Im not really surprised by this, whether it was an accidental or purposeful keyloger. I do have an HP laptop, although luckily for me I couldnt find this on it.
For anybody who uses Windows I highly recommend a program called Tinywall; with it you can disable internet access to all software except the software you choose. As a last line of defense it would prevent malware or a keylogger from connecting to the internet and sending information to a remote location (you can also use it to disable Windows update, which is a vulnerability as shown in the Vault 7 leaks).
So if I remove Windows and install Ubuntu on a HP Notebook, the keylogger will be removed?
Not exactly.
If you do that then you will be targeted as a person trying to avoid surveillance. What are you trying to cover up? What is it that you do not want authorities to see? What are you hiding?
You will jump from "level one / general scrutiny" to "level two / enhanced scrutiny" by the security services in your country.
https://www.modzero.ch/advisories/MZ-17-01-Conexant-Keylogger.txt I know I will become a priority but will it remove that actual keylogger?
Yes, it should since the malware is in inside a .exe file installing another OS should fix it. In fact Im not sure if youd even become a higher priority target if you remove/disable the keylogger; I cant imagine how many users disable it by installing Linux or running a firewall, so I dont think youre going to get any attention. Generally the US government (as far as Im aware of thanks to leaks) generally only has computers mass read data, they dont have the time to personally sit down and see why everybodys connection was encrypted or computer stopped sending logs.
Id also like to remind people that its not a given that the NSA/CIA is using this exploit/malware. They have other ways in if they really need.