That’s kind of a weird title, but there have been a few slightly freaked-out posts in the last couple of days suggesting that the Photoshop CS3 beta is installing spyware. The deal is that Photoshop uses Apple’s Bonjour technology to make it easy to connect to Version Cue servers. For more details, I consulted Thomas DeMeo, Director of Product Management for the team that creates Version Cue. Here’s what he had to say:
Adobe does not use spyware, period.
Since the inception of the Creative Suite (CS) family, Adobe provided a file collaboration tool with the introduction of Version Cue. Version Cue is a file management tool that is integrated in Adobe Photoshop, Adobe InDesign, Adobe Acrobat, Adobe Illustrator and other creative applications within the Creative Suite. It is client/server based. The clients are integrated into each of the applications and they all communicate with the Version Cue Server.
To make setup and configuration easier, Adobe uses Apple’s Bonjour technology to enable the connectivity to Version Cue servers on a local area network. Bonjour is widely used throughout Mac OS X and Windows in applications like iTunes and popular printers to allow users to set up a network service without any configuration.
From Photoshop or Bridge you can connect to a Version Cue server without having type in a IP address. It does not enable Photoshop or Bridge to do file sharing as this is done by the Version Cue Server. It does not send information over the Internet or to Adobe. When you click on the Version Cue area in the Adobe Dialog, the Bonjour daemon running on the local machine will browse for visible Version Cue servers on your subnet. You can then log in to access the file management capabilities of the Version Cue server.
To request access to the Version Cue beta program, please contact Mike Wallen (mwallen at adobe dot com). For more info on Bonjour, see also this Apple developer FAQ and the entry on Wikipedia.
[Update 5/11/07: I saw the following info from Timo Naroska of the Version Cue team and thought it would be worth sharing:
Bonjour sends/receives packets to the multicast IP 244.0.0.251. Routers do not forward these packets outside the local network. Furthermore Bonjour pings the local DNS server to check whether it supports service discovery.
No critical information is ever transferred.
The user should usually allow Bonjour to connect the “internet” to seamlessly browse/connect Version Cue Servers in the local network.
If the user decides to block Bonjour internet access, automatic server discovery on the local network and the local machine are hampered. The user will have to connect servers manually by IP/DNS-name.]
So why does my copy of InDesign CS2 take some 20-30 seconds to quit–and that is after I close any open documents? No other application I have is remotely that slow. Not a lot of disk i/o during that time either.
I’ve always assumed it was ‘phoning home,’ getting blocked by one of my two firewalls, and timing out. And if it isn’t the problem, is there something I can turn off to end this irritation.
[I don’t know, but I’ll ask someone on the InDesign team for info. I very much doubt it’s related. –J.]
Hello,
Thanks for clearing up that it’s not spyware, but could you please tell me why:
1) The process is always running, even when you close version cue and or Photoshop
2) It’s always eating up memory
3) It makes my computer slow
4) I never experienced any of these problems while using iTunes.
[I’ve requested more info. –J.]
Since I do not want the damn Version Cue installed on my system, there is no reason why the PS CS3 installer should still foist this Bonjour stuff on us. I loathe Version Cue and all other needless CPU/RAM hogging services — I want a clean, simple Win XP system with maximum CPU/RAM for me and my apps. So I manually disabled and deleted the Bonjour stuff — but I should not even have had to do this! Please make sure the shipping CS3 won’t impose needless stuff on us.
Sorry to be grumpy here, John! 🙂
[I hear you, Klaus. We’re talking about ways to make disabling unwanted functionality easy and obvious. We want people to use Adobe technologies because they find the stuff useful–not because it’s forced on them. –J.]
I run Zone Alarm Pro on my PC laptop and according to it, Bonjour is not only attempting to access my network which makes sense but is also trying to get Internet access. I can’t think of any reason why it would need to use the Internet as part of it’s stated purpose. Any ideas what that might be if not contacting Adobe? Thanks.
-dave-
[Dave, I’m not sure what’s going on, but I’ve asked the Version Cue guys to investigate & reply with some info. Hopefully they’ll weigh in here once they have details to share. It sounds like there may be some buggy behavior here, as the intended behavior is only to have Photoshop discover VC servers–nothing more. –J.]
I installed PS3 beta yesterday and as soon as I did my internet connections sl o-o-o-owed down. My other machine is chuggin along fine on the internet. I am also running ZoneAlarm – was shocked to see this #$%**& program called Bonjour trying to phone home. I don’t give a hoot if some of the security sites call it harmless. I didn’t install it – don’t use Version Cue – don’t want it! I am a loyal Photoshop user hope they don’t go “microsoft big bother” on me. If it is harmless why does it try to call home?
[What connection data leads you to conclude that Bonjour is trying to phone home? Could you supply some details of IP addresses, throughput, etc. to illuminate your statements? Feel free to write me directly if you’d prefer. –Thanks, J.]
I installed cs3 and did not notice any issues with Internet connectivity at all. Have Lavasoft’s AdWare and nothing came up with that scan. My 2 cents. The only thing that I wished CS3 would not have done until the GA release is switched all my file extension to CS3. When I wanted to switch back to my production workflow, I had to undo all those settings. I guess that is what I get for not installing it on a test machine.
-What connection data leads you to conclude that Bonjour is trying to phone home? Could you supply some details of IP addresses-
This request was to someone else but I thought I’d jump in anyway. On my PC Bonjour alternates between trying to access 68.87.76.178 which is Comcast (my provider) and 224.0.0.251 which is something called the Internet Assigned Numbers Authority. The actual application making the requests is mDNSResponder.exe. If I don’t permanently block the requests Bonjour tries again approximately every 30 minutes or so, alternating between the two addresses.
[Thanks, Dave; that should be very helpful. We’re sharing details with Apple & with the makers of ZoneAlarm. –J.]
If you delete the winsock2 entry for Bonjour/MDNSNSP, it kills all services and renders your computer inoperable. It is next to impossible to get rid of this. PS should NOT force you to run a service 24/7. Bad bad idea. many people will stay away from the final release if this continues. This is a huge mess. Unuinstalling doesn’t clear up the problem fully either.
[I don’t know the details here, but I’ve passed along this feedback. Discussions continue. –Thx, J.]
Hi, I have just read through this page and have tu support those guys who dont want/like the VersionCue. Please, stop forcing me into something I dont want to use – I want to be the one who decides what components to use/install 🙂
Off topic: hurry up with the PS CS3 – cant stand the waiting for the final release 🙂
I came upon this thread while looking into the CS3 product. I’m curious. Why are you contacting ZoneAlarm concerning the issue of their application properly reporting unauthorized internet access by a component of your product?
[Here’s the thing: I’m just passing along info, and there are a lot of cooks in the kitchen: Apple, Adobe (the Version Cue team), and third-party software providers. I know people are talking, but I can’t track all those conversations right now. –J.]
I uninstalled Bonjour hoping that it would allow my PC to work like it is supposed to again. I use my work laptop as my own laptop as I am oncall 24/7.
Bonjour slowed down my latop when I signed in each day and then would slow down the processes. Of course, I didn’t realize that it was the issue until I had deleted NUMEROUS files from my hard drive and uninstalled every other unnecessary program. I couldn’t believe that a program that was automatically installed in one of my iTunes updates would cause this much trouble.
Now, I find out that uninstalling may not be good enough. The speed is a little better, but not great. If anyone comes up with more solutions, please let us know.
LB
I stumbled upon the bonjour folder by happenchance as I was installing cs3. I panicked until I found this blog. cs3 would did not install correctly (I left it running) I did not see the firewall ask for permission until I tried to re-install. Now that I have seen your blog I’m in a panic again. I like all others voicing the same sentiment here do not want programs running or installing I have not authorized to run. I will check back as I cannot afford my computer to run in any type of slow fashion. Thank you for your help in trying to fix this issue.
DR
Seems to me this is about like going ballistic about someone installing TCP/IP on someone’s computer without their permission. Well, heck yeah.
I’d be more worried about Zone Alarm giving such a false positive than I would the fact that an open source networking protocol called Zeroconfig (that Apple renamed Bonjour eventually in their own implementation) that Apple has adopted to let iTunes find other iTunes programs running on a network.
As for the IP address – 224.0.0.251 – mentioned above (as opposed to the person’s ISP, that looks like a cable modem’s IP address) has a very reasonable explanation. Check out this web page at O’Reilly’s website:
http://www.oreillynet.com/etel/blog/2002/08/multicast_routing_and_rendezvo.html
It’s a multicast UDP port that it calls when a Bonjor-enabled program goes offline and also when it goes back online. As it turns out, the use of that IP address is netowrk-specific and does not hop routers. Note this comment:
“A router MUST not forward packets addressed to 224.0.0.X, and I notice that Apple is sending UDP/RPC packets to 224.0.0.251 with a TTL of 255. I’m sure they decided on a TTL > 1 for a reason, but these packets will not be forwarded by any routers that I’m aware of, so will remain on the local subnet.”
It could be that Apple chose that specific IP address to prevent going out on the Internet. Which explains why iChat has to have AIM as well as Bonjour to do its job.
Too much hair-on-fire jumping the gun here, and not enough calm investigation first – at least from my perspective. I don’t like everything Apple and Adobe does. But to believe they install Spyware? They’re not that stupid to believe they could get away with such a thing.
[Yes, but will that kind of reasoned observation make the Digg Nation light up your blog? Where’s the alarm, the outrage?? >;-) –J.]
That is all well and good, but the facts are Adobe as others have not been able to cut deals, as Microsoft has, with eastern european bootleggers. Adobe has indeed installed spyware to find bootleg versions of it’s software and in the process has invaded our privacy that can be used for a number of illegitimate ways.
[Whatever. –J.]
For John Nack to say Bonjour only uses local servers is naive at best and disinformation at worst.
[Whoa–keep your shirt on. I’m passing along the information that’s been provided to me by the Version Cue engineering team. If that’s incomplete, I can gather more, but let’s not get into suggeting that anyone is spreading disinformation. –J.]
Anyone who has Bonjour, as I have had, and a firewall can tell you that it requests access to the Internet. It is EASY to demonstrate. That, by definition, is not a “local” server. And, IMHO, is unacceptable. I control Internet access to and from my local network very tightly because of all the threats out there. Even if Bonjour is harmless, as others have said, it chews up cpu and memory, and Adobe has provided no reason that sounds vaguely acceptable for installing it on my machine without warning or notification.
BTW, turning off the process is not adequate. It can be removed, but the method is not real obvious. Here’s how:
If using Windows XP…
start -> run -> type ‘cmd’ to bring up a command prompt
type ‘sc stop “Bonjour Service”‘ (include the double quotes but not the single ones!)
type ‘sc delete “Bonjour Service”‘
Then go to the Bonjour folder and delete the .exe. There is also a dll that cannot be deleted. Change the name of the dll and reboot, and then delete it. AFter that, you need to run a free downloadable program called lspfix, because Bonjour fouls yet something else up that I don’t completely understand, but the fix does, in fact, work. You may need Admin rights to do this; I’m not sure. BTW, deleting Bonjour has had no negative impact on my Adobe or ITunes apps that I have been able to discern; which raises yet MORE questions about why it is required in the first place.
Good luck and Just Say No to Bonjour.
John
One thing you missed. you cannot rename the .dll either so no way to get around it unless you bypass ownership and rights somehow. this is not right that you do not have total control over your machine.
” John — 01:10 PM on February 18, 2007
For John Nack to say Bonjour only uses local servers is naive at best and disinformation at worst.
[Whoa–keep your shirt on. I’m passing along the information that’s been provided to me by the Version Cue engineering team. If that’s incomplete, I can gather more, but let’s not get into suggeting that anyone is spreading disinformation. –J.]”
Perhaps a bit strong. If so, I apologize. Here’s the thing, though: Anybody who installs this and has some way of telling whether Internet traffic is occurring, for example a firewall, can tell *immediately* that the traffic is not local. Granted, my mother in Kentucky cannot make this test, but anyone who knows enough to install a firewall will see immediately that the traffic is not local.
That’s why I find the response from Version Cue unacceptable and disengenuous and anyone who simply repeats it needs to spend the 5 minutes to run the test. It simply isn’t so. As other posters have also noted.
John
The following was sent to me by a member of the San Diego Photoshop users.
Turn off File sharing should clear it up. It seems that it is your
home network that needs adjusting.
——————————————-
Finding your computer’s local network name
The local network name (also known as Local Hostname) is the name
used by Bonjour-compatible devices and services to advertise their
availability on the local network.
Your computer’s local network name is your computer’s name, appended
with “.local.” If your computer’s name has spaces in it, the spaces
are replaced with hyphens (-). For example, if your computer’s name
is My Computer, your local network name is “My-Computer.local.” Local
network names are not case sensitive, so “my-computer.local” works
the same as “My-Computer.local.”
To find your computer’s local network name:
Open System Preferences and click Sharing.
Your computer’s local network name is displayed beneath your computer
name at the top of the pane.
Bonjour (formerly called “Rendezvous”) is a networking technology
developed by Apple Computer that makes it easy to setup and use
devices and services on a network. Because Bonjour-compatible devices
and services advertise their availability, it’s easy for you (or an
application or service) to find devices and services that you want to
use. For example, if you turn on file sharing, other Mac OS X users
on your local network will see your computer when they browse the
network by selecting their My Network folder.
If your computer name is not recognized by Bonjour, the local network
name will be Macintosh.local.
Bonjour requires Mac OS X 10.2 or later.
So, first of all, Adobe installs Bonjour only on Windows machines and this is because Bonjour is part of a standard Mac OSX installation from the beginning, and also active. This is definitely neither spyware nor does the service eat up much memory. On WinXP it has a VM usage of around 1MB. That’s not too bad I think. In addition to this the Bonjour service ONLY sends a single UDP packet to the multicast address mentioned earlier once every 30 minutes. This will in no event impact network performance and since routers do not forward those packets will stay on the local subnet only. The only other UDP packet that Bonjour sends over the internet is a DNS server request on whether the server supports DNS multicast transfer. Also only once every 30 minutes. I would be very interested in feedback from Lori what the symptoms for the slow network performance are and how this relates to Bonjour. A direct up-/download comparison with and w.o. Bonjour installed would hep here.
[Thanks for the details, Frank. (FYI, Frank is one of the engineers on the Version Cue team.) –J.]
i have had questionable system issues for some time since installing CS3 beta. i have been noticing that all attempts to remove this bonjour crap have resulted in the need to do system restore to get wireless networking back (removing bonjour manually kills networking, thanks!).
i do not want Version Cue. i do not want Bonjour. i do not want anything other than the image editing tool called Photoshop and the image browser called Bridge. This is extremely irritating. This complexity was NOT asked for and was NOT announced to me upon installation of CS3 beta. This is a great time to make a public release of information INCLUDING how to safely remove this unwanted crap, because i have now learned two important things: i don’t want to ever install Quicktime again (forced bundling of iTunes and Bonjour) and i don’t want to upgrade to CS3 (forced bundling of Bonjour and system reliability complications).
My laptop fan has been running high speed for weeks and now i know why. Enough Googling of Bonjour reveals the truth. Sadly, Googling “Googleupdaterservice.exe” does not offer help on removing THAT bit of FORCED and UNINSTALLABLE extra crap software wasting system resources.
THE COMPUTER INDUSTRY NEEDS TO GET ITS HEAD OUT OF ITS ARSE AND STOP MAKING DEVELOPER CONVENIENCES INTO USER INCONVENIENCES! WE DO OTHER THAN JUST “YOUR” PRODUCTS ON OUR COMPUTERS.
My computer was suddenly extremely SLOW. Found that a program called “Bonjour” had been added without my knowledge. Had to restore system to the pre-Bonjour download to finally get computer back to normal. Obviously had to be Bonjour causing the problem.
If Bonjour is a legitimate program, why does it show up in the System Configuration Utility (msgconfig) Services tab as “$$Id_String1.6844F930_1628_4223_B5CC_5BB94B879762$$”?
Why is the manufacturer name set to “unknown”?
Why does the registry contain a couple of entries with this name in it, rather than the name “Bonjour Service”?
[Those are Apple bugs. We’re waiting on a fix. –J.]
So the ultimate question is:
How do you delete Bonjour from your system, (Vista) and will doing so have any effect?
[I’ve asked for more info on this point. I’ll pass along whatever I find out from the team.
Update: Frank from the Version Cue team says, “To delete Bonjour completely the user has to call C:\Program Files \Bonjour\mDNSResponder.exe -remove from the Windows command console and afterwards delete the whole C:\Program Files\Bonjour folder. That should do the trick. The impact for the user would be that the VC client, including Photoshop, will not be able to browse for VC Servers anymore.”
–J.]
Our company security admin doesn’t allow installation of applications that automatically try to connect.
I wonder why Adobe folks did that mistake, embedding this bonjour crap into CS3.
As Jace said before, WE DON’T NEED VersionCue. How the hell can we remove the whole thing from our machines?
[Please see the update I just posted in the comment above. –J.]
So for the home user, or someone not on a network, Bonjour and Version Cue serve no purpose to speak of, other than playing ET, and providing some extra overhead to what M$ has already heaped on our systems with Vista? Is that correct? And Adobe feels that making this the default is necessary??
The way I see it, whatever the differences between Adobe and Microsoft, (nice to finally see the Windows versions of PS CS3 released this week) neither company is acting with the end user in mind. This is just another example.
Given the limitations of some peoples machines, and assuming you are not on a network… I would be interested to know your recommendations re: Bonjour and Version Cue and why? What would –J do?? 😉
[Heh–that’s a good way to put it. A lot of the time I can’t control things directly, but I can at least try to facilitate communication. –J.]
The “mDNSResponder.exe -remove” thing removed the service but not the mdnsNSP.dll Winsock2 catalog entries.
Therefore it’s impossible to remove the whole Bonjour directory because mdnsNSP.dll is in use even after a system restart.
Please ask VC team how can we fully remove Bonjour from our machines socket stack.
That dosnt work, can we please get some help to get rid of what we didnt ask for in the first place ????
Be clear. I will NOT purchase your newer products until this issue is cleaned up and Bonjour is removed from your platform methodology.
I am pleased that you are working on this but work on it so that this cancerous method is not renamed or redone. REMOVED is the only method.
Finally I’ve managed to remove the whole bonjour crap, manually modifying socket registry entries.
Although a developer myself, I never understood some developers, including Adobe’s.
Did you ever hear about “Custom Installation”? I assume you know what I’m talking about, don’t you?
Give your clients the option to select what exactly they want to be installed in THEIR own machines. We have enough ccrap already installed by MS and Apple operating systems, there is no need for even more.
PS: Next time you want to implement a networked application, please study Windows API and build a highlevel integration.
——— **Make sure you have system restore turned ON**
start -> run -> type ‘cmd’ to bring up a command prompt
type ‘sc stop “Bonjour Service”‘ (include the double quotes but not the single ones!)
type ‘sc delete “Bonjour Service”‘
Then go to the Bonjour folder and delete the .exe. There is also a dll that cannot be deleted. Change the name of the dll and reboot, and then delete it. AFter that, you need to run a free downloadable program called lspfix, because Bonjour fouls yet something else up that I don’t completely understand, but the fix does, in fact, work. You may need Admin rights to do this; I’m not sure. BTW, deleting Bonjour has had no negative impact on my Adobe or ITunes apps that I have been able to discern; which raises yet MORE questions about why it is required in the first place.
Good luck and Just Say No to Bonjour.
John
WT… F…
People!? This is… an $800.00 standalone program! It’s not something you pick up off an AOL give away disk or free from the internet (OK… some people may have!) But the point here is we shouldn’t have to be fiddling around and going in with chewing gum and bailing wire to remove this. Not to mention possibly screwing something else up in the process. For $800 Adobe should be able pony up some support and give us a step-by-step on how to totally get rid of this. A ‘Bonjour Unistaller’ doesn’t seem too much to ask for after spending over a grand on ‘updates.’ So far their response has been, “Thanks for your money, sorry we won’t help you anymore on this! Wanna’ 40-page free how-to .pdf on making snow globes with your corporate logo next to ours, instead?”
They should be ashamed of their support on this issue.
They should be ashamed of their non-corporate end user support. It has left a bitter taste in my mouth about this company I’m not soon to likely forget.
John Nack, please post a proper supported fix for this issue.
People do not want to be left stranded no knowing what to do if they want to remove this unnecessary service.
Thanks to Andrew for the help above. That helped.
By the way, it’s photoshopped not “enhanced by Adobe Photoshop”
http://www.adobe.com/go/kb400982
Stop and then disabled the service from Windows (Services snap-in).
because of the “$$Id_String1.6844F930_1628_4223_B5CC_5BB94B879762$$” service id I’d been annoyed by bonjour after itunes installed it, and it’s how i stumbled into here.
solution I used was simply to download bonjour for windows from http://www.apple.com/support/downloads/bonjourforwindows.html install it, then immediately use the uninstaller it handilly puts in ‘add/remove programs’.
this works cleanly, and on vista too.
Great comment and fix Yakumo if it worked. I mean, an uninstaller! What a novel idea!! Now if Adobe would just put one out that worked!!
I tried Yakumo’s approach to installing bonjour for windows from the Apple website. I then ran the uninstaller, and was still left with the following
6 files on my computer (the check was done with Vista Manager’s Smart delete program.
So far manual removal seems to be the only trick. And running LSPfix after manual removal is definitely recommended, if not necessary.
**from the
LSPfix website:
“Repairs Winsock 2 settings, caused by buggy or improperly-removed Internet software, that result in loss of Internet access.
LSP-Fix is a free Windows utility to repair a loss of Internet access associated with certain types of software. This type of software, known as a Layered Service Provider or LSP, typically handles low-level Internet-related tasks, and data is passed through a chain of these programs on its way to and from the Internet. However, due to bugs in the LSP software or deletion of the software, this chain can get broken, causing the Internet connection to become inaccessible.
Unfortunately, problematic LSP software, including malware/spyware, is sometimes quietly installed by unrelated products such as file-sharing programs, sneaking onto a system unannounced. In fact, in many cases, the user does not know of its existence until something goes wrong, and he/she can no longer access Web sites. Historically, New.net* (NEWDOTNET) and WebHancer* (often bundled with file-sharing utilities, DVD player software, and other free downloads) have been the worst offenders, but the problem can be caused by any improperly-written Layered Service Provider software, or the deletion of any LSP program’s files. LSP-Fix repairs the LSP chain by removing the entries left behind when LSP software is removed by hand (or when errors in the software itself break the LSP chain), and removing any gaps in the chain.
LSP-Fix is not a malware removal utility and does not target specific products. LSP-Fix does not delete any files.”
Sound familiar??
So tell me, this thread has been ongoing almost 5 months now… Has Adobe responded with anything that works or even a response to say they are on top of it??
Shameful I tell you! But the new icons in CS3 ARE cute, huh?! ;-(
Bonjour caused my PC to slow down as well.. I got “infected” with this piece of garbage program after installing the CS3 beta; and *again* after I went and purchased the full CS3 version.. Judging by all the complaints of system slowdowns and other issues, Bonjour is obviously *NOT* ready for primetime, and more importantly, although Apple would like it to be a standard, it is not yet a standard, so why the heck is Adobe using such unstable and unproven, non-standard services? Is Apple paying them kickbacks to infect people’s machines with this thing that has such negative performance implications for PCs? One would normally call programs that install surreptitiously and cause performance issues viruses or malware… Get it through your collective skulls Adobe: We don’t want Bonjour!!! I’ve purchased all the previous versions from Photoshop 4 up to the current version and have given Adobe a lot of money over the years, but if this is the way your going in the future, this may be the last Adobe product I buy (I may still *use* future products, but I’m seriously considering not paying for them anymore if you get my drift)..
This is a related issue although it doesn’t involve Bonjour…
Dreamweaver CS3 attempts to connect to 192.168.20.60 every time it launches. I think this is the main adobe.com IP address.
I just mention it because it’s another uninvited invasion of privacy – it may just be looking for program updates but who knows? Looks like another case for privacy-officer@adobe.com!
[Scott Richards from the DW team replies, “We are actually using the Flash Player to download updated content on start up. I used ZoneAlarm to verify this and also looked through the code. Users can avoid this by turning of the Welcome Screen in General Preferences. Go to ‘Edit’ menu, ‘Preferences’ and disable the ‘Show Welcome Screen.’
“There are preferences you can set for when Adobe Update Manager checks for updates. By default it is set to once a week not on every launch. To control these you go to the “Help” Menu and Select ‘Updates…'”.
Hopefully you’ll find this info useful. Because you wouldn’t supply a real name & address, I can’t send you the info. In the future, it would be good not to assume that Adobe is violating your privacy. –J.]
Did anyone who is experiencing slowdowns or other perceived problems being attributed to Bonjour install Photoshop CS3 with all anti-virus software disabled?
From the other direction: Did anyone disable all anti-virus software, install Photoshop CS3, then experience problems that can be attributed to Bonjour?
[Good questions, Pete. –J.]
Dear co-victims, I’ve successfully removed the whole Bonjour crap (both mDNSResponder.exe and mdnsNSP.dll) using the following steps which I’d like to share with you:
1. Stop the Bonjour service:
Open a console windows (aka Command Prompt) and enter:
sc stop “bonjour service”
2. Delete the Bonjour service:
In the same console windows (or a new one, doesn’t matter), enter:
sc delete “bonjour service”
3. Disable the Bonjour socket driver:
Open the registry editor (if you don’t know how, you probably shouldn’t do it, as things can go very bad if you do something wrong), go to:
HKEY_LOCAL_MACHINE\SYSTEM\
CurrentControlSet\Services\WinSock2\
Parameters\NameSpace_Catalog5\
Catalog_Entries00000000004
where you’ll find the key:
Enabled=REG_DWORD:00000001
Doubleclick on that and change it from 1 to 0.
4. Reboot, the driver will not be loaded any more.
5. Delete the Bonjour directory (with the files mDNSResponder.exe and mdnsNSP.dll).
Thanks Henry for leaving instructions on removing that stuff. I don’t really have a need for all that Bonjour stuff. Maybe if everyone winds up disabling it, Adobe will get the hint and remove it permanently in the next release.
When I tried manually deleting both registry entries related to Bonjour and Bonjour Services, then renaming the Bonjour folder files, my XP Pro system would ONLY boot to safe mode, where I had to perform system restore.
This solution worked for me… I went to the Bonjour website, downloaded Bonjour, and then installed it.
Bonjour for WIndows
It automatically removed the weird # service, and replaced it with the real Bonjour service.
Once it was installed, I simply ran the Add/Remove Programs applet and uninstalled Bonjour, and rebooted.
Everything Badjour was gone, and the system works great again.
WARNING about step 3 of my instuction above:
It has escaped me before that socket drivers are probably numbered sequentially – therefore differently from system to system. In other words, the Bonjour driver may not be the entry “000000000004” on your computer.
So please, instead of blindly disabling the entry number 4, do manually go through all entries within “Catalog_Entries” and find the one with the key:
DisplayString=REG_SZ:mdnsNSP
If you’ve installed CS3 just recently, that entry is most likely the last one (with the highest number). Disable that entry – with “mdnsNSP” as DisplayString – only.
to turn off that crap:
http://download.gizmoproject.com/jasmine/TurnOffBonjour.exe
[I have no idea who created the program you mention, so I’d encourage people not to download and run it without more info. If you want people to run your executable code on their machines, you might want to provide your real name, supporting info, etc. –J.]
When no applications are using it the service should NOT be consuming resources.
If you people want to launch bonjour WITH an adobe application that is ESSENTIAL to that application’s function .. have at, but kindly terminate it when WE are done using a given adobe application. Your licensing service plays nicely.
Give us a settings page to configure bonjour so we won’t have to
sc delete ServiceName
unlocker: delete Bonjour directory
it from the system
It was especially troubling to see a service with numerous pound symbols and numbers… that smacks of malware
cheers
P.S. You should cross promote red pill candy 😉
I also found that installing/uninstalling Bonjour from Apple’s web site was NOT effective at removing it. The only way I could get rid of it was running “mDNSResponder.exe -remove” from the command line, renaming the DLL, rebooting and deleting the DLL.
This was a real nightmare for me. When my firewall warned me about a program I had never heard of trying to access the internet, I checked out the service, saw the cryptic pound symbols and numbers and assumed I now had a keylogger or some other form of malware. I disabled it through the service manager and Regedit, and then spent the next 3 hours trying to regain access to my network. Even after I did, and found this thread with suggestions, it was another hour before I had Photoshop re-installed and Bonjour permanently removed from my system. This is my first version of Photoshop and my introduction to it was to spend 4 hours fighting with it because it wanted to install a service I would never use, and installed it in a manner that looked like malware and was extremely difficult to remove.
From a PR perspective, does Adobe think that customers savvy enough to have a firewall that alerts them to outgoing net access will want to purchase future versions of Photoshop and/or recommend it to other people?
[Here’s the thing: The team responsible for implementing Version Cue should have thought this issue through, asked for permission to access the network, & provided a way to turn off the network access. And I, as someone responsible for Photoshop on the whole, should have paid closer attention to their implementation plans so that we could produce a better solution. I’m sorry that we didn’t get the details right here. I can only promise that the experience will inform our efforts to make the apps more network-savvy in the future.
Having said all this, I think the issues at hand are a problem more in theory than in practice. Bonjour isn’t spyware, and Adobe isn’t sending or gathering personal information. The network traffic you’re seeing sets off alarms & causes people to think that something illicit is going on. That’s a problem, but it’s a world away from Adobe software violating privacy or enabling others to do so, agreed? Put another way: Looking shady is bad, but it’s far different than *being* shady. –J.]
PLEASE Adobe don’t install unneded stuff on our computers. Is this really too much to ask??
That TurnOffBonjour.exe seems to work, aka it disables the service. Maybe doesn’t uninstall altogether, tho.
I don’t use version cue and didn’t install it. Got this crapola anyway. Won’t be so quick to swallow the hype about newer and better next time.
Well, I read this on one serbian mac community forum. Guys wish to play with new PS 10 and they found this:
“As you read on many sites, CS3 is trying to communicate with one “nice” servers calling akamaitechnologies.com… 10 days along… As you know those guys are pirate hunters… Version cue connect to akamaitechnologies.com servers with next IP’s:
38.96.182.20
38.119.71.150
195.113.232.72
195.113.232.80
… If you think that Version Cue wont be installed when you unchek this program, you are wrong. There are installed files “Version Cue/versioncue” and “catalina”. What they are doing? They are spying your computer and connect to servers posted above! The only thing is that you remove Version Cue (but CS3 wont work) or block IP’s!
But, where is the privacy??? It is ok to spy pirates, but what about the people and professional who bought this legally???”
in xp open a command prompt
start dreamweaver CS3
run:
netstat -a
a few times
(alternatively run TCPView from microsoft, formerly from SysInternals)
come up with these curious connections
192.150.18.101:http
192.168.112.2o7.net:http
that last address “2o7” is [number][letter][number] and NOT the number two-hundred-and-seven
why so sneaky sneaky?
yes, illustrator does this too
http://img258.imageshack.us/my.php?image=illustratorspieszj3.png
Then it won’t work as an IP address, will it? Rather than “sneaky sneaky” it sounds more like someone had a brainfart and added a letter O in place of a 0 (zero).
[Put another way: Looking shady is bad, but it’s far different than *being* shady. –J.]
Summed up so well in a single sentence.
More to the point, part of the “looking shady” is the result of people with just enough information and understanding as to be dangerous, and not enough to really know what they’re talking about.
When I see people concerned about a program “accessing the internet” because it’s accessing a 192.168.*.* range address it really just scares me that they may be responsible for their own network security.
A simple visit to Google would have revealed what Bonjour is and what it does, yet the same people incapable or unwilling to do this basic check are purporting to have cracked a grand conspiracy by Adobe to infect their systems with spyware and play big brother (albeit a big brother in perfect colour 😉 ?
There is a legitimate complaint here and John has already crystalised it precisely. The rest is a case of ignorant users wildly swinging in the dark because they think they might hit something, but not understanding what it might be, why it might be, or what the consequences of their actions may be.
And as for system performance issues, well, I have see zero degradation on any of the systems we use or I use personally as as result of this installation. Workstations capable of effectively using this software (CS3) are simply far too powerful to have the likes of Bonjour adversely affecting them.
echo Bounjour service killer…(cmd-bat file)
“%ProgramFiles%\Bonjour\mDNSResponder.exe” -remove
sc stop “Bonjour Service”
sc delete “Bonjour Service”
sc stop “B”
sc delete “B”
regsvr32 /u/s “%ProgramFiles%\Bonjour\mdnsNSP.dll”
reg delete “HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries00000000004” /va /f
reg delete “HKLM\SYSTEM\ControlSet003\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries00000000004” /va /f
reg delete “HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries00000000004” /va /f
reg delete “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\864614E012A08774EB1646AA5AEB0193” /va /f
reg delete “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\413EF6387A735094090FFA2EF513C53A” /va /f
reg delete “HKLM\SYSTEM\ControlSet001\Services\Bonjour Service” /va /f
reg delete “HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\Bonjour Service” /va /f
reg delete “HKLM\SYSTEM\ControlSet003\Services\Bonjour Service” /va /f
reg delete “HKLM\SYSTEM\ControlSet003\Services\Eventlog\Application\Bonjour Service” /va /f
reg delete “HKLM\SYSTEM\CurrentControlSet\Services\Bonjour Service” /va /f
reg delete “HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Bonjour Service” /va /f
reg delete “HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List” /v “D:\\Program Files\\Bonjour\\mDNSResponder.exe” /f
reg delete “HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List” /v “D:\\Program Files\\Bonjour\\mDNSResponder.exe” /f
reg delete “HKLM\SYSTEM\ControlSet003\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List” /v “D:\\Program Files\\Bonjour\\mDNSResponder.exe” /f
ren “%ProgramFiles%\Bonjour\mdnsNSP.dll” “%ProgramFiles%\Bonjour\virus.vir”
del /q/f “%ProgramFiles%\Bonjour\*.*”
rd /q “%ProgramFiles%\Bonjour”
echo …
echo please, reboot your computer and
echo then you can delete the folder:
echo “%ProgramFiles%\Bonjour”
pause
Thanks for the script optimux, exactly what I was looking for.
Turns out its 50/50 with this service, some people have no issues while others like me do.
Like many pro users I am quite aware of how my PC is running day to day so anything odd like bandwidth stealing does raise alarm bells.
I have no issues with a service being installed if its requried to ensure an application runs, in the case of Photoshop CS3 it is not required and I have not seen any evidence to state otherwise.
By all accounts it has the signature of mallware and as such I have permenantly blocked it from accessing my internal or external network, and thanks to Optimux’s script saved me the hassle of trawling through my system to remove any trace of it.
Nice idea, poorly executed.
P2P technology is great, as is bittorrents however its infantile at the moment. With so many cases of infected PC’s, users rights being abused (ala Vista) companies should be careful what they implement on a users PC. I use Windows XP as its the last safe haven for now, having experienced Vista I will not be upgrading anytime soon.
We need all the processing power we can get, as an artist I expect my PC to perform on demand, what I don’t expect to see is an service eating 100% of my CPU’s resources time on time again. To add to my problems I require full use of my bandwidth as I am often uploading artwork to my remote servers as well as browsing my stock image website to aquire new images; The last thing I need is another application/process eating what limited bandwidth I have.
In comparison my Linux partition is able to achieve the full DSL speeds.. goes to show how much of an overhead the whole Windows OS is.
Adios,
Fz
Simple sure-shot way to remove Bonjour.
1. Open a Windows command prompt and type the following command: “C:\Program Files\Bonjour\mDNSResponder.exe ” -remove (with quotes)
2. Navigate to the following folder in Windows Explorer: C:\Program Files\Bonjour
3. Rename the mdnsNSP.dll file in that folder to mdnsNSP.old
4. Restart your computer
5. Delete the the Program Files\Bonjour folder
6. Finally, run lspfix, a nifty little program that can be downloadee from http://cexx.org/lspfix.htm. It is self explanatory.
Voila, no Bonjour.
I know of a reliable way to prevent adobe from ever secretly installing unwanted debilitating software on anyone’s system ever again…
Its something called a “class action lawsuit”…
Are there any lawyers out there wanting to make themselves useful??? Just read these posts and see the dollar signs….
[“Debilitating”…? This reminds me of when I worked for a Congresswoman and would send thoughtful, well researched replies to constituents, only to have them come back with “RUSH is RIGHT!” scrawled on them in crayon. –J.]
It is a kind of spyware.
Bonjour is installed without any notice or warning, it connects to internet just after the instalation and it send data to someone. Try ot remove it manualy and windows will no longer connect to internet. It dos hijack the computer with files that dos start eaven Photoshop cs3 is started and put odd strings in service: ##Id_String2.6844F930_1628_4223_B5CC_5BB94B879762##
Description what it is or what it dose, that is why it shall be called a spyware and Adobe dose install this spyware.
P.S sorry for the bad spelling.
John Nack and Adobe: I fear you folks are tone deaf on this one.
We Do Not Want Apple’s Bonjour Service.
Simple. Easy to understand.
Please provide an uninstaller.
— stan krute
Exactly how much crack have you people smoked? I can tell by the responses that only one person actually took the time to look up what is actually happening with bonjour.
All of you skipped right over the post that tells you this “supposed” internet address is actually a UDP multicast.
“A router MUST not forward packets addressed to 224.0.0.X, and I notice that Apple is sending UDP/RPC packets to 224.0.0.251..”
If you made it this far, you probably aren’t a crack smoker.
What this means is that although you installed a “firewall” and it is asking you for outbound permission, it is NOT connecting to the internet.
http://www.iana.org/assignments/multicast-addresses
I know that page looks like some weird hallucinations that you had once when you were shrooming but its not. Certain address ranges are reserved for programs to broadcast their presence to a local network. They most likely CREATED bonjour to help two bit hacks that know little or nothing about networking to actually connect to the needed services.
When you open Photoshop, Illustrator, etc, YES it will contact adobe to download updated help files, news, tips, etc. Does it transmit your serial number? Maybe. If you paid for it, you really shouldnt care. I would guess that 60-70% of you have some haxxored copy and you are worried that it is reporting you. Well rest assured, if you dont have a firewall that monitors process attacks, then you absolutely have no way of stopping it without disabling your internet altogther. There are dozens of ways that a program can initialize other windows programs that you allow to access the internet without your knowledge (Exe’s can launch a hidden internet explorer window, can use svchost, etc).
So to summarize:
-Do more than one minute of research before you post disinformation.
-Pay for the program.
-Don’t smoke crack.
-Slowly remove your tinfoil hat.
Even if the windows service named “##Id_String2.6844F930_1628_4223_B5CC_5BB94B879762##
” does not connect to the internet, and even if it is not in a class of software some would define as “spyware”, it is still a resident program (aka service, task, etc..) that is loaded on our computers with out our explicit consent…
It is software that runs ALL THE TIME on our computers, taking up memory and CPU resources, even when we aren’t using the software item we installed at the time..
This means that there are fewer resources available to the OS and all other software that we may be running on our computers, even though we aren’t using the software we installed at the time…
For that alone, I would define it as “debilitating”..
This is the main reason why folks in the IT field hate installing new or unknown software so much… Because so many software developers put in these little “helpers” all over the place, and all of them together bring the computers down to a crawl…
Perhaps if we all had computers dedicated to one function, running this software, then it wouldn’t matter so much that it is installing this helper component.. But for most of us, this is not the case…
…. We are frustrated, as computer users, that software companies take advantage of our ignorance, and install resident software without our consent or knowledge… It seems that software that we grow to love because of its simplicity and ease-of-use, grows and bloats to the point where we now have to put up with added layers of muck, just to get a newer version… (Anyone use Nero 7.0 or higher?? I sure don’t.. 6.0 is better)…
What do we want?? We want software we install to run ONLY when we decide to run it.. It should be a user action that initiates the allocation of our resources, not an automatic job or service, unless the software we are installing is specifically set up to be a service (like database or web server software)…
If there are “helper” software items that are to stay resident (running all the time on our computers) that the software developer feels we need to get the most “enjoyment” out of our software, then these items should be optional, and EXPLICITLY installed at the user’s request, with a warning that such software will run in the background at all times….
And I don’t mean warned on page 37 of the 52 page EULA that no-one reads (not even lawyers), and I don’t mean buried in a 5th level check-box that is default selected of the installer tree-view either…
I mean the installer SHOULD say at some point that it would like to install an optional component on our systems, here are the benefits of this component, and that the component will remain resident on our systems until we remove it, disable it, or re-install the OS..
Is this REALLY too much to ask for??? Have we reached a point where expecting this is out of the question???
If all legitimate software manufactures did this, then it would be really easy to tell the difference between “legitimate” software, and spyware software wouldn’t it???
[As I think I’ve said, I very much regret that this component got shoveled onto users’ machines without asking for permission. I hate finding out that anything has been chipping away at the computer power I paid for. (I learned yesterday, for example, that every damn OS X Dashboard widget is eating 25MB of RAM!)
I’m sorry this went down the way it did. I was unaware of the component, and I agree that Adobe and other companies need to be more mindful about installing things that generate network traffic. I promise that I at least will be more vigilant in the future. (None of this makes Bonjour “spyware,” though.) –J.]
I really don’t understand why so many are having so much trouble with this software. All I did was go to services and changed it from automatic to manual and quit quicktime and Itunes from starting with the computer and walla it doesnt start up and it also doesn’t mess up my internet connection and the adobe software works just fine. ???
Was checking log files when I stumble upon bonjour, wich sound ed strange to me, found it in the services in XP, and found out that it was a part of Flash CS3 (google bonjour, subtract filter cheese), wich I am runing a trial of. No problem, no resource hog on my system.
After reading all this funny comments I said for myself “Im no retard after all, pff!”
One tip I have: first stop then disable the service. This way the service will not load and eat up your memory, also fast to implement and everything else still works!
To me it is strange that Adobe puts support for a service in CS3 that is still in beta(Visual Cue) ..
Realy Great Software anyway!
Even better when you have a laugh one or the other day! 🙂
David Wilkerson — 09:41 AM on June 20, 2007
I really don’t understand why so many are having so much trouble with this software. All I did was go to services and changed it from automatic to manual and quit quicktime and Itunes from starting with the computer and walla it doesnt start up and it also doesn’t mess up my internet connection and the adobe software works just fine. ???
——————————
You the man!!!!!! Easy Fix..
Ok, This thread has been kicking sround since January and apparently has been known to be a problem since beta testing. So Where is the Uninstaller and why is its location Not plastered all over the Adobe support site?
[A., Bonjour isn’t spyware. B., uninstalling it might cause problems for iTunes and other apps. We don’t want to issue a “cure” that’s worse than the “problem” (which, in the absence of any quantitative data to the contrary, is one of perception). That said, I have asked engineering to look into it. I don’t yet have an answer. I’ll keep pushing.
At the end of the day, although I have yet to see evidence of any security or performance problems associated with Bonjour (and no, just saying “my network runs slower now” does not constitute evidence), we need to be mindful of customers’ concerns in this area. We continue to work on finding a solution that will work for everyone. –J.]
Thanks for the quick answer, but the fact is, I don’t have OR NEED iTunes and I want to squeeze every ounce of performance out of my CPU and save every bit of space on my hard drive because I work with this stuff for a living, if MY computers work slower than I am stuck waiting on it to finish so I can continue. Granted, it may be just about time to get the newer model computer but you guys have gotta be more cognizent about who your customers are and whats really important to them. That is if you really want to keep your customers happy. Is it really “worth it” to listen to marketing and slide something like this onto our computers without thinking that its gonna really piss off your real, honest to goodness, actually PAYING for it customers?
[I don’t know whether we’ve explained the function of Bonjour anywhere or not (as I’ve long forgotten how this thread started). The purpose is to let one’s computer discover asset management servers automatically. That *is* a feature, and potentially a highly important one to large customers with big DAM investments (no pun intended). So the whole idea that this software serves no purpose, or that it was slipped in my some evil Marketroid, doesn’t hold up. It’s there to deliver a customer benefit.
The rub is that clearly not everyone values or wants this capability, and they’d rather have an easy way to turn it off (or never to have had it installed to begin with). That’s a totally legitimate perspective, and again, I regret that the various Adobe groups involved didn’t pick up on this sooner and provide more options. –J.]
Don’t get me wrong here. I know quite a bit about computers and my son-in-law manages IT networks for a living so I can handle the repairs myself, but I don’t think I should have to. And almost everyone that I know in this field are almost total novices about their computers. They just use them and if they don’t work, they call a tech person to get them back to work again. If loading PSC3 or any other ADOBE product interupts their workflow or causes them to have to call an extremely expensive tech to get back to work again there WILL be hell to pay, I am almost positive your rep in the field will drop to near zero.
[I’m curious: Does it matter that (as we’ve said over and over now) the software in question has no discernible real-world impact? Does it matter that no one has demonstrated *any* performance or stability problem, much less any privacy concern? There *is* no workflow interruption. There’s no need to call an expensive tech to “get back to work again.” Does any of that matter…? ‘Cause honestly, I think people would rather shake their fists at Adobe, just on general principal. –J.]
Anyway will you let us know if a fix becomes available? Thanks.
[Of course. The “fix” would be essentially a cosmetic one (given the non-impact mentioned above). –J.]
John if you ever visit Sydney, Australia please let me know. I’ll buy you a beer (or three) and we can discuss the evil conspiracy to provide useful features to users 🙂
[You’re on, Phil. I discovered last time that I like kangaroo meat pizza… –J.]
The Australian hotel at The Rocks does a mean ‘roo pizza and great brews on tap.
[That’s where we had it! Killer spot. –J.]
Thai style stir fry and curries and burgers are other great ways to eat part of our national coat of arms 🙂
Hmmm, Adobe Gourmet 1.0?
John,
I have had a little more time to investigate this matter and have discovered something that may have a bearing on this. I have NOT noticed much of a difference in the general speed of my computer either with or without the Bonjour Service running.
My problem seems to be the movement of my mouse within the active PS window. You know that on your desktop OR in other programs windows you move your mouse x inches to achieve x amount of cursor movement. This is (and has always been) consistant except when the cursor is over the PS window AND that window is active. Then the movement, speed and acceleration of the cursor slows down considerably. If the PS window does not have the focus of the cursor then there is no slowdown.
I have searched for this problem in the FAQs and knowledge base but all I did was get here to your little spot in the world, which I Do appreciate btw. Anyway, any idea on how to get passed this problem so I can check out the newest version?
Thanks!
[Let me see what I can find out, Tony. –J.]
John,
I may have come upon a workaround and something you can pursue on your end too. I uninstalled my mouse software and Viola the standard windows drivers have no problem with PS CS3. I have a Logitech MX 700 mouse and wireless keyboard combo. I believe that the PS CS3 code must do something to the mouse driver to cause the problem. I have tried installing both Mouseware 9. something and the setpoint 4.0 drivers but when I do either, the problem returns. No mention of this on the Logitech Forums and I am not sure who should provide the fix, but I tend to think it should be Adobe.
On another note whats the deal with the Bridge? I came from 7.0 and loved the file browser, used it all the time. But bridge seems to be a seperate program and NOT a very good replacement for the built in file browser from the 7.0 product. Just my two cents.
Lastly, I think I am going to like the program proper from what I have seen so far anyways. Please pass the kudos on to the people you know!
Would you please let me know if a solution comes out on the mouse thing, I really miss some of the features of my mouse.
Thanks for the sounding board.
Tony
I will tell everyone here that this bonjour service / flexnet / version cue needs to be engineered to uninstall / install better by ADOBE. Ive spent 4 days now trying to repair / remove this godforsaken CS3 piece of POO that is great when it works, but if you have a problem with it, WATCH OUT. Nightmares and Headaches Ensue. Ive Downloaded the WinCS3Clean Utility that Customer Support directed me towards, even after using the hidden ‘4’ option it still will not unintall the freaking shared components and version cue. All based of freakin BONJOUR DOO DOO. Apple, QUIT MAKING SHITE APPS FOR PC. ADOBE, QUIT RELEASING SHITE APPLE ADD ONS WITHOUT FULLY BETA TESTING. WHAT A FREAKIN JOKE. (CRUMPLES UP TINFOIL HAT AND CHEWS IT FOAMING AT THE MOUTH LIKE A RAVING LUNATIC)
I cannot beleive this, i have no luck and had to result to a system restore. What a piece of crap. Shame on you!
[I’m not sure what you’re even talking about. You know that Bonjour is completely benign, right? You know that even after I’ve asked, what, a dozen times, no one has produced *any* evidence that it consumes meaningful bandwidth or computational resources, much less relays any unwanted data, right? Despite that, am I right in thinking that you feel you absolutely must get rid of it, no matter what the cost? –J.]
I guess everyone out there is a designer and not a network engineer.
192.168.x.x IP address are non-routable addresses; they don’t exist out on the internet. Your ISP will NOT, can NOT route traffic to a 192.168.x.x address because they don’t exist beyond the limits of your firewall/router.
192.168.x.x (and a few other) address range is reserved for private use. Anyone can use any IP addresses in that range for their home network. None of these addresses will be reachable from the internet because they don’t exist on the internet. When you connect to the internet, your firewall/router gets an IP address from the ISP, which IS routeable, and that is the address which is used to represent your machine (well, it can get more complex, but that’s the simple case).
Open a DOS prompt and type IPCONFIG /ALL, and find your IP address. Then go to http://www.network-tools.com and look in the middle of the page; that’s the IP address the site sees you coming from. Not the same is it? Type in a 192.168.x.x address (whatever you found from zone alarm) and try to ping or trace to that route. Doesn’t work does it?
Not saying that it’s good or doesn’t cause a problem; but trying to get to 192.168.x.x doesn’t mean it’s trying to access the internet.
my problem wasn’t concerning any paranoia with CS3’s security (i know that the local IP is self contained behind the router/firewall yada yada yada) , but I will say that thanks to this blog / comments page, I was able to pinpoint my problem with uninstalling & reinstalling CS3 and thankfully regain my sanity. Lets just say I had a multitude of issues which ultimately required manually going through the registry . Good Times! Yea, anways thanks John Nack for starting this blog and to ‘optimux’ for reconfirming my suspicions.
Wow, lots of folks blaming other people for not being “network engineers”, and “scared” because “they may be responsible for their own network security”, yet they don’t even take the time to read the posts thoroughly.
FACTS:
YES, it’s true that 192.168.x.x are reserved addresses for local networks.
NO, the address being contacted by the supposed Adobe spyware are not in the 192.168.x.x range. Take a moment to read again the post above from “CS3 spies like us” dated 12:59 PM on May 21, 2007.
So, the IP addresses being contacted are:
– 192.168.112.2o7.net
This is a perfectly valid DOMAIN NAME (it ends in .NET, ok? and the last 3 characters before the .NET are [number][letter][number]: TWO-O-SEVEN). The domain name (that currently resolves to 212.52.17.136) is perfectly valid and registered to the company OMNITURE at Network Solutions. See http://www.networksolutions.com/whois/results.jsp?domain=2o7.net
– 192.150.18.101
Perfectly valid IP address, belongs to ADOBE. See http://whois.domaintools.com/adobe.com
So the question is: if the connections are perfectly legit and nothing to worry about, why using such sneaky addresses (like the first one, 192.168.112.2o7.net) that could EASILY be mis-recognized as local network IP’s (while they’re not)???
Bonjour or no Bonjour, the installer from all the CS3 series is one of the biggest pieces of software crap i’ve seen in years, you folks from Adobe should be ashamed of yourself…
And yes, everyone loves to have 10 pieces of crap installed on their computers(without even been asked) so they can use one stupid program, i think this will be the Adobe way from now on.
Network Engineer:
Did you also read in the post to which you refer, that they mentioned this behaviour was coming from Dreamweaver and Illustrator and NOT from Bonjour (which is the subject of the patently false claim of being spyware)?
Did you read the previous posts where people were indeed complaining about their firewalls indicating “internet” traffic on locally reserved address ranges?
Of course these programs contact Adobe – how do you think they auto update?
Again, however, this has nothing to do with Bonjour. Bonjour comes from Apple and is on *ALL* OS X installations. It’s not a virus, it’s not malware or spyware and all its communication efforts and use of system resources have been noted and are minimal. Compared to the resources needed by PS, Bonjour has zero impact.
I wonder if people also complain when they install software under Windows that forces a .net framework installation to run it? Perhaps Java?
Would you like the installer to notify you of each .dll it installs and what it does?
There is no verifiable information to show that Bonjour is the cause of any performance issues (system or network) or that any inappropriate recording or reporting of information is taking place.
Note for Tony and other Logitech users having slowdown mouse problems in CS3 software:
uncheck the logitech mouse feature that reads “disable mouse acceleration in games” or similar.
I am a webmaster by day and I do photography for weddings on the weekends. I finally got my hands on CS3 for Dreamweaver and Photoshop. I have to keep up to date on Dreamweaver because it is my bread and butter, but getting the latest photoshop was an indulgence.
HOwever!!! OH MY GOD, I am in shock now. This software installs things on my computer that have slowed the internet connection down and have embedded themselves into the operating system. You can not ever remove this horrible piece of crap and I am so pissed off that words do not begin to describe. I managed to disable the service, but every blue moon it mysteriously comes back on. It bothers me deeply that this software’s footprint can not be completely removed. I don’t know what Adobe was thinking, but they’ve ruined Dreamweaver.
[Do you have any evidence to support what you say? –J.]
ALL I WANT IS DREAMWEAVER, NOT THIS BRIDGE / DEVICE CENTRAL / EXTRA BULLLSHIT, AT LEAST GIVE US THE OPTION TO REMOVE THIS GARBAGE
[Are you saying you can’t figure out how to remove applications? That’s really saying something. –J.]
“July 01, 2007
…although I have yet to see evidence of any security or performance problems associated with Bonjour…”
May 25th, 2007
The vulnerability is a buffer overflow in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) code…
the bug in the code used to create Port Mappings on home NAT gateways in the OS X implementation could open the door on the local network to launch a denial-of-service or code execution attack.
(http://blogs.zdnet.com/security/index.php?cat=10)
Or google “bonjour adobe suite exploit”
There has already been evidence at the time.
For my own sweet reasons I’m 120% tolerant 2anyth Adobe duz 2its soft, buut Bonjour implementation was… ungraceful.
[Okay, thanks for the info. I’ll make sure the Version Cue guys see it. –J.]
The thing with that Bonjour bug is in relation to OS X. Bonjour comes installed as part of OS X. If the bug isn’t a problem under Windows, then there’s still no evidence that Adobe’s decision to install Bonjour on Windows systems represents any additional security threat.
[Thanks for the info, Phil. –J.]
Phil Brown:
You say “Of course these programs contact Adobe – how do you think they auto update?”
Re-read my post please. The second address is from Adobe (192.150.18.101) which may be contacted for the auto update function, as you say, and I agree on that. Even if there’s no evidence of it, it’s an acceptable explanation.
On the other side, the first, sneaky IP (the one you said was in the 192.168.x.x range so not harmful at all…) is 192.168.112.2o7.net, belongs to Overture, a company that does advertising, tracks customers habits, etc etc.
If you go to http://www.omniture.com/privacy/2o7?f=2o7 you can read their privacy policy statement, which begins with:
“2o7.net is a domain used by Omniture to help provide portions of its Omniture SiteCatalyst and Omniture SearchCenter products. Specifically, this domain is used by Omniture to place cookies, on behalf of its customers, on the computers of visitors to customers’ selected websites.”
So, it appears clear that that’s got nothing to do with the auto update feature, but rather with a “snoop on what the user is doing with our applications” behavior =)
Network engineer – once again, please read where the behaviour you quote has NOTHING to do with Bonjour. This thread is about Bonjour and people claiming that installing Bonjour breached their security. It didn’t. People claimed that it ran in the background all the time sending data outside their system and slowing their performance. There’s no evidence of either of these things being true.
I’ve only ever commented in regard to Bonjour. Dreamweaver and Illustrator may well contact additional websites – I don’t know, I haven’t looked into that issue.
So, yes, it’s still scary to see people responsibile for network security making claims without understanding what they’re talking about and thus jumping to wildly incorrect conclusions.
Oh well, creativity, I suppose, should be embraced in all its forms 🙂
It is I really think due to the proofs presented here I don’t have doubt in affirming that. The pac CS3 installs an undesirable application in our computers and the own Adobe doesn’t supply an option to incapacitate that. I don’t know any user that likes your resources of CPU/RAM they are used, quietely, for an application that this hidden.
And in recent visit to my regent of services of the XP ” services.msc ” discovered that after the installation an entrance is created codified that don’t know what does but I treated soon of incapacitating.
PS: Don’t fill the people’s machine with dirt.
—! Be excused the understanding of my text it is difficult I had to use a translator to write more correct possible for vcs.–!
Bonjour,
Sorry for my poor english, i’m french.
I have just buy flash CS3, and i want tell you, i will download warez now, and stopped to paying license !
Yes, i have test to remove bonjour, and i have broken my string, then i have need to format my hd, and i have loose all my work !
Then, it’s pretty cool, you pay for get suxxor hidden software, and if you download warez, you haven’t suxxor hidden software !!!
For adobe team : Bravo !!!!
[You’re a complete moron, and I don’t have time to bother poking holes in your litany of ridiculous assertions. –J.]
How can an installer (WEB PREMIUM) take so long to carry out it’s tasks? I can defrag a 200gb disk faster than this, is it taking note of every byte on the disk?
Listen, I am an end user. I’m not a network engineer, I’m not a programmer, I’m not even a designer. I needed InDesign to layout materials to send to a printer and PS to process photos so they would print correctly in the layout. THAT’s IT.
Instead, what I got was two crashed computers. My work computer won’t even boot now, and the ONLY change that was made was the installation of CS3 Design Standard, My portable computer, while still functioning, has slowed to a miserable crawl, and, again, the only change that was made to the computer between speedy functioning and 5-6 minute bootup/2-3 minute launching of any program/constant CPU usage was the installation of CS3 Design Standard.
So computer geek arguments, aside…can someone from Adobe PRETTY PLEASE provide a reliable fix for people who legitimately purchased the software and are now having problems because of it?
I don’t feel that I should have to go into a command prompt or edit the registry in order to fix this. I just want my system(s) back and the ability to use the software I paid for without it crashing my system because of something extra it installed that I don’t really need.
[Sorry to hear that things aren’t going well, Ryan. Have you called tech support? If not, why not? –J.]
Phil Brown — 10:35 PM on July 01, 2007
John if you ever visit Sydney, Australia please let me know. I’ll buy you a beer (or three) and we can discuss the evil conspiracy to provide useful features to users 🙂
[You’re on, Phil. I discovered last time that I like kangaroo meat pizza… –J.]
Phil Brown — 07:01 PM on July 02, 2007
The Australian hotel at The Rocks does a mean ‘roo pizza and great brews on tap.
[That’s where we had it! Killer spot. –J.]
Thai style stir fry and curries and burgers are other great ways to eat part of our national coat of arms 🙂
Hmmm, Adobe Gourmet 1.0?
Sacre Bleu Phil! (but please excuse the French pun)
How could you?, you shouldn’t, I mean you can’t mix cultures when eating one of our nations icons!
Check it’s pouch, lop it’s tail, burn it’s arse on the barby then serve it up with chips 😛
Only way to eat roo….
John, if you’re ever in Cairns, look me up, you have my email. We’ll show you how to eat ‘roo 🙂
[Heh heh–will do. 🙂 –J.]
Why has this thread ended in July? Is there now a fix for this thing? I can remove it, I want to remove it, I just don’t want to spend hours doing it. I am very upset with Adobe for putting unwanted apps on my system.
[What harm is Bonjour doing to your system? The answer, of course, is none–it’s all psychological. That doesn’t mean that it’s not something for Adobe to take seriously, but I’m tired of hearing people imply that Bonjour is spyware, or that it slows down their network connectivity, etc. It isn’t, and it doesn’t. If there’s evidence to the contrary, please pass it our way. –J.]
I noticed that flash cs3 phones up omniture on that sneaky 129.168.112.2o7.net address. I see it is kind enough to include my serial number too. What right does omniture have to know that information… I would say it is spyware by anyones definition. Especially since you cant turn it off easily.
[Where do you get evidence that Flash is sending your serial number anywhere? Here’s a funny thing about these posts: people show up, make inflammatory assertions using pseudonyms & fake email addresses, and never back up their statements. That makes this a waste of everyone’s time. –J.]
Thought I’d add something to the pile here. I think the problem many of us are having with additional components like Bonjour, quite apart from performance or spyware issues, is overload. It’s like receiving extra mail with a subscription — it’s fine when you have just one, but it becomes time-consuming and unproductive when you have many to sort through. I know this isn’t lost on developers who are packaging this sort of thing because I’m sure they realize it too, even when they’re towing the company line. A simple convention that seems to work well for everyone is the option to add and remove unessential components at installation time. Without implementing this sort of thing, a company has little footing when it tries to justify the inclusion of a component that has caused this kind of discussion, regardless of whether the problem is ‘real’ or ‘perceived’. Cheers!
[Thanks for the level-headed comment, Steve–kind of a rarity in this thread. I agree that Adobe installers should make it easy for people to control what they’re getting. The overhead for offering and testing options is considerable, however, so it’s not nearly as easy to accomplish as it might seem. –J.]
I just went through two hours of research after having my CS3 apps quit working due to liscensing issues based on the fact that the POS program Adobe uses to license its products was blocked by my network admin.
Adobe just lost a customer.
It is very easy to see if SC3 installs something that is working as a virus or spyware.
1 Did you get a notice about the software, if not it is a spyware.
2 Can you remove it without destroying the program or network, if not it is a spyware.
3 Dose a uninstall remowe the program, if not it is a spyware.
For me did CS3 install two programs that run in the background even if a did not use Photoshop, that is the call sign of virus and spywares and after uninstallation of Photoshop did Bonjour still exist on the hard drive and it was loaded at with Windows.
I do not say that installs spyware, but it installs some program that acts like a spyware and can be used like a spyware.
I will advise folk not to install Adobe om machines that has important informations on it or is connected to the internet. Look at Gimp or Gimpshop as alternatives if you want a program that is not sending information via Internet.
P.S Sorry for the spelling.
Where can I find an uninstaller?!
My friend bought a retail PS CS3, and we panicked when we found this service running.
It destroys the internet connection
[NO IT DOES NOT. Quit saying stupid, uninformed crap. Demonstrate to me how there’s *ANY* negative functional impact from Bonjour and we can talk further. But I keep opening that challenge, and you keep failing to back up your alarmist claims. –J.]
and we don’t want this sh*t!
Photoshop doesn’t even ask if you want to install this piece of crap!
This is just like some spyware or trojans. You may have them and not even know. Sucks big time.
[What sucks is how gullible, lazy, and reckless people prove to be. –J.]
can’t you understand? we don’t want any unwanted programs (or any program without our consent) running in our precious PCs.
[I’m going to say this one more time: Yes, I get it. I’ve said so over and over. I happen to agree that people should have control over what gets installed on their machines. I just don’t want to hear any bullshit about how Bonjour is “destroying my internet connection” or sending personal data to Adobe or clubbing gay baby harp seals or whatever. –J.]
it’s like having a total stranger sleeping in your own house.
As Simple As That!
Hello,
Just installed Dreamweaver CS3 and, like everyone else, I don’t appreciate Bonjour having been installed without my knowledge. I see Adobe’s instructions for removing it (http://kb.adobe.com/selfservice/viewContent.do?externalId=kb400982&sliceId=1) but I’ve two questions.
1) Is there not an easier way to simply turn it off until I need it in the future?
2) Will I infact even need Bonjour for anything if all I do is create web sites/pages with DW (and I don’t use Version Cue)?
Thanks
– Dave
Its all very well jack keep on saying that adobe doesn’t eat babies but talk is cheap what precisely is jack/adobe doing about this bonjour crap?
Another similar article voicing concern:
Wear tinfoil hats when using Adobe products
http://valleywag.com/338011/wear-tinfoil-hats-when-using-adobe-products
Is all this really necessary/worth it?
[That article sucks. –J.]
John, dear, calm down. I know we’re picking holes in your baby, but calm down – we’re not attacking you, and getting angry isn’t helping.
The fact is, some Adobe products are contacting this 2o7.net site on a very deceiving subdomain (192.168.) which makes it appear to be a local connection. This is not cool, nor is it acceptable – I don’t like the idea of Adobe products calling home with what appears to be my erial number (as well as at the very least my IP address to make the connection), and I DEFINITELY don’t like the idea that this is being hidden behind the mask of a “local” connection (which it is -NOT-)
Request to that aforementioned address from Dreamweaver latest at 2o7.net (owned by Omniwhateverhtefuck)
GET /b/ss/mxcentral/1/F.3-fb/[sn-here]?[AQB]&purl=mm&pccr=true&c2=dw&c3=9.0&c4=win&c5=en&c6=full&c7=&c8=&c9=dw_9.0_win_en_full__[AQE]
which seems to return a 2×2 pixel gif, for no particular reason, with no extra data. Again, this is unacceptable.
Unrelatedly, does your spambot thing require me to type “photoshop” every time? Sounds like it’d be easily exploited.
&productNaI found this one on Slashdot. For those of you who haven’t seen the article (it’s in the URL), here is the information being sent to 2o7.net. It’s HTTP data.
GET /b/ss/mxcentral/1/F.3-fb/[THIS IS WHERE I SEE MY SERIAL NUMBER]?[AQB]&purl=mm&pccr=true&c2=dw&c3=9.0&c4=win&c5=en&c6=full&c7=&c8=&c9=dw_9.0_win_en_full__[AQE] HTTP/1.1
Referer: http://www.adobe.com/startpage/dw_content/dw_90_full_default.swf?prod=dw&ver=9.0&plat=win〈=en&stat=full&tday=&spfx=me=dreamweaver [adobe.com]
x-flash-version: 9,0,45,0
User-Agent: Shockwave Flash
Host: 192.168.112.2O7.net
Returned is a blank GIF, with dimensions 2×2 and your serial number for the filename, its purpose I have not been able to determine. There is some garbage data attached to the end of the file, which is ignored by image viewers. I’m assuming this is how Omniture covertly sends data to your computer.
One thing is clear: CS3 is sending my serial number, operating system, application version, Flash Player version, my preferred language, and more to a third-party without my consent. If this is some kind of a survey, do what HP does and make it an opt-in feature.
Slashdot has heard word of this, as well:
http://yro.slashdot.org/article.pl?sid=07/12/29/2120202
anyone who trusts closed source is a moron. this fact alone should be obvious to anyone, but yet we’ve allowed closed source products to become so popular, they are dominating our computers even when we choose a free OS (linux). Don’t believe me? Try finding a [legal] site as popular as YouTube and using it without the closed source Flash plugin/player.
If you choose closed source, be it from Microsoft, Apple, Adobe, Real, Nvidia, ATI, etc. you deserve what you get for choosing what amounts to a black box of who knows what inside.
Bonjour is not malware, but from a network security point of view, it is a risk.
Just another open port with a complex service behind it that is accessible to others without passwords. It is the Apple version of the Windows Remote RPC service.
After years of published vulnerabilities in the apps using the remote rpc service, Microsoft got smart and no longer turns on the remote RPC service by default. In reality not a lot of people are using these services anyway, so there were not a lot of complaints either.
It’s only a matter of time before Apple has to decide to do the same thing. Trusting application developers to program secure servers for the network just doesn’t work (heck, as shown with iChat, their own programmers cannot be trusted to do that either). As Apple products become more mainstream, so will the exploits.
Oh, I forgot to say this:
If the 2o7.net comments are true, Adobe is in for big trouble. Think ‘sony rootkit’-like trouble.
I sincerely hope you did not make such a stupid mistake.
[Didn’t the Sony rootkit thing install executable software that opened security holes on users’ computers and risked destabilizing them? How is that equivalent to displaying a SWF hosted online & having that event be logged sans personal info?
Do you see no difference? It’s the inability or unwillingness to parse these issues, and consequently to paint everyone with the same scandalous brush, to which I object. –J.]
CS3 may not install spyware, but it makes your computer vulnerable to it.
I purchased CS3 and was very disappointed that Version Cue completely disabled the OS X firewall. It just turned it off without warning. The decision to create this behavior can’t possibly have been reviewed by your legal department. I noticed the problem and removed Version Cue in favor of using Subversion (which plays nice with my firewall and works over SSH). Imagine if someone’s computer were compromised because they did not notice that Version Cue had silently disabled their firewall? Ease of use is one thing. Removing security services that a user had configured borders on malicious.
[Yeah, this behavior is a really stupid, boneheaded thing. It’s due to a bug & wasn’t done by design, but that doesn’t change the facts on the ground, so to speak. It’s really embarrassing that the software shipped in that condition. I guess I’m reminded of Grey’s Law: “Any sufficiently advanced incompetence is indistinguishable from malice.” See also Hanlon’s razor. –J.]
Why does a photo editing suite need to install Bonjour? Why does said software need to communicate with a third party? Why is this not made clear during the install procedure? J. – who are you to decide that Bonjour (or whatever network active shite that adobe installs) software does not affect my network connection. Point is – its shite and I don’t want it. Did you code Bonjour? Do you know exactly what it does? Do you know exactly how, when, and what adobe software does over the network? its all utterly shite – this software doesn’t need to do it. It eats my bandwidth and system resources with stuff that doesn’t help me at all except piss me off.
Thanks for your reply regarding the firewall-disabling nature of Version Cue. You mention that this is a bug. Has it been fixed?
[Not to my knowledge, because the bug is in the installer, not in VC itself. The latter has been updated, but the installers haven’t. –J.]
The other bug that really gets to me is the inability to edit the keybindings on a Mac because of a bug in the config file parser. My post (as “expanded”) with the fix is at the end.
Is there any way to be notified when bugs like these are fixed?
[There’s no good, centralized way to track such info, as far as I know. Searching the Adobe tech notes is always a good idea. And for all its flaws, the Adobe Update Manager application can keep you informed about revisions to the code. –J.]
Let’s see.
Anti-virus could definitely account for the slowdown some users reported. I’m not sure why image editing software should need to wave the red flag in front of AV software, however.
Slow tracing on that 2o7.net server could also slow people down.
I guess I know another reason I use the gimp instead of photoshop.
Trying to blame bonjour isn’t nice. Speaking of bonjour, when will big companies understand that the reason dll is hell is specifically because it’s hard for an adobe (as an example) installer to know whether to uninstall or not. Tracking what the installer installed is not sufficient, of course,
Modularity is the solution to the bonjour confusion. The DAM stuff should be an alternate install, and then the warning screen when it finds it needs to install bonjour is more likely to be read, if the installer is a human, and not a script that the corporate sysadmin hacked together. Anyway, if Adobe is really making a product that includes support for corporate sysadmins, Adobe should properly support the sysadmins.
I have no idea how to solve the paranoia that induces the DRM mindset. Getting rid of investors who are more interested in a company’s ROI than in the company’s product or service is one step, of course, but that’s a giant step for mankind if we can ever take it.
[Didn’t the Sony rootkit thing install executable software that opened security holes on users’ computers and risked destabilizing them? How is that equivalent to displaying a SWF hosted online & having that event be logged sans personal info?]
How is the users serial key not personal info? You may delude yourself, but you are not fooling anyone else.
[Well, until I hear back from the people responsible for creating the SWF & dealing with Omniture, I’m not making any judgements about what info is being sent. –J.]
2o7.net may not be logging them now (they probably are though, normal web server logs show the url string of the request and the referrer), but there is no way to prove that, there is no way to tell what happens in the future, and more importantly, if the numbers are not logged, there is no point in sending them anyway.
Obviously, the Sony case was different, because of the truly malicious intent there. I was merely referring to the scale. If you want a case that deals with a more comparable subject, I suggest you look at the case regarding old versions of the Alexa toolbar, collecting more information than specified:
http://pages.alexa.com/settlement/
As you can read there, Alexa/Amazon had to pay about 2 million dollars to settle their infraction, and had to clean all their logs and keep them clean until they had properly disclosed the way they collect information to all users.
Now keep in mind that this is about a piece of software which, obvious to anyone, has the purpose of sharing information with a company, in order to be able to display derived information to consumers. 2 Million dollars is only for collecting more information than specified (probably not even in a way useful to Alexa with then-current technology).
Your application has the purpose of creating files, not of sending information onto the internet. Yet it is silently sending personal information to a hidden third party.
We’ll see how much that is worth.
believe me, macromedia was doing great alone without u !
1. adobe cs installation sucked hard, you have to wait till the process is over to know whether the installation works ? u kidding me ?
2. loaded a bunch of un-needed crap services to my desktop.
You might want to point at that that .bat file should not be run on Vista x64 – as I cannot surf the web or use certain 32bit apps via the web now. I’m currently backing up all my important stuff in order to reinstall the OS… thanks
John, any news about your comment below?
“[Well, until I hear back from the people responsible for creating the SWF & dealing with Omniture, I’m not making any judgements about what info is being sent. –J.]”
[Yes: please see this post. –J.]
Whether Bridge is spyware or not, all I know is when Adobe loaded this piece of crapware on my computer Friday as part of the CS3 installation, it took a P4 2.53 GHz with a gig of RAM and 60 GB hard drive down to the performance of a wheezing 486.
Microsoft Word took FIVE (5) minutes to load. Other applications, including those in the CS3 suite had equally abysmal performance.
It is not spyware, per se. It is crapware (meaning useless software, not malicious in nature, shippped with OEM machines, or installed by computer users). Yes, it’s needed by Adobe Active Cue. So what? I don’t access Active Cue servers. Apple should be ashamed of it. Adobe shouldn’t install it as part of the default install.
I did exactly what John said to do a year ago. Once I did, the system returned to its fast state once again (I don’t keep a whole bunch of Windows GUI tricks running on that box. It’s set for performance and it’s back to smoking again). Thank you, John!
Crapware, I tells yah! Crapware!
If you choose closed source, be it from Microsoft, Apple, Adobe, Real, Nvidia, ATI, etc. you deserve what you get for choosing what amounts to a black box of who knows what inside.
[And if you live life trapped in ideological fear, you too deserve what you get. –J.]
Mr. Nack –
I first want to commend you on your willingness to throw yourself under the bus for Adobe – regardless if you are or are not an employee. I too am having similar issues with my install of CS3 and am very disappointed in Adobe decision to install Bonjour without letting me know so I am not going to add to the rather large and rightfully vocal disgust with that decision. However; I have noticed one other wired item – it seems that if my user logs into her system as the local administrator PhotoShop and Bridge seems to work at an acceptable level. Yet if she logs into the workstation as herself (a domain user) her performance tanks, now the only difference between the two accounts are drive mappings. When logged in as herself she has about 9 drive mappings – some to a local server the remaining to a remote server in a different sate. Also she can log in as herself and work in all manner of apps without any problems until she loads Bridge – at that point the system just crawls – my question is when Bridge loads dose it try to scan all drives (local and network) for images? If so can that be disabled or at least restricted to local drives only?
Respectfully –
Ingram Quick
I have just installed the trial version of Photoshop CS3, from the Adobe web site, only to find that it installed the Bonjour system etc. It also caused the machine, a XP Pro on a SBS 2003 system, to have problems with it’s logon and DNS services. I had to do a system restore to get the machine to log onto our network!
I would just like to say thanks to the people who posted about the mouse slowdown issue (and fixing it by unchecking the “disable acceleration in games”)
that was really bugging me, but now it’s fixed!
Hi there.
I was most interested to read just as everyone no doubt the new service; it’s not concealed that’s for sure :). Just as a simple quesion – can’t we simply just tell this service to only be started in manual mode and not automatically at start to disable it and the problems it causes??
Respectfully
Steve
I’m a neophyte when it comes to programming and I’m just learning how to understand what’s being written here… but I found this blog by looking for a fix to “my computer runs at a crawl after installing adobe updates” and finding supicious “bonjour.” I have a new computer… it only has 1GB of RAM but it zipped right along after installing trial copies of Photoshop and Illustrator, I liked the software.. bought CS3, installed a trial version of Acrobat (hadn’t gotten the permanent version yet)saw these adobe updates, installed them and WHAM!… my computer runs at a crawl and when I restart some adobe product that I did not know was running has to be manually ended to get off. This is a mess because I’m taking classes online and the response is so slow I’m tearing my hair out trying to get assignments done… I’m going to try John’s fix… nothing else makes sense. One thing though I can’t figure out why you’re discounts all the complaints about slowdowns, I mean for me it’s a serious problem. I’m a single mom, I can’t afford new stuff every week, nor hours spent trying to figure out what the heck just went wrong! Thanks
While I am running a ridiculously fast home built gaming computer and have not noticed any slowdown my problem is this. If there is no issue with Bonjour why is the service listed as “##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##”
when every other service is listed in (Insert your language here)with at least some kind of explanation as to what it does.
Proof that Bonjour affects performance is not the issue it does is a service and as such uses resources How much of a performance hit is immaterial and will vary with the user.
If Bonjour is innocuous and can in fact be disabled why has a simple uninstaller not been provided by Adobe ? There is obviously demand for one. It has been over a year since this thread began, come on now !
I have enough skill to follow the instructions to get rid of Bonjour but the majority of people do not want or have to follow multiple potentially damaging steps to remove Bonjour. While supposedly benign. Bonjour is still unwanted by enough people that an uninstaller or at least an opt-out choice during installation installation would be the responsible thing for Adobe to do.Why has this not been done? I am not a programmer but it seems to me that I would take someone skilled about 5 monutes to incorporate all of the steps listed and referenced in this and other similar threads in to an exe that artists, not engineers could use.
Don’t even get me started on some of the reports of about what I think of the reports of DW phoning Omniture.
“[Didn’t the Sony rootkit thing install executable software that opened security holes on users’ computers and risked destabilizing them? How is that equivalent to displaying a SWF hosted online & having that event be logged sans personal info?
Do you see no difference? It’s the inability or unwillingness to parse these issues, and consequently to paint everyone with the same scandalous brush, to which I object. –J.]”
It does not matter what the differences between Sony’s behavior and Adobes why should there be any swf. or any unsolicited information transmitted at all.you can attempt to deflect by referencing parsing but the main issue of heavy handed corporate arrogance remains.
Don’t get me wrong I love PS, Illustrator and Flash and I have legitimate copies but Open source looks more attractive with each iteration of CS.
I don’t actually use PS of any version. I came across this post while searching on what mdnsresponder.exe is and find out how to remove it.
but is seems to me that all the “add ons” that come with PS should be an optional install, Myself I don’t like seeing anything in the processes tab or windows task manager that I didn’t specifically install, I assume, and rightly so 98% of the time that it is spy/malware.
So anytime I see something in there that I did not install I get nervous.
I also don’t see why Adobe can’t create a custom install, explaining what these added programs do and give their users the option to not install based upon that info.
As a side note, I will be uninstalling Itunes just so I don’t have to keep seeing mdnsresponder.exe in my processes. No reason that it should be there when the progam isn’t running anyways.
Well, don´t know about ps beta, but after effects and full photoshop surely does, as i know of a company who received a call from adobe telling that they had pirate versions of such programs.
It’s been long enough now. Adobe needs to remove Apple’s crapware from CS3, or at least make it an optional component that is not installed by default, at least on non-Apple computers.
[What useful purpose would this serve? What harm is being done by the Bonjour code? –J.]
What useful purpose does Bonjour serve to those of us who don’t use Version Cue? None, so surely it’s common sense to make it an optional install, like Version Cue is itself.
[I agree. –J.]
Wouldn’t it be ethical to make software like “Bonjour” open source and publicly audited by a (user voted) “trusted” third party?
Its almost like the only effective cure for this kind of paranoia is invention of the ultimate political system!
A simpler solution might be Apple releasing something called “Au Revoir” !
Solution please?
S.
Just in case people want to post more comments to this thread: at the time of writing Creative Suite 4 is slated for release. So either stick with CS2 or lower if you still use it (where were you hiding?) or wait for CS4 to drop and find something in that to complain about =)
Although of course if the engineers paid any attention to dearadobe.com (which I expect they did), the CS4 installer will come with a component selection bit just like the last CS3 installer before it was taken offline. And it will also tell you that when you have version cue selected for install, you will be asked to install bonjour as well, through a popped up secondary installer. One which should have a nice little button saying “no thank you, I already have this installed”/”no thank you, I prefer to use Photoshop as standalone, not as part of the Creative Suite”.
Of course if they didn’t do their job, then we can look forward to exactly this thread, just with CS3 replaced with CS4. Somehow I kind of doubt that will happen.
I do not use PS of any version. and also special thanks to the people who posted about mouse slow down problem.
Photoshop does phone home. It sends personal information (IP address at least) and evidence that you may be an illegal user to Adobe if it feels that you are a pirate. Thus, Photoshop is spyware, plain and simple. But this isn’t a bad thing- fighting pirates allows Adobe to keep the price lower.
But just tell the truth, don’t hide behind the legal technicality where some search engines and companies claim that IP addresses aren’t “personal” information because they are not always linked to a single person. IP addresses can be used to sue people (the RIAA does it all the time) and are obviously personal information that can sometimes be traced back.
Bobmoa suggests that fighting Pirates allows software prices to be lower.
Any business that takes a product with an incremental cost of 9 cents and sells it for $800.00 certainly has some slim profit margin issues to deal with. They obviously need lots of help being sure that no one is using their 9 cent cost product without paying.
BTW…Has anyone actually noticed the huge reductions in software cost since piracy has become so much more policed and less common?
Just Wondering……
I think that I will just restore to an earlier date, and never again update itunes.
THIS DOES NOT HELP AT ALL HELP ME MY COMPUTER SAYS: AN UNAUTHORIZED WAS MADE TO WINDOWS AND I O NOT GET IT PLEASE HELP AND IF IT WORKED WITHOUT YOUR HELP THANK LORD. GET A LIFE YOU UNHELPFUL WEBSITE NO HELP AT ALL THAT MEANS YOU ARE NO HELP AT ALL THATS FOR NOTHING WITH LORDS/GODS HELP.
P.S. THANKS FOR APSALUTLY NOTHING.
[Charming. –J.]
Oh, John. You need a site where you can showcase the nutcases you attract here from time to time – I reckon it’d make for a few good laughs 🙂
It seems pretty clear to me that Adobe is company that is intent on invading people’s privacy, and gathering personal information about their web-surfing habits. I was actually VERY surprised that, in addition to tracking all your web browsing history with Flash, without providing any obvious means to delete the Flash cookies that are stored on your machine, that even PHOTOSHOP has some privacy-invading stealth crap in it that no one asked for and no one wants. What about Adobe Reader? Has anyone looked into that? I think Adobe is a VERY shady company, and will be doing my best to avoid their privacy-invading, unasked-for crap as much as I possibly can. I will also be scrutinizing VERY CAREFULLY anything that Adobe installs on my machine. I will certainly never be paying for a product from this VERY SHADY AND SUSPICIOUS COMPANY again.
Here is a link to the page describing how Flash tracks most of your web-browsing history without telling you or informing you.
http://www.imasuper.com/66/technology/flash-cookies-the-silent-privacy-killer/
Note that 98% of PCs have this privacy-invading garbage on them, and that you have to manually sift through a bunch of system folders to delete it. Adobe does give you the false impression, though, that you are safe when you delete the settings from the Panel on their website. I guess they want you to THINK that you’ve deleted all their garbage, while they still retain it on your hard drive, with no obvious way to get rid of it unless you are technically savvy enough to go through your system folders and find this garbage.
I really distrust Adobe, from top to bottom. The fact that a program as un-network intensive as freakin’ PHOTOSHOP is also including software that makes unasked-for network calls (and is probably easily compromised and hackable) indicates to me that this company is intent on invading your privacy anyway they can possibly dream up. I really believe that the “features” of their programs (which seldom ever work very well or efficiently, e.g., Adobe Reader) are something of an AFTERTHOUGHT, and that the main reason for the software IS to invade your privacy.
NEVER AGAIN am I buying a piece of software from this company. And I really don’t care what you think about my post – this is a clear pattern with Adobe, and I wouldn’t trust these people as far as I could throw them.
Still I need to understand how Bonjour works?
Has anyone tried running Photoshop in a VM to keep the malware contained?
I FUCKING YOYO WAY DAMN BETTER THAN ALL YOU FAT LAZY FUCKS! ALLRIGHT!
[I really want this on a t-shirt. –J.]
My computer kept coming to a complete stop but something was running. I looked up the task manager to find out what was happenning and it showed dnsresponder.exe was using up 98 to 99 per cent of my cpu memory.
This would happen for almost an hour at a time, maybe longer as I kept rebooting at that point.
I am not technically savy so I looked up this application and found it was tied to Bonjour which I didn’t know had been installed, again I am not that knowledgeable about these things.
I had a hell of a time to get it off my computer and when I did it did not seem to effect any of my programs.
Whatever the merits of Bonjour it is meaningless when it makes my computer inoperable.
I got to this thread by looking for information about Bonjour — which in my case was installed as part of I-Tunes.
I have no dog in the fight over Adobe apps phoning home, as the only ones I use are the ubiquitous Reader and the Shockwave/Flash players. That these phone home is undeniable, as the Reader constantly harasses me to upgrade to the latest version (which I do not do, since the UI, IMHO, sucks).
However, I am concerned about the connection to 192.168.112.2o7.net/Omniture that some of these apps are making. 2o7.net has long been a source of tracking cookies that persist from website to website; their cookies are detected as a threat by every malware detection and removal app I have ever used. A quick browser visit to http://www.2o7.net/ will show that the company is quite open about the nature of their business — and that the have been acquired by Adobe!
Sorry, John, but Adobe voluntarily associating itself with Omniture makes it difficult to insist that Adobe has no interest in invading users’ privacy. Quite skillful, however, to emphatically deny Bonjour’s complicity while ignoring the accusations against the major apps!
I guess I will continue to use open source apps, like the GIMP, that I can verify as well as trust! That’s not a doctrinal statement, but it IS how doctrine is formed.
Adobe and J,
Regardless if bonjour is legit or not, this thread is another example of Adobe ignoring user requests.
If removing bonjour can impact on other programs then include an obvious disclaimer in the uninstaller. If users are requesting it, then provide it regardless if the program is harmful or legit.
Providing somethething that users have requested does not admit any fault or liability, it simply provides customer service. Even if Adobe staff think users are insane for the request, customer service dictates it should be provided. After all, it’s users that make a company like Adobe.
To put this in further perspective, over the last few years I have purchased a number of Adobe products for large organisations. I have run into various technical difficulties/failures of programs to do what they are supposed to do, what Adobe has confirmed they should do. In one instance I replaced a number of workstations as I needed something that worked and after two months of waiting for Adobe to find a fix, I couldn’t have an entire team crippled any longer.
I have called Adobe tech support on a number of occasions and can provide Adobe tech support case numbers.
In all my dealings with Adobe, I have NEVER received a fix to a problem from Adobe. I have always had to have others figure out ways to fix these problems.
This thread demonstrates the same approach, users are providing answers rather than Adobe. Adobe has released statements saying the software is legit, is concerned that if it is removed it may impact on other programs and hopes that such things will not happen again. This is not enough.
Perhaps this is a communication problem Adobe needs to address, or perhaps it is a matter of considering how the company addresses user feedback.
When users find something confusing or concerning, don’t just say ‘we are aware of it’, do something about it, even if it is just part of a communication campaign (larger than posting in a blog).
I’m hoping Adobe changes it’s approach to customer feedback or I, and the organisations I buy for, will be switching to competitor products where possible. In fact, I have already shifted the advice I provide to include warnings of Adobe stability and reliability.
Cheers,
Matt
Years ago I had realized what a piece of dreck Bonjour was. It installed, without my knowledge or consent (albeit, I gave the Consent Agreement the usual mini-glance, their bad for hiding it deeeeeep into the agreement) and, of course, it screwed up my entire system. Never again. Since, I have not installed anything from Apple. As far as I am concerned, it is malware/spyware.