Swiss cyber-security firm modzero discovered the keylogger on April 28 and made its findings public today.
According to researchers, the keylogger feature was discovered in the Conexant HD Audio Driver Package version 1.0.0.46 and earlier.
This is an audio driver that is preinstalled on HP laptops. One of the files of this audio driver is MicTray64.exe (C:\windows\system32\mictray64.exe).This file is registered to start via a Scheduled Task every time the user logs into his computer. According to modzero researchers, the file "monitors all keystrokes made by the user to capture and react to functions such as microphone mute/unmute keys/hotkeys."
This behavior, by itself, is not a problem, as many other apps work this way. The problem is that this file writes all keystrokes to a local file at: C:\users\public\MicTray.log more
