How to disable HP’s built-in keylogger on PC

Costea Lestoc By: Costea Lestoc
2 minute read

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patented Technologies (requires upgrade).

HP delivers some of its laptops with a pre-installed keylogger with its audio drivers. Here’s what you need to do to remove it.

What does this keylogger do?

Researchers have discovered a keylogger that comes packaged with the Conexant HD Audio Driver Package in version 1.0.0.46 and earlier. Along with this audio driver, there is a file named MicTray64.exe that features a scheduled task to run each time the users longs on to their system. From this, all keystrokes are then stored in a plaintext file (at C:\users\public\MicTray.log), something most users won’t be too excited about.

Other users of that specific machine will be able to access the file and it may even possible that any program installed on the computer could access it. In the case there is malware involved, the results can be quite devastating.

How to block HP’s key logger

On Reddit, a user named “_My_Angry_Account_” presented a successful solution that will prevent the built-in keylogger from running. Here are the necessary steps you need to take:

  1. Start the Registry Editor.
  2. Go to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\currentversion\image file execution options.
  3. Right click on the image file execution options > New > Key
  4. Name the new key MicTray.exe
  5. Right click new MicTray.exe key > New > String Value

  6. For various PC problems, we recommend this tool.

    This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

    1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
    2. Click “Start Scan” to find Windows issues that could be causing PC problems.
    3. Click “Repair All” to fix all issues with Patented Technologies (requires upgrade).

  7. Assign a name to the new value debugger
  8. Set the new debugger string value to: devenv / debugexe

Further on, the user explains what all this will result in:

It forces any .exe file named MicTray or MicTray64 to go through a debugger and this causes it to fail. This is also how I nerfed the GWX.exe that would auto upgrade computers to Windows X.

*edit to add – If you are running Windows 64-bit then steps 4 and 5 should be:

  1. Name the new key MicTray64.exe
  2. Right click new MicTray64.exe key > New > String value

To check your version of Windows the shortcut is to hold down your Windows Key and press Pause (Break) or in Windows 8.1 and 10 you can right click on the start button and click on System. In previous versions you can right click on Computer or My Computer and click on Properties to find out what version of Windows you are running.

28 models of machines released by HP seem to be affected by this keylogger for now.

RELATED STORIES TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patented Technologies (requires upgrade).

Discussions

Next up

Dutch Regulators catch Windows 10 breaching GDPR

Giles Ensor avatar. By: Giles Ensor
3 minute read

Two years in the offing and GDPR is still being breached. It will come as no surprise to many that a big, American tech company […]

Continue Reading

Microsoft was just playing with Mail ads and turned them off

Giles Ensor avatar. By: Giles Ensor
3 minute read

The symbiosis of the internet and advertising has long been understood. Everyone understands that if you have access to something that is ‘free’, inasmuch as […]

Continue Reading

Mozilla adds alerts about recently breached sites into Firefox browser

Giles Ensor avatar. By: Giles Ensor
3 minute read

Firefox has announced that it will start to warn users if they visit any breached sites. This is in an attempt to not only make […]

Continue Reading