HP computer owners: Check for the MicTray Conexant keylogger


Today, while Microsoft extols the virtues of Windows 10 S and HoloLens at the , many who have an HP machine will be dealing with a new, unexpected tech problem.

Swiss security firm modzero AG released a white paper () that contains details about a keylogger in certain HP audio drivers. The keylogger stores records of all of your keystrokes in a file located in the public folder C:UsersPublicMicTray.log.

Fortunately, there’s an easy way to check to see if the MicTray keylogger is on your machine and, if so, to get rid of it.

According to modzero, the keylogger is part of the driver set for Conexant audio chips. In its , modzero says:

will tell you—go through those steps, make sure that MicTray64.exe gets renamed, and delete current and backed-up copies of MicTray.log.

Modzero isn’t happy with the runaround it’s getting from HP. The group says it discovered the keylogger in MicTray back on April 28. Modzero contacted Conexant the same day, and when the keylogger was found in the latest audio drivers, it contacted HP Enterprise on May 1. Then on May 5, modzero got a response from HP Enterprise, which “tried to reach for security folks at HP Inc. to gain attention.” Looks like HP Enterprise and HP Inc. aren’t talking to each other—I bet they start talking now.

Discussion continues on the .