From: "Jon Harrison" Received: from [192.168.100.201] (HELO mail.2rosenthals.com) by 2rosenthals.com (CommuniGate Pro SMTP 5.1.16) with ESMTP id 2136203 for ecs-t6x@2rosenthals.com; Thu, 20 Nov 2008 23:33:58 -0500 Received: from static-71-171-102-26.clppva.fios.verizon.net ([71.171.102.26] helo=mail2.2rosenthals.com) by secmgr-ny.randr with esmtps (TLSv1:AES256-SHA:256) (Exim 4.43) id 1L3NiN-0001qb-0p for ecs-t6x@2rosenthals.com; Thu, 20 Nov 2008 23:33:57 -0500 Received: from pop3.greatbasin.net ([207.228.35.5]:47892) by mail2.2rosenthals.com with esmtp (Exim 4.69) (envelope-from ) id 1L3NiK-0007Vx-21 for ecs-t6x@2rosenthals.com; Thu, 20 Nov 2008 23:33:53 -0500 Received: from DP6550.seadog.reno.nv.us (seadog.reno.nv.us [216.82.144.188]) (authenticated bits=0) by pop3.greatbasin.net (8.13.8/8.13.8) with ESMTP id mAL4XnPF024273 for ; Thu, 20 Nov 2008 20:33:51 -0800 Received: from tyan@seadog.reno.nv.us (TYAN [192.168.1.35]) by DP6550.seadog.reno.nv.us (Weasel v1.78) for ; 20 Nov 2008 20:33:48 -0800 X-CTCH-RefID: str=0001.0A010205.49263A31.0015,ss=1,fgs=0 Message-ID: <000-2b3a2649-36908.015@seadog.reno.nv.us> To: "eCS ThinkPad T60/61 Mailing List" Date: Thu, 20 Nov 2008 20:33:47 -0800 (PST) In-Reply-To: References: Priority: Normal User-Agent: PMMail/3.03 (os/2; U; Warp 4.5; en-US; i386; ver 3.03.00.1202) X-Mailer: (Demonstration) PMMail (Alpha 1) 3.03.00.1202 for OS/2 Warp 4.5 MIME-Version: 1.0 Content-Type: text/plain;charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: Lenovo malware X-Spam-Score: 0.0 (/) X-Spam-Report: _SUMMARY_ Although this info is not applicable to eCS I figure there may be some readers here who occasionally use XP on their TP. So here is something FYI. Lewis: If you think this is inappropriate then I apologise and please remove this in that case. jon Thursday November 20, 2008 Lenovo Ships Malware With Software A Windows XP software package distributed by Lenovo earlier this week was infected with malware. The program has been removed from the Lenovo site. The problem was in the Lenovo Trust Key software for Windows XP, a digitally signed driver package for Windows XP SP2 systems. The application is used for secure logon and secure private folders. Microsoft identified the infection as Win32/Meredrop, a Trojan dropper. Such programs download and install other malicious programs. Other anti-virus vendors are detecting the threat as a 'hooligan' virus or a porn dialer. Even though the report indicates that it is the XP version which is affected, the Vista version is also no longer available on the Lenovo site. Perhaps the are the same version. In such cases it is good practice to revoke the digital certificate used to sign the package. I have no word yet on whether Lenovo will do this. If they do so and have used the same certificate to sign other packages, all of those will need to be resigned and re-issued. source: http://blogs.pcmag.com/securitywatch/2008/11/lenovo_ships_malware_with_soft.php