AcroRd32Info is a another creative pieces of crap from Adobe a package for Acrobat Reader. Embed in Windows Explorer Shell, its main role is to start an initial prefetching for PDF documents in the Memory.

To test this program behavior, you will need to open your windows task manager (ctrl+alt+del once) and browse to any folder that contained a PDF documents and stay idle. Within just few seconds AdobeRd32Info will be loaded in the background and stay in memory.That was just for browsing the folder without opening any PDF files yet.

Windows has a standard prefetch modes and its fairly stable for most of the applications out there. Having a another background prefetcher hook on explorer is plain abusive not to mention its running without the owner permissions.

Adobe Reader is cheating. Its understable that with this methods it will improve the Acrobat boot time log, but I dont see much differences when its running in the background preparing to load a single PDF documents, its a pollutions.

AcroRd32Info stay in your memory so consider it as a pestware.

Here’s how you can safely removed this programs.

The proper way

• open Adobe AcroRd32
• Edit » Preferences
• Select the internet categories in the menu list then disabled
  Allow fast web view & Allow speculative downloading in the background

If thats doesnt work, you try this unrecommended method to disabled it.

• Browse to Adobe Reader directory usually at “Program Files\Adobe\Reader\”
• Find AcroRd32Info.exe
• Rename it from AcroRd32Info.exe to Acro_Rd32Info.exe

Recent Exploit on Adobe Reader

Exploit:W32/AdobeReader.K

From FSECURE, Exploit:W32/AdobeReader.K is detection of a malicious PDF file that is being heavily spammed through e-mail and it appears as an attachment.
This malicious PDF file takes advantage of a vulnerability on the URI handling of PDF files. This vulnerability affects IE7, Adobe Acrobat, and Adobe Reader on some platforms.
Users should update their Adobe Reader installations.

Affected Software Versions

Adobe Reader 8.1 and earlier, Adobe Reader 7.0.9 and earlier. Adobe Acrobat Professional, 3D and Standard 8.1 and earlier versions, Adobe Acrobat Professional, Standard, 3D and Elements 7.0.9 and earlier.

More info on this exploits at National Vulnerability Database

What is Adobe Version Cue (Bonjour)

Bonjour is a file management tool that is integrated in Adobe Photoshop, Adobe InDesign, Adobe Acrobat, Adobe Illustrator and other creative applications within the Creative Suite. It is client/server based. The clients are integrated into each of the applications and they all communicate with the Version Cue Server.

To make setup and configuration easier, Adobe uses Apple’s Bonjour technology to enable the connectivity to Version Cue servers on a local area network. Bonjour is widely used throughout Mac OS X and Windows in applications like iTunes and popular printers to allow users to set up a network service without any configuration.

As adobe install this programs without your permission, running in the background silently and there is no options to disabled it!. You should consider adobe version cue as a pestware and should be remove immediately.

There is four methods to removed bonjour services aka Adobe Version Cue CS3 Component.

1)  Manual removal

• Stop Bonjour service RUN > sc stop “bonjour service”
• Remove Bonjour services from windows startup RUN> sc delete “bonjour service”
• Disable the Bonjour socket driver:
  RUN > Regedit:

  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\
  Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004

  find key:
  Enabled=REG_DWORD:00000001 change it from 1 to 0.

• Reboot, the driver will not be loaded any more.
• Delete the Bonjour directory (with the files mDNSResponder.exe and mdnsNSP.dll).

2)  Apple Bonjour Official Uninstaller

Download Apple Bonjour for Windows and run the bonjour uninstaller.

3)  Optional Methods

Third methods will disabled bonjour services from running in the background. You’ll need to removed bonjour manually.
RUN > C:\Program Files\Bonjour\mDNSResponder.exe -remove

4)  Third party Uninstaller

• This is the prefer methods, as it wont affect others shared programs that depend on bonjour (ie: itunes, quicktime). Read on lifehacker for more info about Revo Uninstaller. Its free.
• Download and Installed Revo uninstaller.
• Start Revo uninstaller and wait till it finished populating the lists with all your applications and its components.
• Find and select Adobe Version Cue CS3. Click the Uninstall Icon to proceed. Select the “Moderate” options.
• After the first & second step is done (dont click finish yet), proceed with removing all bonjour registry.

You can used Revo Uninstaller to removed others “hidden” installed components package with Adobe CS3.

Related info

Software registry keys

Adobe Version Cue CS3 Client

MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}

External Links

• Repairs Winsock 2 settings, caused by buggy or improperly-removed Internet software
• WXPNews: Who Owns That File Format?