[German]Here is an Information and Question addressing owners of HP Windows devices. It seems that Hewlett Packard silently installs a telemetry client on Windows computers. Here are a few details.
A German blog reader (Detlef Krentz) contacted me this weekend via e-mail and notified me about a strange development. He wrote:
I noticed that HP secretly installed the program "HP Touchpoint Analytics Client" on all my HP devices on November 20, 2017.
The program connects every day to HP. The files sent can be found under "Program Data/HP/HP Touchpoint Analytics Client/Transfer Interface".
He uploaded the file TouchpointAnalyticsClient.exe to Virus Total – but the file is detected only by one program as malware.
Note: I've seen many reports based on the article here and on Woody Leonhard's article in ComputerWorld, claiming, that HP Touchpoint Analytics Client has been installed as part of HP Touchpoint Manager. That's not true! My sources had the HP Touchpoint Analytics Client installed, while the HP Touchpoint Manager (paid software) was never on their systems. At AskWoody it's cited in the 1st version correct as 'the infection vector isn't known'. Woody has removed this note during an update.
One source told me, that he is guessing, that the Touchpoint Analytics Client has been installed secretly by HP Support Assistant. But another source (an external HP expert) told me, that he configured the HP Support Assistant to download only – and this tool haven't reported a pending update. He had not installed the HP Touchpoint Manager, but found the HP Touchpoint Analytics Client on his system after reading my article here.
I got also a feedback from German blog reader, that HP systems with a clean install, using a Microsoft Windows image, didn't install the Touchpoint Analytics Client. So I assume, that HP didn't use 'Windows Platform Binary Table' (WPBT) to force some HP software beeing used after a clean Windows install. After all, I claim, the 'infection vector' is still unknown.
There is a discussion in forums
At HP forum I found this thread, dated from November 19, 2017, where a user reported the secret install of TouchpointAnalyticsClient.exe. It was mentioned, that the program drags a lot of CPU load. Also frensh HP forums containing some Entries, where people claiming high CPU load from this program.
At Bleeping Computer we have this forum thread, where someone noted an installation at November 15, 2017. Also Expert Exchange has this thread, mention an install at Nov. 20, 2017. A reddit Thread, where a user wrote:
"Harvests telemetry information that is used by HP Touchpoint's analytical services."
The description has been obtained from the service description (see below).
Note: In case you are interested in details, check this thread at Askwoody.com, where some users posted a few internals of the telemetry data collected from the tool. Overall the telemetry service is self configuring, and the data collected may be extended within the future.
Deactivate and uninstall
Blog reader Detlef Krentz wrote me, that he fired up the Services manager as Administrator. Then he disabled the service (see screenshot).
Ist's also possible to uninstall the program via control panel. Are you affected?
Addendum: A statement from HP
After Woody Leonhard brought this story at ComputerWorld (I was in touch with Woody before), many US sites covers this topic too. Engadget has received the following statement from HP.
HP Touchpoint Analytics is a service we have offered since 2014 as part of HP Support Assistant. It anonymously collects diagnostic information about hardware performance. No data is shared with HP unless access is expressly granted. Customers can opt-out or uninstall the service at any time.
HP Touchpoint Analytics was recently updated and there were no changes to privacy settings as part of this update. We take customer privacy very seriously and act in accordance with a strict policy, available here.
So it is confirmed by HP that this thing existst. And it seems, we catched HP with their fingers within the honey pot. Nevertheless what they say, that thing got quietly installed, this is a no go for me.
HP: Telemetry service is a routine program
Addendum 2: Laptop Magazin has published this article, where Mike Nash, HP VP of Customer Experience says:
All HP laptops recently received an update which installs HP Touchpoint Analytics, a utility which runs in the background and collects system data.
Nash explained to the magazine, that the program is not new, it just has a new name. A program with athe same function has been shipping on HP laptops as part of the Support Assistant software without controversy since 2014, according to Nash.
But I must say, this article addresses the word 'Spyware', used by many US sites, a term I've never used within my blogs – it's a telemetry service, that has been installed without user consent – afaik.
My 2 cents:
The article is a little too much of an eulogy for me – and transports HP speech 'the program captures only telemetry data of the hardware in anonymous form'. The main issue isn't addressed: The sercice has been installed secretly – without user consent. And it would not be the first case where such PUP (potentielly unwanted software) was identified as a security hole. The telemetry client can be configured and updated for instance.
Nevertheless I find some details within the article interesting – if I assume, they are true (I got feedback from German users indicating, that this isn't the case and the article is just a kind of transporting HP's opinion). So the article says, in which cases the the telemetry data are transferred to HP (my German blog reader told me other experiences, after I pointed them to the article). HP's statement that the telemetry client has been extensively tested and that it does not lead to any loss of performance is nice to read, but in my view – after weighthing the possible hardware and software combinations – just worthless (management and marketing bullshit – imho).
Security update for HP printers is available
Fix for HP's 3D Drive Guard-Bug after Microsoft Patchday
Firmware Update blocks again non HP Printer Cartridges
Cookies helps to fund this blog: Cookie settings
After I got rid of it I actually found logs which point to some Amazon server – I have neither time nor enough interest to dig a bit more and check who owns / where do they feature etc.
I also think that this piece has been deployed on my PC few minutes later, after one of my BSODs was reported to Microsoft via Reliability & Maintenance processes. Which initially made me think who actually was behind it?
Pingback: HP is installing new spyware, “HP Touchpoint Analytics Client,” but the infection vector remains unclear @ AskWoody
*This is bad* Got it too: after the Micro$oft updates november15th to patch 6 crucial ! vulnerabilities the HP-AcceleroMeter-gui wouldn't start ("cannot start at this WindowsOS" was the popup). The parent proces HP3DD_protection cannot/coudn't be repaired….. during this repair after uninstalling the HP3DD~service the HPsystemsControl just installed just the old service PLUS this TelemetryAgent + this service + the installer….. ALL 3 wanted internet access to HP. a SNEEKY way to distribute SPYware…… ASWELL HP Cannot,Will not,Refuses to repair the Intel_processor 6/7/8th generation Vulnarability 00086, and this a very bad vulnerability => ~~ this a walk through for anyone when the pc is connected to powerline and internetline, no switched-on or login or infection needed!! This needs a urgent major BIOS upgrade to re-control the processor. NO ANSWERS from HP…… I am loosing believe in these HPguys (and the agencies they work for), *YAK !*
See my blog post Windows 10 update KB4048955 kills HP's 3D Drive Guard and the linked post about patchday issues.
Kind of think this is PC makers saying we want some of that telemetry data too. Given that Microsoft sucks a lot of information from PC's these days. How is this getting installed? Through HP's update service or Windows update? I cannot remember the last time I ran any OEM PC apps on any of my PC's? Not since the Lenovo crap a while back I just don't let PC makers put any apps on my PC. I am not so opposed with telemetry being done as I am its done in a sneaky fashion as if to hide the fact their doing it.
Incidentally I spotted this in the last couple of days:
It does look like en-masse forced upgrade of an ATI graphics driver which does not go very well.
One issue may be related with another one, it may be not? I would not be surprised if it is though – as I have some doubt about stability of AMD products. And equally I would not be surprised if HP had to investigate it further this way (AMD from my recollection was always blaming others).
Pingback: HP está a instalar software que recolhe dados sem autorização | Newsware
Pingback: HP está a instalar software que recolhe dados sem autorização | Repairstore Tech - Tudo sobre Tecnologia
Pingback: HP installeert ongewenst spyware op pc’s die je processor belast - TechPulse
Pingback: HP Caught Installing Spyware on Windows 10 PCs Without Permission - Yaytrending
Pingback: Un mouchard provoque des ralentissements sur des ordinateurs HP – KelNews
Pingback: Comment supprimer le mouchard de votre ordinateur HP ? | UnderNews
Pingback: HP está a instalar software que recolhe dados sem autorização | INFORSALVADOR
Pingback: HP instala software sin permiso del usuario
Pingback: HP Kullanıyorsanız Kişisel Verileriniz Güvende Olmayabilir! | Bilgi Kasabası
Pingback: HP é acusada de instalar spyware nos PCs dos usuários – Tem di tudo
Pingback: HP é acusada de instalar spyware nos PCs dos usuários – Tecnologia e Ciência | TC PREMIUM
Pingback: HP Silently Installs Telemetry Bloatware On Your PC—Here's How to Remove It - Sortiwa, Worlds largest web portal
Pingback: HP Silently Installs Telemetry Bloatware On Your PC—Here’s How to Remove It – NuclearCoffee
Pingback: HP é acusada de instalar adware nos PCs dos usuários | Zion Eco
Pingback: HP é acusada de instalar spyware nos PCs dos usuários – DefratyMent
Pingback: HP Silently Installs Telemetry Bloatware On Your PC—Here's How to Remove It - Virtual Mist
Pingback: HP Silently Installs Telemetry Bloatware On Your PC—Here’s How to Remove It – التكنولوجيا – شبكة الموقع الاول
Pingback: Spyware Has been Installed on Windows 10 PCs by HP Without Permission - DHTG
Pingback: HP é acusada de instalar spyware nos PCs dos usuários – Tecnologia e Ciência | Novas Tecnologias
Pingback: HP Silently Installs Telemetry Bloatware On Your PC—Here’s How to Remove It | Mr.Websecurity
Pingback: HP stealthily installs new spyware called HP Touchpoint Analytics Client | Curious
Myt HP laptop started yesterday to have short moments when it does not react to anything. I found from Task manager that HP Touchpoint Analytics Client is using the processessor recourses up to 100%. I uninstalled the client with CCleaner and now this machine works again like charm!
Thanks for information.
Pingback: HP stealthily installs new spyware called HP Touchpoint Analytics Client | Stratford University
Pingback: HP Caught Putting in Adware on Home windows 10 PCs With out Permission | Sport News