May 2017

HP PC's found to have inbuilt Keylogger that stores all your Keystrokes! Here is how to delete the file...

Today, nearly ten thousands of people and counting are keep talking about this news. HP,
the PC manufacturing Company received serious of attack from those guys. This is because, HP was found to have included an inbuilt keylogger that will automatically collect all your key pressings and is storing on a plain text. The Process that helped to make that job done is none other than the Audio driver (Conexant HD Audio Driver Package with a version 1.0.0.46 or more).

This collects all your keypress and they are stored in  C:\users\public\MicTray.log .

Though HP now, Officially says, that it had released an patch for this, its safe to delete
before the entire patch reaches your PC. This is because when i inspected, those files are stored on plain text, which means, it can accessed by anyone who knows this location  C:\users\public\MicTray.log to breach your Privacy.

What are the affected Models ...?

The following models are found to be affected by this keylogger, but there are more number of models that are infected apart from the following models..

HP EliteBook 820 G3 Notebook PC
HP EliteBook 828 G3 Notebook PC
HP EliteBook 840 G3 Notebook PC
HP EliteBook 848 G3 Notebook PC
HP EliteBook 850 G3 Notebook PC
HP ProBook 640 G2 Notebook PC
HP ProBook 650 G2 Notebook PC
HP ProBook 645 G2 Notebook PC
HP ProBook 655 G2 Notebook PC


HP ProBook 450 G3 Notebook PC
HP ProBook 430 G3 Notebook PC
HP ProBook 440 G3 Notebook PC
HP ProBook 446 G3 Notebook PC
HP ProBook 470 G3 Notebook PC
HP ProBook 455 G3 Notebook PC
HP EliteBook 725 G3 Notebook PC
HP EliteBook 745 G3 Notebook PC
HP EliteBook 755 G3 Notebook PC
HP EliteBook 1030 G1 Notebook PC
HP ZBook 15u G3 Mobile Workstation
HP Elite x2 1012 G1 Tablet
HP Elite x2 1012 G1 with Travel Keyboard
HP Elite x2 1012 G1 Advanced Keyboard
HP EliteBook Folio 1040 G3 Notebook PC
HP ZBook 17 G3 Mobile Workstation
HP ZBook 15 G3 Mobile Workstation
HP ZBook Studio G3 Mobile Workstation
HP EliteBook Folio G1 Notebook PC

My PC was not on this list, but it contained those files, so it is worth checking your PC to prevent

damages.



How to check for HP inbuilt keylogger on Windows PC.

1) Open file explorer and simply Copy paste  C:\users\public\MicTray.log on the address bar and

2) Hit enter.

If any file, gets opened in Notepad or your default text editor, then it means, your system too have

that inbuilt keylogger that recordes all your key pressings time after time.

How to delete the  C:\users\public\MicTray.log File..

1) Press Ctrl and Shift and Esc Keys all together

2) You will get taskmanager, on that scroll down and right click on Mic tray icon

3) Select End Task

Now, visit  C:\users\public, Click on the MicTray file and Press Shift + Del Keys together

That's it..

This will completely delete all your keystrokes stored there..

How to disable HP's inbuilt MicTray keylogger


Deleting that file, will delete all your recorded Keystorkes, But a user asked how to prevent it from recording again, i searched Online for help, and a solution, A friend from reddit named

My_Angry_Account_  had shared the steps for these.., Special thanks to him..

The steps we use since long ago, to disable the task manager, registry,etc are altered to be used in this process.

Warning : The following involves registry editing, try at your own risk.
Press Windows (logo) and R Keys of your keyboard

Type regedit and hit enter key.

Navigate to Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options

Right click on the Image File Execution Options and select New -> Key

Give the name for this key as MicTray.exe

Now, your right click on the newly created key and select new-> String Value

Name the value as debugger

Now, double click or single click on that, it will open a pop up on the value data field

Simply, type devenv /debugexe

Hit enter to save it..

That's it..

Now, your PC have that keylogger disabled.

Enjoy.

Other posts..

This Website will unlock your user account, When you dance!

How to recover from Google Docs attack happened on 03 May 2017


Did you know ? this website will unlock your account When you Dance !

You may heard of two factor authentication, the method of protecting your user account through phone number, (You need to first enter your code or text you received on your phone to successfully enter into your account). There are many other technologies that were under development to help people logging into their account with the help of themselves. Recently, i found a website that introduced this new  authentication method, that will unlock your User account , just the way on how you Dance. !


This technology uses your PC's or smartphone Camera to get its job done.

This method was nick named as Dance Dance Authentication Method by their developers who are nothing but the popular StackOverflow Community.!

So, if you are more curious on how this is done, and how it works, then don't forget to check the below video..


If you wish, take a second and leave what you feel in Commentz...!

How to recover from " Open in Google Docs" Phishing Attack happened on 03 May 2017

Yesterday, Millions of people are attacked by a Phishing email sent from none other than their friends.This mail contained an simple document file requesting you to open on Google Docs, Since, it will look like an invite from your friend, chances are, you clicking that option.But, When you clicked on the option, then it will redirect you to google.com, to request some permissions. When you clicked on the Allow button, then BOOM! your account will be Compromised, and all your data will be at risk.



Because, the application you allowed access was programmed to read all emails,view your contacts,and send emails , delete emails without having your login information..!
          
How to recover from Google Docs Phishing Attack happened on 03 May 2017


Though Google claims to have stopped this attack, a report shows, nearly a half of the million people had already clicked on the option "Open in Docs", before google officially stopping the attack.

What if, you (or) Your friend became one of the victims of the above attack ??. Simple, your data will be at risk and may be circulating on the dark web now..

Here is an post that will be helpful in recovering yourself from the Google Docs phishing attack..

Do, this steps, 

1) Visit https://myaccount.google.com/permissions , this will take you to the page that shows list of apps you had gave permissions to operate from your gmail account

2) Now, if you see Google Docs, on that list, then Click on it, and revoke the app from accessing your account.

3) The apps permission will be now revoked, that doesn't mean you are safe now.!

4) You are safe, only when you changed your password, so change that into something strange or harder to guess and if possible enable two step authentication, to protect yourself from this and future attack ( enabling 2 step verification will make google to send a text message to your registered Mobile number, Only after you had entered the received code, you or any one will be allowed to login or access your account,So enable that option, for better security advantage) 

If you hadn't received any mail, then you are safe, but makesure you are not clicking the email from the mail claiming to be from friend to open in Google Docs,  because this malicious emails all may appear to come from your contact, but when you  look close, they were actually from the address“hhhhhhhhhhhhhhhh@mailinator.com” with recipients BCCed..

Only you can save yourself , My friend.!