Duhan Orhan 0 Posted February 11, 2021 Share Posted February 11, 2021 My computer got trojan emotet 1 week ago and I cleaned it, but today when I did a full scan with eset, it found 3 detections 2 of them were infected and cleaned but Uefi could not remove the extension named firmware how can I clean it ? if it is a virus and do another type of scan to make sure there are no other viruses Link to comment Share on other sites More sharing options...
Administrators Marcos 5,290 Posted February 11, 2021 Administrators Share Posted February 11, 2021 Please follow the instructions in https://support.eset.com/en/kb6567. If updating the UEFI firmware doesn't make any difference, exclude the pot. unsafe application from detection by adding it to detection exclusions. CompuTrace is not a virus not threat but a potentially unsafe application, ie. it's not detected with default settings. Link to comment Share on other sites More sharing options...
Duhan Orhan 0 Posted February 11, 2021 Author Share Posted February 11, 2021 13 minutes ago, Marcos said: Please follow the instructions in https://support.eset.com/en/kb6567. If updating the UEFI firmware doesn't make any difference, exclude the pot. unsafe application from detection by adding it to detection exclusions. CompuTrace is not a virus not threat but a potentially unsafe application, ie. it's not detected with default settings. Thanks for your advice, but the process is very complicated. Does this extension install itself on the computer or is it trojan related? Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 5,290 Posted February 11, 2021 Administrators Solution Share Posted February 11, 2021 It came pre-installed with your motherboard, it's not malware related. Link to comment Share on other sites More sharing options...
Duhan Orhan 0 Posted February 11, 2021 Author Share Posted February 11, 2021 Just now, Marcos said: It came pre-installed with your motherboard, it's not malware related. If it's a self-loading kind of system, why does ESET detect it? And it is shown as dangerous malware in the articles I read, thank you so much for your time, the only thing I want to understand is is this problem for me? Link to comment Share on other sites More sharing options...
itman 1,755 Posted February 11, 2021 Share Posted February 11, 2021 Search the Eset forum. There are multiple postings on Computrace. The short description of Computrace is it is installed by the device manufacture as an anti-theft mechanism. Depending on how it was installed, if it was activated, etc., etc., it may be possible to disable it via BIOS/UEFI settings. Contact your device manufacturer for further details on your specific Computrace installion. Link to comment Share on other sites More sharing options...
itman 1,755 Posted February 11, 2021 Share Posted February 11, 2021 You might want to also read this Eset article: https://www.eset.com/us/about/newsroom/corporate-blog/what-you-need-to-know-about-lojax-the-new-stealthy-malware-from-fancy-bear/ . Lojax is the malicious malware associated with Computrace's Lojack firmware software. Lojax needs Lojack present to operate. If you receive an Eset alert related to Lojax malware present, then you have a real problem. The present alert you are receiving from Eset is a warning that Computrace's Lojack software exists. In other words, that you are vulnerable to a Lojax attack. Link to comment Share on other sites More sharing options...
Duhan Orhan 0 Posted February 11, 2021 Author Share Posted February 11, 2021 2 minutes ago, itman said: You might want to also read this Eset article: https://www.eset.com/us/about/newsroom/corporate-blog/what-you-need-to-know-about-lojax-the-new-stealthy-malware-from-fancy-bear/ . Lojax is the malicious malware associated with Computrace's Lojack firmware software. Lojax needs Lojack present to operate. If you receive an Eset alert related to Lojax malware present, then you have a real problem. The present alert you are receiving from Eset is a warning that Computrace's Lojack software exists. In other words, that you are vulnerable to a Lojax attack. All of Eset's protection settings are active and I have not received any notifications. Could there be a wrong perception, should I focus on it more? Link to comment Share on other sites More sharing options...
itman 1,755 Posted February 11, 2021 Share Posted February 11, 2021 (edited) 6 minutes ago, Duhan Orhan said: All of Eset's protection settings are active and I have not received any notifications. Could there be a wrong perception, should I focus on it more? Refer to @Marcos prior posting. You can: 1. Exclude the Eset PUA detection. 2. "Live with" the detection being displayed. 3. Contact your laptop/notebook manufacturer as to methods to remove/deactivate Computrace feature - Recommended. Edited February 11, 2021 by itman Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 206 Posted February 12, 2021 Most Valued Members Share Posted February 12, 2021 If you search for your PC model , there might be a BIOS/UEFI update that doesn't have the CompuTrace , Dell did that before , but it may not even hide the detection from ESET , because ESET is doing it's job and alerting you of something that can trace you and can be used maliciously You can disable it in the BIOS or you can see if there is an update from your PC manufacturers that doesn't include the CompuTrace part. Link to comment Share on other sites More sharing options...
Recommended Posts