How to Remove Conexant Keylogger Found on HP Laptop Models


Note: Security researchers said this keylogger vulnerability could also be found in non-HP laptops.

Modzero, a security firm in Switzerland, has discovered a Conexant keylogger pre-installed on certain laptop models. However, the software includes a debugging feature that sends all keystrokes through a debugging device or deposits them to a log file in a public directory on the hard drive.

A Swiss cybersecurity firm revealed on May 11 HP laptops are secretly recording user's keystrokes. Information in the software's meta-data indicated it "already existed on HP computers since at least Christmas 2015". It's created to monitor keystrokes and respond to user input, probably to respond to commands to mute or unmute the microphone, or begin capturing information within an application.

Conexant also develops drivers for its audio chips, so that the operating system is able to communicate with the hardware.

Читайте также: Arsenal loss has focused Man United minds on Europa League, says Mata

Keyloggers capture a person's key strokes on a keyboard or pinpad.

Find out what construction giant Amey, Lloyds Banking Group, Financial Times and other big names are doing in big data and the Internet of Things. If the log file doesn't exist, the audio driver's API can let malware capture the keystrokes instead. In version, only OutputDebugString was used to forward key scancodes and nothing was written to files. All the developer would need to do is disable logging and reset to debug-logs in the development environment. People can check to see if their HP computer is at risk by searching for the files C:\Windows\System32\MicTray.exe or C:\Windows\System32\MicTray64.exe. The report ends by noting that there is no evidence to suggest that the keylogger was implemented intentionally but should still be considered risky nonetheless.

Contextant didn't immediately respond to a request. Hopefully now that the information is public, HP will go back and do something about it. That means the information stored in the log is likely to remain private as long as affected computers and any backups they use remain properly secured.

Users who do not want to wait for the patch can simply search for the following files and delete them: C:\Windows\System32\MicTray.exe or C:\Windows\System32\MicTray64.exe.

При любом использовании материалов сайта и дочерних проектов, гиперссылка на обязательна.
«» 2007 - 2018 Copyright.
Автоматизированное извлечение информации сайта запрещено.

Код для вставки в блог