• ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
Are you having HotKey issues? Click here for tips and tricks.
Check out our WINDOWS 11 Support Center info about: OPTIMIZATION, KNOWN ISSUES, FAQs, VIDEOS AND MORE.
Locked

‎07-21-2019 07:20 AM

HP Recommended
Product: Elitebook 840 G3
Operating System: Microsoft Windows 10 (64-bit)

Bought an Elitebook 840 G3 with Windows 10 (64) v 1903.  Tried but cannot remove MicTray64!  Must do so! 

 

Problem/s

1.  MicTray64 is NOT listed in Apps & Features, nor in Programs & Features

 

2. When I search (explore) MicTray64 and try to delete it, 1903 indicates it is running and I must close it.  I then turn off everything I can except the window  [have a Spinning Tool capture of that window/box but do not know how to attach it to this question]

 

3.  I am Administrator and found all the MicTray64 entries in System32 and tried to delete them, but 1903 indicates:

"You need permission to perform this action"

 

1 ACCEPTED SOLUTION

Accepted Solutions

‎08-12-2019 10:49 AM

HP Recommended

Hi,
my daughter nearly went crazy when a deep scan using the MS Defender showed the MicTray64 to be "active and a security risk". I wasn't nearby so she spent half a day with a MS support guy on the phone, trying to remove this "threat" from her EliteBook Folio G1 - she just disabled the driver as a quick solution. A link for resolving the problem she and the MS support found (specific for the G1 Folio on the HP support pages) delivered a classic 404 page... I had more luck, found and installed the "2015" driver you mentioned in your post.

This audio driver is NOT being flagged as malware by the scan, but DEFENDER keeps detecting the old, malicious EXE as part of the recovery image on the system and calls it "active" - bad wording: this should read "not under quarantine". I put this finding in the IGNORE list of the scanner.
So, I would second your opinion: this "released in February 2019" driver seems to be safe for use. But I don't know how to replace or remove the "fall back recovery" malicious version from the system. If there's a wizard here, please step forward 🙂

Cheers from Munich, Germany,
Ralf

View solution in original post

Was this reply helpful? Yes No
3 REPLIES 3

‎07-21-2019 10:29 AM - edited ‎07-21-2019 11:33 AM

HP Recommended

ADDENDUM:
Have now installed from HP >
Conexant HD Audio Driver 2015
Released Feb 12, 2019
sp94989.exe

Does this version, even though it's called "2015", still have the evil dangerous MicTray64 KeyLogger?!

 

Also, before I did this I installed the GENERAL Windows 10 Conexant Audio Driver for v 1809 and up (I am running 1903)

 

SO. will that direct GENERAL Windows version (not from HP) interfere with the HP sp94989.exe driver  I installed now, after the latest Windows 10 GENERAL version from the Microsoft Update Catalog?  I don't know how to find it to delete the Microsoft version.

 

NOTE: the official HP Conexant Audio Driver I just downloaded and installed directly from HP was RELEASED 12 Feb 2019, and the GENERAL Conexant driver I had installed an hour before that was also a recent 2019 version for Windows 10, 1809 and up.

 

I just checked Device Manager and see that the now-installed Conexant Audio driver was CREATED 25 Jan 2019.  Although the 18 days between Conexant's creation of that version and the now-installed version indicated (befort download) that it was RELEASED (to HP, I guess) on 12 Feb 2019 .... and that the sound seems fine, and even the exact sound volume setting (68%, which I'd changed after I bought the laptop from 67%) .... am I to assume that it must be the "right" driver?  And of course that all the versions after the original 2015 version have ELIMINATED the naughty KeyLogger?!

Was this reply helpful? Yes No

‎07-21-2019 03:11 PM

HP Recommended

OK, think I have probably answered my own question

 

1.  HP writes it has removed the accidental keylogger on all newer updates and installations

 

2.  The Conextant ISST Audio driver currently installed (Device Manager) is what I installed today (date in Properties) directly from HP, released 12 Feb 2019

 

3.  I read in several places that the accidental keylogger keeps its keystroke logs in C:\Users\Public\MicTray.log  So I searched that location and there is NO MicTray log!   Further, I also read that even if it were installed, the log would remain local and  deleted  after signing off or next boot.

 

Does everyone agree that there is thus no security problem with the currently installed Conextant ISST Audio Driver?  >

 

Conexant HD Audio Driver 2015
Released Feb 12, 2019
sp94989.exe

 

Please answer yes/no

 

Thanks

 

Was this reply helpful? Yes No

‎08-12-2019 10:49 AM

HP Recommended

Hi,
my daughter nearly went crazy when a deep scan using the MS Defender showed the MicTray64 to be "active and a security risk". I wasn't nearby so she spent half a day with a MS support guy on the phone, trying to remove this "threat" from her EliteBook Folio G1 - she just disabled the driver as a quick solution. A link for resolving the problem she and the MS support found (specific for the G1 Folio on the HP support pages) delivered a classic 404 page... I had more luck, found and installed the "2015" driver you mentioned in your post.

This audio driver is NOT being flagged as malware by the scan, but DEFENDER keeps detecting the old, malicious EXE as part of the recovery image on the system and calls it "active" - bad wording: this should read "not under quarantine". I put this finding in the IGNORE list of the scanner.
So, I would second your opinion: this "released in February 2019" driver seems to be safe for use. But I don't know how to replace or remove the "fall back recovery" malicious version from the system. If there's a wizard here, please step forward 🙂

Cheers from Munich, Germany,
Ralf

Was this reply helpful? Yes No
Warning
Be alert for scammers posting fake support phone numbers and/or email addresses on the community.
If you think you have received a fake HP Support message, please report it to us by clicking on "Flag Post".
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.
Didn't find what you were looking for? Ask the community
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.