Having just looked at adobe 'cracks' recently for CS5 and CS6 I wonder why these entries (destined for the HOSTS file) 127.0.0.1 crl.verisign.net 127.0.0.1 tss-geotrust-crl.thawte.com Are there... The cracks work by replacing a DLL but also by blocking connections to all the servers it thinks are activation servers (key validation) I tested removing these CRL entries and the software had no issues. Just speculating wildly but maybe this was a planned attack a long time coming (given that these entries have existed since CS5)