Trying to get rid of Computrace Lojack

Hi all!

I own a Lenovo 3000 C200 laptop from about 3 years, and I'm
tired of having rpcnetp replicating itself all the time. I'm decided
to mod the bios to eliminate Computrace lojack, but there are
some points that are not so clear.

According with de hints I've seen at http://tinyurl.com/kuab7v
(altough at this moment the page is not responding) the steps
are the following:

Step 1.- Install Phoenix Bios Editor 2.2.0.1, donwload the lastest
BIOS update and open the WPH file (I uploaded the PBE and my
Lenovo BIOS to rapidshare: http://tinyurl.com/mp5tsx )

QUESTION 1: When opening the BIOS file, there are several
"unsupported module" warnings, that can be ignored resulting
that the BIOS file is finally opened. I assume that it warns
about there are modules that the program does not know how to
handle, but if we don't want to modify that modules, there
is no worry about it, ¿ok?

Step 2.- With the BIOS file loaded in the Phoenix Bios Editor,
we have the individual files unpacked at
C:\Phoenix bios editor path\TEMP, and we have to manually locate
the modules that are involved with computrace lojack.

QUESTION 2: I found "MOD_5A00.ROM" that starts with a text
saying: "Uª/ëCompuTrace V80.854°". However, in the tutorial
says that there are TWO computrace modules, the other is
"mod_4a00.rom". I don't have that file in my BIOS. The
question is: Really there MUST be always 2 computrace
modules? in that case ¿How can I locate the other file?

Step 3.- Edit the file(s) with an hex editor, and fill them
with Zeros until they are exactly the same size as the
originals. Then, in Phoenix Bios Editor, change any
character in any string, and then put it back, just to
make the File\Build Bios menu option avalaible. Then
build the bios, and flash the laptop with the new file.

QUESTION 3: When "zeroing" the files, the new bios
checksum will not fail? Or the Phoenix Bios Editor
makes it match?

QUESTION 4: If I just patch the computrace module file,
the BIOS will not keep trying to run it at boot time, giving
an error or a system hang?

QUESTION 5: If I crash up the whole thing, I've read that
there are a proccess to recover dead phoenix bios. Creating
a disk with the good bios, and pressing FN+B before
booting the laptop. It is supposed that this way the
computer boots in a special mode with no video and
flashes itself. I've tried to boot FN+B and yes, I
get the laptop and the fan ON, with no video, so I
suppose that my Lenovo has the bios recovery feature.
However, I don't have an USB floppy reader, so the
question is: This method works on lenovo computers
witn an usb pendrive?

QUESTION 5: Anyone here has succeeded on removing
computrace from a Lenovo BIOS with this method?

Thanks in advance for paying attention to my post,
and please excuse any bad spelling, because my
english is not so good.

Greetings from Spain,
TBA

 

i don't think anyone can or would answer your question...don't hold it against them.

 

I can't really help you, but if you're looking for BIOS modders, many of them hang out around mydigitallife.info
Good luck

 

Why not? I think that anyone that had tried to do it before would have
any thing to say, may be some advice.

Thank you, I will take a walk around there. I post it here before to see
if any Lenovo user has succeeded before in this task.

 

the reason i say that is because after people steal a computer, they want to know how to remove computrace. i'm sure you didn't steal the computer or doing anything malicious but still, most people do not provide this information on the internet for that reason. you can try to find a guide or a tutorial but i doubt you will find one that works.

good luck

 

I understand... however, if anyone wants to use a stolen laptop,
it is very easy to defeat the protection. Just install a firewall
and deny access to internet to the .exe and .dll computrace
files. As simple as that. The reason to remove AT ALL the
program is that I don't want in my PC any program that
I don't have installed, and that has been put there, hidden,
without my permission. Also, it acts as a trojan, so in few
words, I DON'T LIKE IT.

I understand the ones that think this information is not to
be given away to anyone, but, just to mention an example,
there are dozens of web pages teaching how to lock pick...
I mean: the knowledge is there. The good or bad use we
make of it is each one's responsability.

Also, there is another reason for wanting to delete that
bad software:

http://blogs.zdnet.com/security/?p=3828

 

Its actually not quite that easy, and even then if you were forced to download the firewall you would hit the internet but anyways thats not the point. Computrace sells for money because a typical pereson cant google "bypass computrace" and find 3 easy steps to render the protection completley useless.

But I will do my best to answer your questions, for step two there is no harm in just trying it assuming the steps are legimiate.

No clue on step 3 on why it works, if you trust your directions then go ahead.

there are ways to flash off a usb drive that you can look up if you are curious. That is easy to obtain information and is actually very useful when you are playing with your BIOS since a lot could go wrong. I would definitely do this before going any further