heur.suspicious@24329331

Comodo Internet Security - CIS AV False Positive/Negative Detection Reporting
1

Hi got this:

heur.suspicious@24329331

found in RealtekSoundDriver6.0.1.5659.exe

just wondering if this is a fp?

Cheers guys

2

Hi,fruitfly

Thank you for your submission. We’ll check this and get back to you soon.

Best regards
Chunli.chen

3

Hi fruitfly, welcome to the forum

There are malware out there now that uses MS Windows vulnerability – security hole
The digital signature of legit Software can be used by malware

Some signed malware are using valid Realtek Certificate are out there in the wild … more to come
So, that is not a surprise that currently even a legit driver by Realtek are flagged by several security packages

Sure, that was a right thing to do submitting “the suspect” for analysis

My regards

4

Hi fruitfly,

This FP has been fixed. You can confirm with the latest base V6794.

Regards,
Haja