First Sony installs spyware, now Lexmark does.

In one of our industry forums that I visit, there has been quite a buzz with the Lexmark Return Program cartridges, and how much a pain they are.  Recently one of the members posted a message about a file called lx_cats and that deleting it helped his customer.  So I did some digging and found a great article at http://www.theinternetpatrol.com.

Do you have a Lexmark printer? If so, you could also have Lexmark’s Lx_CATS spyware — which Lexmark euphemistically calls “tracking software” for “reporting printer and cartridge use back to the company for survey purposes” — living on your computer, without your knowledge.

A user calling himself “Commander” has posted to the printer-focused Usenet group, comp.periphs.printers, that:

“Just the other day I purchased a new Lexmark X5250 All-in-one printer. I installed it as per the instructions and monitored the install with Norton as I do with all new software.

On reviewing the install log I noticed a program called Lx_CATS had been placed in the c:program files directory. I investigated and found a data log and an initialisation file called Lx_CATS.ini. Further investigation of this file showed that Lexmark had, without my permission, loaded a Trojan backdoor on to my computer. Furthermore, it is embedded into the system registry, so average users would likely never know it was there and active.”

Commander noticed that the spyware was programmed to surreptitiously report back to a URL, http://www.lxkcc1.com, every thirty days. lxkcc1.com is registered to Lexmark International, Inc..

When Commander called Lexmark to demand an explanation, the company first denied that they had installed any spyware at all. Ultimately the person with whom he spoke conceded that Lexmark installs “tracking software” on their users’ computers “to report back on printer and cartridge use for survey purposes.” While the Lexmark representative avowed that they did not transmit any personal information, they also admitted that the program does transmit the printer’s serial number, which of course is registered to the user. No personal information my foot!

Rumours of the installation of spyware along with their printer software have swirled around Lexmark for several years, and posts to Usenet complaining of Lexmark spyware date from as early as 2001. Some users complain of their computer trying to connect to the Internet every time they print a document; others worry that the program is reporting not only their cartridge usage, but whether they are using non-Lexmark cartridges, or even refilling their own cartridges, thus possibly setting the stage for a denial of warranty service.

According to “Commander”, the offending files include a program file called lx_CATS, and a related .ini file, lx_CATS.ini, as well as 2 DLL files in the c:program fileslexmark500 folder.

In order to remove Lexmark’s spyware from your system, delete the file (probably in your c:program directory) called “lx_cats.exe”, and also search for and remove a file called “lx_cats.ini” (and, for that matter, any other file including the term “lx_cats”).”

It seems that Lexmark is taking Sony’s playbook for a ride.  If you delete these files and folders, do not worry, your printer will still work, however your ink level might remain at low, even when you exchange your cartridge.  We are recommending all of our customers to delete these files ASAP.

For the full article visit here

Advertisements

3 Responses to First Sony installs spyware, now Lexmark does.

  1. […] First Sony installs spyware, now Lexmark does. click here here […]

  2. Penny says:

    Thanks for the info! I just loaded the Lexmark Z715 Software from the Lexmark site. As part of the setup it asked if I wanted to register my printer, and I declined. I just did a search for the files you mentioned, and they are not on my computer – perhaps they are loaded as part of the registration process? Maybe I got lucky because I didn’t register the printer…

    Thanks for the info!!! I just had to reload ALL my software because I couldn’t get rid of the stubborn browser hijacker X-max.net any other way, so I am being super careful!

  3. Zaman says:

    Thanks for the info. Great blog indeed.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: