Is this a virus.?

[Peburu]

is "driver setup api for realtek hd" audio thing a virus or something else.?

[Leuphold]

It looks like its just the Realtek Audio Driver, doesn't look like it's using too much memory/power.

[fred82]

a "virus" can hide behind something that could look like legite process sure... but taht's very unlikely (very unprobable) anyway there

so ok let see that:

Realtek HD Audio  ok you know it is about audio from REaltek on your card

here this is file and then process part of the audio tool for update (or removal) of driver 

the size is ok for this file 

if you would be an extremist of checking: you can check:

right click on the process then properties :

- you can check the directory and file : check with the antivirus this file

- digital signature: take the sha-1 go to the virustotal website and check it : they'll say probably there (so many AVs) if legite 

you can even check inside it the certificate (if you need help about it i can explain)

 

don't worry

 

[Peburu]

1 hour ago, fred82 said:

a "virus" can hide behind something that could look like legite process sure... but taht's very unlikely (very unprobable) anyway there

so ok let see that:

Realtek HD Audio  ok you know it is about audio from REaltek on your card

here this is file and then process part of the audio tool for update (or removal) of driver 

the size is ok for this file 

if you would be an extremist of checking: you can check:

right click on the process then properties :

- you can check the directory and file : check with the antivirus this file

- digital signature: take the sha-1 go to the virustotal website and check it : they'll say probably there (so many AVs) if legite 

you can even check inside it the certificate (if you need help about it i can explain)

 

don't worry

 

this specific process(driver setup api for realtek hd) has a wrong logo , and where ever i kill it from taskbar it keeps coming back in couple of seconds. when i try to open its file location it leads to nothing as well.

[fred82]

jut being curious do you have somethig like that :

c:\users\user\desktop\TDpDI4vdNi.exe

because this is a stealer probably then like trying to stral your ethereum wallet 

fact is that if you can find such file and give me the hsh (sha-1 or md5) i can help

so you don't have Realtek directory ? what is the directory that is said when you open the open the process then right click then then it indicates the location 

(task manager > click the process > right click > properties > location ?)

[Peburu]

On 8/31/2021 at 9:13 PM, fred82 said:

jut being curious do you have somethig like that :

c:\users\user\desktop\TDpDI4vdNi.exe

because this is a stealer probably then like trying to stral your ethereum wallet 

fact is that if you can find such file and give me the hsh (sha-1 or md5) i can help

so you don't have Realtek directory ? what is the directory that is said when you open the open the process then right click then then it indicates the location 

(task manager > click the process > right click > properties > location ?)

well i am pretty sure i didnt have anything like that on my c drive