Smart Buyer
  • Shop On NeweggBusiness
  • Categories
    • Buying Guides
    • Components
    • DIY and How-to
    • Industry Trends
    • NetSec
    • Networking
    • Storage
    • Systems – PC & Laptop
    • Windows
  • About
  • Why NeweggBusiness?
  • Contact Us
Top Posts
PC Cooling: How to Set up Computer Case...
5 Ways to Stream from PC to TV...
How to Choose the Correct RAM Upgrade
How to Troubleshoot a PC Power Supply
Four Apps that Make Your Tablet a Second...
2019 Solid State Drive (SSD) Buying Guide
6 Reasons Your PC is Slow and How...
How-to Guide: Small Office Network Setup
Born in the USA: Computer Hardware Made in...
Computer Monitor Buying Guide 2019

Smart Buyer

  • Shop On NeweggBusiness
  • Categories
    • Buying Guides
    • Components
    • DIY and How-to
    • Industry Trends
    • NetSec
    • Networking
    • Storage
    • Systems – PC & Laptop
    • Windows
  • About
  • Why NeweggBusiness?
  • Contact Us
NetSec

How to Get Rid of a Rootkit & Bloatware

by Wallace Chu August 14, 2015
by Wallace Chu August 14, 2015 1 comment 8422 views

Savvy users have detected pre-installed software on Lenovo laptops and desktops. Earlier in the year, Lenovo was found to have been shipping computers with Superfish adware, which left private user data compromised. This newly found software—officially branded as Lenovo Service Engine (LSE)—goes deeper. Some IT professionals have even taken to calling it a rootkit, though technically it is not a rootkit.

What is Lenovo Search Engine?

LSE takes advantage of a feature in Microsoft Windows designed to allow manufacturers to load essential software onto systems. Named Windows Platform Binary Table (WPBT), Lenovo used the feature executable software that prompted users to install bloatware.

Even after a clean install, with the storage drive completely wiped, Lenovo’s LSE still manages to install itself along with Windows. Now this goes against the purpose of WPBT, according to Microsoft in their WPBT documentation (Warning: .docx file).

“The primary purpose of WPBT is to allow critical software to persist even when the operating system has changed or been reinstalled in a “clean” configuration. One use case for WPBT is to enable anti-theft software which is required to persist in case a device has been stolen, formatted, and reinstalled.”

The way LSE manages to survive a drive reformat is a stroke of genius—they stored it in the BIOS ROM chip. A drive format doesn’t ever touch that ROM chip, so LSE always remains safe.

How to get rid of Lenovo Service Engine

On Spiceworks, Lenovo has responded by stating that they released a new BIOS firmware to address the issue for consumer notebooks and desktops. See the desktop and notebook BIOS update download links for more information. They specifically say that LSE was not on any “Think-brand” devices. This means it shouldn’t be an issue for their business-grade computers

If you want to remove it manually, resourceful user ge814 on the Ars Technica forums also posted an independent solution for removing the LSE ‘rootkit’ in a thread. Performing the fix requires some degree of technical know-how and you will find yourself disassembling the computer to get at the flash ROM chip that stores BIOS.

Getting rid of other bloat/ad/spy/mal-ware

Even if you don’t have a system with LSE installed, your computer could have bloatware from the factory or spyware from third party installations. These programs can sap performance in the best of cases or compromise your privacy in the worst. Follow our best practices to avoid adware so you don’t have to remove them.

But if your system has been compromised with bloatware, adware, spyware, or malware, you fortunately have several options.

  • Manually identifying and uninstalling malware. It can take a while and is best done after a fresh install, prior to installing any third party program. After a long period of use, you may have a hard time discerning if a particular program was installed by yourself or bloatware.
  • Revo Uninstaller – Often, manually uninstalling programs still leaves traces of that program in your Windows registry file. Revo not only uninstalls programs, but it also cleans your registry to ensure that they don’t leave anything behind that could slow down your system.
  • CCleaner – A tool to remove malware that can remove many programs at once, saving you time. Both free and purchase versions are available for download. Run it every few months to ensure your system stays malware free.
  • PC Decrapifier – Made specifically to rid your system of bloatware, it can also get rid of programs installed computer at a later date. It scans your system for known bloatware and identifies them for you.
  • Should I Remove It? – If you come across a program and don’t know if it is bloatware or an actually useful program you installed, consult this program. You can download their program or use their website as a search engine for bloatware.

Conclusion

Having to get rid of bloatware and rootkits manually is a pain, but would you rather pay to get rid of it? Surprisingly, Sony at one time actually attempted to charge users an additional $50 to buy PCs with the bloatware removed. Thankfully with some time and the programs above, you can remove them yourself. As for rootkits, just stay vigilant and follow HardBoiled for the latest news.

Wallace Chu

Wallace Chu

A self-professed tech hipster that loves computers and music. Uses an iPhone ironically.

More Posts - Google Plus

Summary
How to Get Rid of the Lenovo Rootkit & Bloatware - HardBoiled
Article Name
How to Get Rid of the Lenovo Rootkit & Bloatware - HardBoiled
Description
Lenovo was recently found to have included rootkit-like software in their laptops and desktops. We go over how to get rid of it and other bloatware.
Author
Wallace Chu
bloatwarelenovooperating systemsrootkitsoftware
1 comment
0
FacebookTwitterGoogle +PinterestEmail
Wallace Chu
Wallace Chu

A self-professed tech hipster that loves computers and music. Uses an iPhone ironically.

previous post
How Much Would You Pay for a 16 TB SSD?
next post
Straight Outta Cupertino: Intel Products that Changed the World

Related Posts

Remote Workforce Security: Tips and Best Practices

December 9, 2020

Aruba Instant On Wants to Simplify Your Small...

August 2, 2019

What is ‘Fileless’ Malware Found Inside Server Hardware?

October 4, 2018

How to Layer Antivirus Software Without Slowing Your...

May 21, 2018

Securing the Office Printer in Six Steps

May 14, 2018

How to Wipe a Hard Drive Securely

April 23, 2018

Six Router Features That Optimize Small Business Networks

March 21, 2018

Secure a Wireless Network with Access Point Isolation

March 7, 2018

How to Work Remotely While Keeping Secure and...

November 14, 2017

Tips for Ransomware Removal, Detection, and Prevention

November 1, 2017

1 comment

8 Essential Windows Apps You Must Have - HardBoiled October 22, 2015 - 3:15 pm

[…] How to Get Rid of a Rootkit & Bloatware […]

Reply

What's your take? Cancel reply

Subscribe

  • 1

    PC Cooling: How to Set up Computer Case Fans

    February 11, 2021
  • 2

    5 Ways to Stream from PC to TV or Digital Display

    May 23, 2016
  • 3

    How to Choose the Correct RAM Upgrade

    April 28, 2015
  • 4

    How to Troubleshoot a PC Power Supply

    July 11, 2018
  • 5

    Four Apps that Make Your Tablet a Second Monitor

    January 9, 2018
  • 6

    2019 Solid State Drive (SSD) Buying Guide

    December 6, 2018
  • 7

    6 Reasons Your PC is Slow and How to Fix It

    February 28, 2019
  • 8

    How-to Guide: Small Office Network Setup

    December 20, 2018
  • 9

    Born in the USA: Computer Hardware Made in America

    September 27, 2018
  • 10

    Computer Monitor Buying Guide 2019

    January 4, 2019

Newegg + Business

How is this different from Newegg.com?

Why NeweggBusiness?
  • Facebook
  • Twitter
  • Linkedin
  • Email