Showing results for 
Search instead for 
Do you mean 
Punch Card
Posts: 2
Registered: ‎02-27-2008
Location: Earth
Message 1 of 1 (819 Views)

Lenovo ThinkVantage Toolbox /

I do not understand why Lenovo is using to assist in processing links to lenovo's website from the Toolbox.


I encourage others to verify this using a packet analyzer as well.


The LT Toolbox DOES submit http requests to I verified this by running a packet analyzer while clicking the link to download Rescue and Recovery software from the Toolbox and was able to review the process that the Toolbox uses to attempt to download software or link to information at lenovo's website.


Step 1. Upon clicking the link in LT Toolbox, the Toolbox software sends an HTTP request to a proxy server at


Step 2. replies with an XML file that contains multiple URL values. Which one the Toolbox uses appears to be related to the user's country and language. Each URL is to with a query string that appears to be a URL to lenovo's website.


Step 3. The toolbox then uses the computer's web browser to connect to the URL for referenced in the XML file. For example: (


Step 4. This is where it gets interesting:  If the URL redirect provided is valid the browser never displays the link to and the software download begins. However, if the redirect is invalid, the web browser displays the "Object Not Found" page at and the software (or information if it was a link for information) fails to download.



Additional Information:


1. Many of the links provided in the Lenovo ThinkVantage Toolbox software do exactly the same steps as posted above.


2. I tested this over a 96 hour period. During that time, the only time my computer attempted to connect to was when I specifically clicked a link in LT Toolbox software.


3. I honestly do not believe this is doing anything malicious. However, I was surprised to see that the developers at Lenovo designed the Toolbox software to work this way. Why would they want to use anyway?



Top kudoed Authors