heur.suspicious@24329331

Hi got this:

heur.suspicious@24329331

found in RealtekSoundDriver6.0.1.5659.exe

just wondering if this is a fp?

Cheers guys

Hi,fruitfly

Thank you for your submission. We’ll check this and get back to you soon.

Best regards
Chunli.chen

Hi fruitfly, welcome to the forum

There are malware out there now that uses MS Windows vulnerability – security hole
The digital signature of legit Software can be used by malware

Some signed malware are using valid Realtek Certificate are out there in the wild … more to come
So, that is not a surprise that currently even a legit driver by Realtek are flagged by several security packages

Sure, that was a right thing to do submitting “the suspect” for analysis

My regards

Hi fruitfly,

This FP has been fixed. You can confirm with the latest base V6794.

Regards,
Haja