🕫 NEW 🕫- Kaseya Certified Expert Training Camp launches on 8/23. Class size is limited. Learn more > https://www.community.connectit.com/events/28-kaseya-certified-expert-traincamp-august-23rd-september-2nd

Detecting HP Laptops with Buggy Conexant Software

Janantha Marasinghe
edited January 24 in Solutions

Product Name: Detecting HP Laptops with Buggy Conexant Software

Description : The attached zip file contains a batch file and an agent procedure to detect machines having Conexant based Keylogging software which is recently announced.

Batch file HP Logger Trace.bat is copied to C:\Temp on the machines under the view in VSA.
It will output a text file with the locations of the MicTray64.exe and MicTray.log to a file named C:\temp\hptrace.txt. Agent procedure will look at presence of "MicTray" keyword which confirms the presence of the affected Conexant software. It will write the keyword "HPKeyLoggerDetected" to the procedure log and sends an email to the defined e-mail address.

Source of the security incident
-----------------------------------------------------
https://www.modzero.ch/advisories/MZ-17-01-Conexant-Keylogger.txt

Instructions :

  1. Upload the HP Logger Trace.bat  to Agent Procedures -> File Transfer -> Distribute File
  2. Import the Procedure HP Keylogger Identification.xml  under agent procedure
  3. Enter your e-mail address in the agent procedure so you will be notified 
  4. Change your VSA view to show all the HP Notebooks and schedule the agent procedure

Weekly Leaderboard