Copy link to clipboard
Copied
I get regular updates for Flash Player. After updating usually within minutes, a hijack attempt is made to reroute my browser through Beyond the Network America. I am sure these attempts occur only after updating Flash. Here is my hypothesis:
I routinely run Peerblock to block hacking attempts on my computer.
I block countries domains such as China, Iran, Russia etc.
When running Peerblock I can see if software is attempting to redirect my Internet activity through Beyond the Network America or anywhere else.
When my system is infected, I run ADWCleaner to remove the infection. ADWCleaner finds the following: \AppData\Roaming\Mozilla\Firefox\Profiles\z2x8sary.default\prefs.js
ADWCleaner requires me to reboot my system to complete the removal and my system operates normally without any redirection attempts until I update Flash. In fact, Flash usually indicates an update is available soon after I remove the infection.
I suspected Flash and would not update it for about 1.5 months. No re-infection occurred. Then yesterday, I decided it was time to determine if Flash was the culprit so I updated it and sure enough; once I did, a hijack attempt to reroute my traffic through Beyond the Network America occurred again.
The update file downloaded from Adobe's website is: install_flashplayer13x32_mssd_aaa_aih
Can you confirm my hypothesis or otherwise show Adobe is not including some adware/malware that is attempting to reroute Internet traffic through Beyond the Network America?
Thank you for your assistance.
Copy link to clipboard
Copied
Use the offline installer(s):
Flash Player for ActiveX (Internet Explorer)
Flash Player Plug-in (All other browsers)
They don't have to download anything during the install process.
If your system is still being hacked after running one or both of those, you've got other problems.
Copy link to clipboard
Copied
Thanks Mike. However, the links you provided won't resolve the issue if Adobe is including something in the updates that tries to redirect traffic through BTNA. I don't have other problems and the redirection is unsuccessful because Peerblock blocks that activity. I am concerned that others who don't take appropriate safeguards with their systems are unaware that they are being redirected through BTNA.
Copy link to clipboard
Copied
I'm not going to follow this any further. You're paranoid.