ago. I honestly do not remember what the solution ended up being. Fairly sure I did nothing, there was no virus that I found, and things continued as normal, but not 100% sure.

Can echo this a long ass time ago had the same issue. They didn't call me though just one day my router wouldn't connect. I called them to find out why and they said a virus on our end was trying to attack them.

I just turned off my brother's computer and told them it was fixed and they put it back on.

 

[farisr]

It's not a scam. I know someone who works as frontline tech support at rogers.

Call the official support number for more info. The outgoing automated message they send mentions virus, but more than half the time it's usually someone using their own router with outdated firmware, or a setting they need to modify (SSDP).

It was such a widespread problem that dlink's support website has a notice upfront for customers contacted by rogers and what they need to do.

http://support.dlink.ca/

 

[oneils]

Trust me guys, I was skeptical too. "Virus on my network? The fuck?" I could pick up the phone and press 1 to talk to a technician, or go to this website

http://www.rogers.com/web/Rogers.portal?_nfpb=true&_pageLabel=ROP_LANDING&asc_refid=protect

And here is a thread describing the issue.

http://communityforums.rogers.com/t...ge/board-id/Getting_connected/thread-id/14175

That thread doesn't really describe the issue, it's random people saying different things and providing different solutions. The one Rogers technician says if you get a message asking you to call Rogers back then call them back. The other one shows the op how to remove a virus. No one confirmed that Rogers will block your internet if you don't remove the virus. You really should call Rogers.

 

[farisr]

No one confirmed that Rogers will block your internet if you don't remove the virus. You really should call Rogers.

Again, just mentioning that I know someone at Rogers. If it's something really bad, they will suspend the internet after some time if you don't contact them and they keep on detecting the problem. If you contact them and are unable to fix the problem and the automated system detects the problem again, you will get suspended. You'll have to call them back to get the internet reactivated in case the fix requires you to download something off the internet. Keep on repeating and the suspension will have to sit out a certain period of time, front line support won't be able to take it off until that time period has past. The time the suspension lasts will get longer and longer for repeat offences. And eventually can lead to termination.

Please, call the official number to find out exactly what the problem is. Don't even waste your time with running scans and what not first. It may not be a virus or bot issue at all and could be a simple fix that saves you hours.

 

[Hex]

Some ignorant assed people on here throwing scam around or saying that the ISP can not tell.
I work at an ISP and our security department will have to do this now and then because people can not take care of their own shit and their systems are heavily spamming other systems or ddosing.
And they will quarantine your connection and if you take too long to do something about it, they will disable your connection.

 

[Earthstrike]

This isn't a scam. This is what happens if you're I.P. address is detected performing ddos attacks. The presumtpion is the computer is part of a botnet. Scan all your computers. Use malwarebytes and if that doesn't find it, see what combofix can pick up. Worst comes to worst, identify what computer is most likely to be the issue, do a backup, and reinstall windows. Repeat with other computers if necessary.

 

[xxracerxx]

Some ignorant assed people on here throwing scam around or saying that the ISP can not tell.
I work at an ISP and our security department will have to do this now and then because people can not take care of their own shit and their systems are heavily spamming other systems or ddosing.
And they will quarantine your connection and if you take too long to do something about it, they will disable your connection.

So many ignorant people telling him to contact his ISP directly after getting a automated message.

 

[Hex]

So many ignorant people telling him to contact his ISP directly after getting a automated message.

No, THAT is the correct thing to do.
(And to this day after all of these years it still shocks me that people have to be told that)

 

[killer rin]

It may be a scam or it may not. It all goes down to how the person or machine on the phone came across. Usually its simple to pick out scams from the legit calls, but if you're worried just call Rogers back at the number on their site or your bill.

I'm personally with Cogeco and every now and then they will email us about "Uncommon Traffic" coming into or out of our network. Just a month or so ago I got one about UPnP on our router being turned on, and that if we didn't turn it off they would put our connection into quarantine until it was dealt with. Usually to get them off your back you either just give them the virus and malware scan results on your machines and say it came up clean, or say that you know what may have triggered the uncommon traffic.

 

[Mikey Jr.]

Update: Ok, so I called. He said that the note Rogers was saying was a "plug and play root device" like a USB key and that was trying to access their network.

I don't even remember using a usb for a long time. I do plug my phone in from time to time to transfer pictures. Could that have been it? I did an AVG scan on my phone with the app and that also found nothing.

He went on to also say that the error continued on and mentioned my roku on there.

So yeah, I have no idea what the shit is going on. Anyways, I think they just wanted reassurance that I did virus checks on all my computers, and he put a note in there that the roku might be causing the problems.

Anyone hear anything about this?

 

[Persona7]

Do you have a router with a USB port? Router malware has been on the rise and some routers ship with insecure software that can leave your entire network wide open. Can you detail how your network is set up? I would also inspect the lines that come into your home if it is possible.

 

[jstripes]

Update: Ok, so I called. He said that the note Rogers was saying was a "plug and play root device" like a USB key and that was trying to access their network.

Change your Wifi Password.

Change your Wifi Password.

Change your Wifi Password.

Disconnect your Roku, and look into that.

 

[BigJonsson]

Do you have plug and play enabled through your router?

 

[Mikey Jr.]

I'll change my password.

And this router is the one rogers gave me. I haven't fucked around with anything on it. It's been fine for the past year, haven't touched anything on it.

 

[Persona7]

Try checking if you can disable upnp on the router.

 

[Rival]

I don't believe that this isn't a scam. Sounds almost exactly like what happened to my mom.

 

[Anion]

Yep. It's a scam


Your ISP, that is

 

[TouchMyBox]

With stuff like this you need to always confirm by calling a legit number from your ISP. Also do not download any software you receive in email unless you confirm it is legitimate software from Rogers.

If it is legitimate software from Rogers, don't install it either. The stuff I've seen looks like ugly bloatware.

 

[satriales]

I used to work in support for an ISP and the only time I would ever have to call a customer for potentially having a virus was if they were using our webmail and had suddenly started sending thousands of emails in a short period. We'd reset their password and call them with new one, and ask they run a virus scan.

I guess it's also possible your machine could be compromised and is being used to ddos attack someone, in which case your isp might get involved but I cant think of any other reason.

 

[Sniffynose]

Update: Ok, so I called. He said that the note Rogers was saying was a "plug and play root device" like a USB key and that was trying to access their network.

I don't even remember using a usb for a long time. I do plug my phone in from time to time to transfer pictures. Could that have been it? I did an AVG scan on my phone with the app and that also found nothing.

He went on to also say that the error continued on and mentioned my roku on there.

So yeah, I have no idea what the shit is going on. Anyways, I think they just wanted reassurance that I did virus checks on all my computers, and he put a note in there that the roku might be causing the problems.

Anyone hear anything about this?

Not plug and play usb device, the UPnP protocol on your router.

You need a firmware update on it, some brand and models had an exploit that exposed UPnP to external traffic, so hackers would redirect traffic to you and have you bounce the attack elsewhere.

ISPs can port scan you for this exploit easily, you can check yourself here: https://www.grc.com/shieldsup

As mentioned even dlink has a service warning regarding this issue: http://support.dlink.ca/FAQView.aspx?f=sY5vcvfAuAV6bXgi/8WoVw==

Your PCs might be completely clean but your router is likely redirecting crap due to this vulnerability.

Hope this helps!

 

[Mashin Haters]

OP ITS ALMOST CHRISTMAS. LIZARD SQUADS ABOUT TO ATTACK US USING YOUR COMPUTER. GET THIS DONE NOW.

 

[The Wall]

Tell them you got the software vaccine and everything will be fine.

 

[Syph Medwes]

This is so bizarre
To be safe, send me your VISA info and security code along with your SSN and I'll look into it for you