3 Replies Latest reply on Apr 13, 2014 4:28 PM by Mike M

    When updating Flash Player

    MJC01

      I get regular updates for Flash Player. After updating usually within minutes, a hijack attempt is made to reroute my browser through Beyond the Network America. I am sure these attempts occur only after updating Flash. Here is my hypothesis:

       

      I routinely run Peerblock to block hacking attempts on my computer.

      I block countries domains such as China, Iran, Russia etc.

      When running Peerblock I can see if software is attempting to redirect my Internet activity through Beyond the Network America or anywhere else.

      When my system is infected, I run ADWCleaner to remove the infection. ADWCleaner finds the following: \AppData\Roaming\Mozilla\Firefox\Profiles\z2x8sary.default\prefs.js

      ADWCleaner requires me to reboot my system to complete the removal and my system operates normally without any redirection attempts until I update Flash. In fact, Flash usually indicates an update is available soon after I remove the infection.

      I suspected Flash and would not update it for about 1.5 months. No re-infection occurred. Then yesterday, I decided it was time to determine if Flash was the culprit so I updated it and sure enough; once I did, a hijack attempt to reroute my traffic through Beyond the Network America occurred again.

      The update file downloaded from Adobe's website is: install_flashplayer13x32_mssd_aaa_aih

      Can you confirm my hypothesis or otherwise show Adobe is not including some adware/malware that is attempting to reroute Internet traffic through Beyond the Network America?

       

      Thank you for your assistance.