Lenovo using rootkit-like tool to reload their software on clean Windows installs

It seems that year 2015 is not a great year for Lenovo in terms of publicity. In fact, there have been several issues with their PCs and laptops that have given Lenovo a negative publicity. Earlier it was SuperFish, that was pre-installed on brand new Lenovo PCs and which was classified as adware. Then there was the Lenovo system update tool issue. This time, Lenovo is caught using some rootkit-like tool to reload their bloatware, even on the PCs with clean Windows installs. That is certainly not a great news for Lenovo users.

lenovo-logo

How Lenovo reloads its bloatware

The biggest question arises here is that, how Lenovo is able to reload their bloatware, even after the users have wiped the system and installed Windows freshly? The company is certainly not using any recovery image for this purpose. And another important thing to notice is, these bloatware are getting installed even when there is no active internet connection with the system. Seems really mysterious!

Actually, the rootkit is the secret here. The rootkit is nothing but a Windows feature which is known as Windows Platform Binary Table (WPBT). Using WPBT, manufacturers of PCs and laptops makes sure that the trusted and most important software that is extremely necessary for the system to run smoothly, is installed effortlessly. This kind of software is stored inside the PC on a physical medium. This is generally a hidden partition on an HDD or SSD. And to make the installation automatic, Windows is instructed that way.

However, the only limitation this technique has, that only one software can be installed in this way. Lenovo is using rootkit for nagging users to install other bloatware apart from the one that gets installed automatically. Lenovo is violating Microsoft’s guidelines in which it is stated that the users should have an option to opt out of any installation instruction. However, Lenovo is not giving any option to the users to do the same. WPBT is a common practice used by several manufacturers. However, Lenovo is kind of misusing the rootkit.

However, there’s a way out. One of ArsTechnica forum user has shared instructions on how to re-flash your Lenovo system, so that it does not install the bloatware again.

Download this VPN to secure all your Windows devices and browse anonymously
Posted by with Tags
Ankit Gupta is a writer by profession and has more than 7 years of global writing experience on technology and other areas. He follows technological developments and likes to write about Windows & IT security. He has a deep liking for wild life and has written a book on Top Tiger Parks of India.