HP/Conexant Audio Driver and detection (SecurityRisk.Mtray)


Article ID: 169985


Updated On:


Endpoint Protection


Some Conexant HD Audio Drivers, commonly distributed with HP laptops, store keystrokes in the product's debug log. This behavior is similar to other Security Risks and could be used by someone with malicious intent as a keylogger.


Due to the inherent risk to our customers' security, Symantec has created the signature SecurityRisk.Mtray to detect the audio drivers exhibiting this behavior.  This signature went live in Rapid Release sequence 186893 (version 08/16/2017 revision 3).

Users of Norton-branded products will see a prompt for removal, while Symantec Endpoint Protection will by default quarantine the file.

For details on affected versions of the driver and patched drivers, please visit the HP Customer Support Center:

Note: Because the files involved are part of the audio driver, the sound on the computer may be affected after removal. The installation of the vendor's updated driver version will restore audio (See download links in the above HP URL).