Magic Jack ads/malware


I'm pretty sure that MJ gave my PC malware. Of course my Firewall has to allow MJ, and I believe that's how the malware got in. My PC was fine until today when I used MJ. The rest of the day my Pc was erratic and slowed down.
Later in the day I rebooted and that's when all hell broke loose. The desktop went black. Program wouldn't start. My AV, firewall and spyware programs didn't stop the malware.
By using SafeMode I was finally able to download a Malware program and it fixed my PC damn quick. It was the Virtumonde malware. It's nasty. So I bought the pro version that will run when Windows starts and update the database and scan.
So, malware is something to consider when you use MJ.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
TD wrote:

You may have gotten it from an e-mail attachment. It's not likely that everbody that gets MJ gets the Vundo trojan. There ARE many distributors of MJ so I suppose one of them could have packaged this trojan with MJ or have Vundo on their systems and contaminated MJ. More likely you got it yourself with your web browser.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

It's a coincidence
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

It didn't come from MJ
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Why would you add your MJ after your firewall. Use another cable and splitter and take the feed from before the firewall.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
EXT wrote:

And leave an open computer port?
The time before infection for a port open to the internet is measured in minutes.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

Less than minutes. Plug a CAT 5 cable in and see what happens.
Test ports here* (84M test) see the "shields up" and test the ports.
The test should show your PC in "Stealth" mode. In other words it won't "act stupid" from a foreign request.
http://www.grc.com/intro.htm
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On 10/9/2009 7:39 PM Oren spake thus:

Hey, thanks for posting that link!
I took all the tests there (file sharing and port scanning) and got a perfect score--nothing gets through to me, and my machine doesn't respond *at all* to port scans, NetBIOS requests, etc. (I'm using Sygate Personal Firewall on W2K, a freebie that apparently works very well.)
--
Found--the gene that causes belief in genetic determinism

Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
On Sat, 10 Oct 2009 13:42:10 -0700, David Nebenzahl

You're welcome. I have no connection to the company in anyway.
I've been going there for years and appreciate how Mr. Gibson takes a stand (Windows issues). XP Pro, out of the box, is dangerous in the hands of people that do not know networking -- at least a little.
XP wanted to jump out of the box and communicate with any machine that would talk to it.
I prefer a hardware firewall, over a software solution. You tested well, so don't break it.
The link has other free (test) utilities AND a bunch of reading :-/
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
HeyBub wrote:

Hi, Minutes? How about split seconds?
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

As fast as an 8 byte data packet header can travel.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
TD wrote:

Hi, Been regularly updating AV, Spybot programs? In a situation like this rebooting i worst thing one can do. You got lucky.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

PC gave no indication of being attacked. After a while the PC runs slower anyway. That's why it is normal to need to reboot. Of course the AV and spyware programs are updated. That's why I find it strange they didn't stop the attack. The only thing I opened that morning was MJ. When I left the house, I disabled the internet connection. That's why I believe MJ was involved in the attack. It's the only internet connection thing I used all day. yeah, I was damn lucky.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

Like another poster mentioned ... the virus was planted by the distributor of the device?
Possible? Certainly! Sometimes, unknowingly.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

oh right, not that the MJ people did it on purpose. Possibly one of the ads did it. Or somehow a 3rd party rode in on the MJ port.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

I still fail to see how the MJ provided malware to your PC. Enlighten me.
I suspect as another, here that you clicked and infected yourself. I could be wrong about it.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

Yes, you are. As I wrote b4, the only thing I used my internet connection was for MJ. When I left for the day I disabled the connection.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

You seem to want to blame MJ for the virus. MJ is not the first "internet connection". The network has to have "elections". Who gets on and who doesn't. Then you can use MJ
re: the virus
Discovered: November 20, 2004 Updated: February 28, 2009 1:14:28 AM Type: Trojan Systems Affected: Windows 98, Windows 95, Windows XP, Windows Me, Windows NT, Windows 2000 CVE References: CVE-2004-1050
Trojan.Vundo is a component of an adware program that downloads and displays pop-up advertisements. It is known to be installed by visiting a Web site link contained in a spammed email.
http://www.symantec.com/security_response/writeup.jsp?docid 04-112111-3912-99
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload
wrote:

That's useful info. However, I don't click on links in spam email. I didn't log on to my email that morning. I run all my email thru MailWasher and delete Spam email from the server. I hardly get any Spam. I use a Gmail account and tons of email are in the Spam folder and never reach my PC.
When I open my email program my AV is set to quarantine all suspected email. It's possible that newsletters may have hidden crap that they don't know about. They are well known newsletters, not some itsy-bitsy outfits.
With my firewall 99% applications I have set to deny incoming access. MJ is set to allow, otherwise MJ won't work. I hardly ever use MJ. When I do, it's just a 5 minute connection and then I shut it down. I don't think MJ gave me the malware. I think it's most likely from the ads that are coming thru when MJ is running. Almost immediately my PC began running so slow. But I kept it ON all day since I had a non-internet appl. running. I turned off the internet cable connection since I was away from home that day.
Perhaps you missed the orignal message. I wrote, in part: So, malware is something to consider when you use MJ.
Some people replying seem to discount MJ's ads completely. I'm skeptical of their ads. That's why I'll always consider their ads as bad. Other people reading this can poo poo all they want that it's not MJ.
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.