- #Conexant hd audio driver disable drivers
- #Conexant hd audio driver disable windows 10
- #Conexant hd audio driver disable windows
Any framework and process with access to the MapViewOfFile API should be able to silently capture sensitive data by capturing the user's keystrokes.
#Conexant hd audio driver disable windows
If the logfile does not exist or the setting is not yet available in Windows registry, all keystrokes are passed to the OutputDebugString API, which enables any process in the current user-context to capture keystrokes without exposing malicious behavior.
In addition to the handling of hotkey/function key strokes, all key-scancode information is written into a logfile in a world-readable path (C:\Users\Public\MicTray.log). Monitoring of keystrokes is added by implementing a low-level keyboard input hook function that is installed by calling SetwindowsHookEx(). The program monitors all keystrokes made by the user to capture and react to functions such as microphone mute/unmute keys/hotkeys. The infection method seems simple enough:Ĭonexant's MicTray64.exe is installed with the Conexant audio driver package and registered as a Microsoft Scheduled Task to run after each user login. It’s still there today with driver Version 1.0.0.46. Modzero says it found evidence of the problematic behavior going all the way back to December 2015. It's an impressive lineup, including many current models.
#Conexant hd audio driver disable windows 10
The Security Advisory goes on to list almost 30 HP machines known to use the bad drivers, including EliteBook, ProBook, ZBook, and Elite x2 models running both Windows 10 and Win7.
#Conexant hd audio driver disable drivers
Probably other hardware vendors, shipping Conexant hardware and drivers.Recent and previous (Q2/2017) HP Audiodriver Packages / Conexant High-Definition (HD) Audio Driver Version 10.0.931.89 REV: Q PASS: 5 ().įortunately, there’s an easy way to check to see if the MicTray keylogger is on your machine and, if so, to get rid of it.Īccording to modzero, the keylogger is part of the driver set for Conexant audio chips. The keylogger stores records of all of your keystrokes in a file located in the public folder C:\Users\Public\MicTray.log. Swiss security firm modzero AG released a white paper ( PDF) that contains details about a keylogger in certain HP audio drivers. Today, while Microsoft extols the virtues of Windows 10 S and HoloLens at the Build keynote, many who have an HP machine will be dealing with a new, unexpected tech problem.
0 kommentar(er)
