1 (edited by fritzi 2023-09-04 14:50:15)

Topic: fireface usb drivers are recognized as a virus

Hi,

all of a sudden the fireface uc which i also use for ingame chat is not recognized anymore. If I am on discord it works, but as soon
as another application wants to use the mic this does not work. It works fine in studio one but it cannot be used simultaneously
by different applications which is strange to me. Is this the usual behaviour? Normally it should work in discord and in game
or am I wrong?
This made me consider downloading the drivers again because maybe windows made problems again.
So i downloaded the exe which has the digital signature of RME GmbH but when I upload it to virustotal it is flagged by one security
operator as Backdoor.Msil.Agent and malicious

Matches rule Potential Persistence Via COM Search Order Hijacking by Maxime Thiebaut (@0xThiebaut), oscd.community, Cédric Hien at Sigma Integrated Rule Set (GitHub)
Matches rule Creation of an Executable by an Executable by frack113 at Sigma Integrated Rule Set (GitHub)


I downloaded it from https://www.rme-audio.de/Downloadbereich.html.
https://rme-audio.de/downloads/driver_usb_win_1246.zip

Has there been a compromise or any security incident or is it a false positive? Why is it flagged as malicious?

Re: fireface usb drivers are recognized as a virus

Use Windows Defender on your Windows computer and avoid every other Anti-virus program.
Ignore this flag, the driver is good.

M1-Sequoia, Madiface Pro, Digiface USB, Babyface silver and blue

Re: fireface usb drivers are recognized as a virus

I believe I've seen that somewhere before, but it's a false positive, else there wouldn't be just one such report.

Regards
Daniel Fuchs
RME