[trampas]

Today on a different PC, connected to the internet via a firewall, I allowed adobe_updater.exe to run. It connected to an IP on one of the Akamei domains 184.84.x.x (is this normal ?).

A bit later I noticed that adobe_updater.exe had been hijacked and was connected to a different IP on the AAPT domain.

Guess what, a port scan (or very similar) was in progress. Literally thousands of connections had been set up between my firewall and PC.

I can see where that was heading but how don't understand how adobe_updater.exe got hijacked.

Edited by trampas, 20 April 2012 - 10:54 PM.

[Advertisements]

Thinking back over my experiences of the last few weeks, I've had infections or attempted infections on several occasions, all when I was doing an automatic software update. Google on one occasion, then Avira, then Adobe.

When I search for related information on the internet I find EvilGrade :

http://krebsonsecuri...ets-an-upgrade/

This, or something like it, is being used against me.

maliprog, which forum should this be going in ?

[trampas]

Thinking back over my experiences of the last few weeks, I've had infections or attempted infections on several occasions, all when I was doing an automatic software update. Google on one occasion, then Avira, then Adobe.

When I search for related information on the internet I find EvilGrade :

http://krebsonsecuri...ets-an-upgrade/

This, or something like it, is being used against me.

maliprog, which forum should this be going in ?

[maliprog]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.