Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

HP computers keylogging

  • 11-05-2017 5:28pm
    #1
    Registered Users, Registered Users 2 Posts: 9,605 ✭✭✭


    Conexant's MicTray64.exe is installed with the Conexant audio driver
    package

    The program monitors all keystrokes made by the user

    Any process that is running in the current user-session and therefore
    able to monitor debug messages, can capture keystrokes made by the
    user.
    Processes are thus able to record sensitive data such as
    passwords, without performing suspicious activities that may trigger
    AV vendor heuristics


    The following systems are affected:


    HP EliteBook 820 G3 Notebook PC
    HP EliteBook 828 G3 Notebook PC
    HP EliteBook 840 G3 Notebook PC
    HP EliteBook 848 G3 Notebook PC
    HP EliteBook 850 G3 Notebook PC
    HP ProBook 640 G2 Notebook PC
    HP ProBook 650 G2 Notebook PC
    HP ProBook 645 G2 Notebook PC
    HP ProBook 655 G2 Notebook PC
    HP ProBook 450 G3 Notebook PC
    HP ProBook 430 G3 Notebook PC
    HP ProBook 440 G3 Notebook PC
    HP ProBook 446 G3 Notebook PC
    HP ProBook 470 G3 Notebook PC
    HP ProBook 455 G3 Notebook PC
    HP EliteBook 725 G3 Notebook PC
    HP EliteBook 745 G3 Notebook PC
    HP EliteBook 755 G3 Notebook PC
    HP EliteBook 1030 G1 Notebook PC
    HP ZBook 15u G3 Mobile Workstation
    HP Elite x2 1012 G1 Tablet
    HP Elite x2 1012 G1 with Travel Keyboard
    HP Elite x2 1012 G1 Advanced Keyboard
    HP EliteBook Folio 1040 G3 Notebook PC
    HP ZBook 17 G3 Mobile Workstation
    HP ZBook 15 G3 Mobile Workstation
    HP ZBook Studio G3 Mobile Workstation
    HP EliteBook Folio G1 Notebook PC



    https://www.modzero.ch/advisories/MZ-17-01-Conexant-Keylogger.txt




    .


Comments

  • Registered Users, Registered Users 2 Posts: 2,344 ✭✭✭p to the e




  • Posts: 11,614 ✭✭✭✭ [Deleted User]


    So glad my EliteBook runs Debian.


  • Registered Users, Registered Users 2 Posts: 1,333 ✭✭✭gaz wac


    was posted on another forum:
    I just added a registry key that will prevent it from ever being able to run on my computer, even manually:
    1. Start the Registry Editor (regedit).
    2. In the Registry Editor, navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\currentversion\image file execution options.
    3. Right click on image file execution options > New > Key
    4. Name the new key MicTray.exe
    5. Right click new MicTray.exe key > New > String value
    6. Name the new value debugger
    7. Set new "debugger" string value data to: devenv /debugexe
    It forces any .exe file named MicTray or MicTray64 to go through a debugger and this causes it to fail. This is also how I nerfed the GWX.exe that would auto upgrade computers to Windows X.
    *edit to add - If you are running Windows 64-bit then steps 4 and 5 should be:
    4. Name the new key MicTray64.exe
    5. Right click new MicTray64.exe key > New > String value
    To check your version of Windows the shortcut is to hold down your Windows Key and press Pause (Break) or in Windows 8.1 and 10 you can right click on the start button and click on System. In previous versions you can right click on Computer or My Computer and click on Properties to find out what version of Windows you are running.


  • Posts: 0 [Deleted User]


    New driver available.

    ftp://ftp.hp.com/pub/softpaq/sp80001-80500/sp80264.exe
    ftp://ftp.hp.com/pub/softpaq/sp80001-80500/sp80264.html

    Interestingly, MicTray64.exe is significantly smaller than it was in the dodgy versions.


  • Registered Users, Registered Users 2 Posts: 36,538 ✭✭✭✭Hotblack Desiato


    What did anyone running Windows expect?

    In Cavan there was a great fire / Judge McCarthy was sent to inquire / It would be a shame / If the nuns were to blame / So it had to be caused by a wire.



  • Advertisement
Advertisement