cancel
Showing results for 
Search instead for 
Did you mean: 

Trojan Found in ROG Realtek Drivers - Windows 10 x64 1903 Build

BigRed205
Level 7
Hello,

I was attempting to update my ROG Realtek drivers for my ROG MAXIMUS XI HERO (WI-FI) motherboard using the download from the official Asus site (Version 6.0.1.8666) when I was stopped from updating due to Windows Defender discovering a trojan virus in the install files.
Defender identified a Trojan script called "Oneeva.A!ml" in the install.bat

Is this some sort of false positive that Defender has picked up? Or is this actually a malicious file? I am now unable to update my Realtek drivers which I need to do as no videos will play with the sound correctly sync'd (always a 0.5 second delay!

Please advise.

Thanks.
8,093 Views
5 REPLIES 5

MrAgapiGC
Level 13
we detect these 4 days ago. not only there but on the aura.

what did u use to decompress the file
Learn, Play Enjoy!

Elkmar
Level 8
Windows defender is garbage software: many false positives and sometimes not to catch true virus. I have Just downloaded this driver and checked it in Kaspersky - all clear.

I think the defender see in install.bat copy command for UWP app and scheduling it installation and this is marker for false positive.
English is not my native language, so I'm sorry if I make some mistakes.

Super_Gnome
Level 11
Try scanning your files at virustotal.com before you extract it. Then use that page and scan whatever you use to unpack/extract your files (even if you have to remove it first and scan the files before installing again). If it were me I'd also do a full scan of my computer and start over, too. Hopefully this helps.

Thanks for the suggestions and information guys. I will have a go at scanning the files using a few different virus scan apps / website however the file I downloaded was direct from Asus download page so I am thinking that is not the issue.

As has been mentioned, it is probably Microsoft Defender returning a false positive.

I used WinRAR to unpack the files and I have never had any issues with it in the past?

My PC has only been built a few weeks so a full scan probably won't reveal much but then again it also shouldn't take long as I don't have much on there due to it being a new build.

Thanks again for your help.

toronto699
Level 13
Kaspersky Is My Go To Virus Protection Software , Last Chat I Had With Microsoft Support Waned Me To Uninstall Kaspersky , When Microsoft Support Scanned My PC ,,, To Add A Block Driver Tool, I use 7-zip To un pack Files , Never An Issue