Author Topic: Virus disguised as Realtek HD Audio (Read 3156 times)

REDACTED · « **on:** February 15, 2017, 01:46:43 AM »

I have a virus disguised as Realtek HD Audio.

Starts after about 15 minutes following reboot, uses 25% of CPU, and runs some sort of mining program on my GPU.

It is killed easily by ending the task. Not detected by Avast. I only saw it because ~/AppData/Local/Ethash was taking a lot of space (more than 5 GiB), and I don't run Etherium mining things.

Seems the exact same as reported here: https://forum.avast.com/index.php?topic=188819.0

But that was over 120 days ago.

TrueIndian · « **Reply #1 on:** February 15, 2017, 02:36:14 AM »

Send to avast lab >> https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438

Follow this thread if you need help with cleaning:
https://forum.avast.com/index.php?topic=194892.0

REDACTED · « **Reply #2 on:** February 16, 2017, 06:45:30 AM »

I sent them the files. I hope they add it to their scan.

TrueIndian · « **Reply #3 on:** February 16, 2017, 11:51:30 AM »

you upload the file here: www.virustotal.com

and post the result link here.That will help us get some more info.

Author Topic: Virus disguised as Realtek HD Audio (Read 3156 times)

REDACTED

Virus disguised as Realtek HD Audio

TrueIndian

Re: Virus disguised as Realtek HD Audio

REDACTED

Re: Virus disguised as Realtek HD Audio

TrueIndian

Re: Virus disguised as Realtek HD Audio