UEFI ISSUE!

[EnTi 0]

Hi community!

I am having the following issue:

My scan shows me some UEFI problems which i don't quite understand. I just installed the lastest firmware for my bios but the problem keeps coming up. I really can not tell if this is malware or not and eset does not clean it. 

Can someone help me please?

Here is my log:

Log
Scanned disks, folders and files: Operating memory;Boot sectors/UEFI;WMI database;System registry;C:\Boot sectors/UEFI;C:\;D:\Boot sectors/UEFI;D:\
\\Uefi Partition » UEFI » uefi:\\Volume 1\Raw volume {9D9D1829-1F11-7C57-BC16-3DE84E820995}\Unnamed partition - archive damaged - the file could not be extracted.
\\Uefi Partition » UEFI » uefi:\\Volume 2\Firmware Volume Image {20BC8AC9-94D1-4208-AB28-5D673FD73486}\Volume 1\Freeform {1A1E2341-A2FB-42C7-8D17-3073D08EB21D}\Unnamed partition\Volume 1 - archive damaged - the file could not be extracted.
\\Uefi Partition » UEFI » uefi:\\Volume 2\Firmware Volume Image {20BC8AC9-94D1-4208-AB28-5D673FD73486}\Volume 1\Freeform {DD6569A7-E455-4EE5-B2BA-ECDA84ACBC99}\Unnamed partition\Volume 1 - archive damaged - the file could not be extracted.
\\Uefi Partition » UEFI » uefi:\\Volume 2\Firmware Volume Image {20BC8AC9-94D1-4208-AB28-5D673FD73486}\Volume 1\ComputraceComponents - a variant of EFI/CompuTrace.A potentially unsafe application - action selection postponed until scan completion
C:\DumpStack.log.tmp - unable to open [4]

 

C:\hiberfil.sys - unable to open [4]
C:\pagefile.sys - unable to open [4]
C:\swapfile.sys - unable to open [4]
\\Uefi Partition » UEFI » uefi:\\Volume 1\Raw volume {9D9D1829-1F11-7C57-BC16-3DE84E820995}\Unnamed partition - archive damaged - the file could not be extracted.
\\Uefi Partition » UEFI » uefi:\\Volume 2\Firmware Volume Image {20BC8AC9-94D1-4208-AB28-5D673FD73486}\Volume 1\Freeform {1A1E2341-A2FB-42C7-8D17-3073D08EB21D}\Unnamed partition\Volume 1 - archive damaged - the file could not be extracted.
\\Uefi Partition » UEFI » uefi:\\Volume 2\Firmware Volume Image {20BC8AC9-94D1-4208-AB28-5D673FD73486}\Volume 1\Freeform {DD6569A7-E455-4EE5-B2BA-ECDA84ACBC99}\Unnamed partition\Volume 1 - archive damaged - the file could not be extracted.
\\Uefi Partition » UEFI » uefi:\\Volume 2\Firmware Volume Image {20BC8AC9-94D1-4208-AB28-5D673FD73486}\Volume 1\ComputraceComponents - a variant of EFI/CompuTrace.A potentially unsafe application - retained
 

P.s. Attached is also an image of the eset notification.

[Marcos 4,192]

Please expand Advanced options, check "Exclude signature from detection" and click Ignore since upgrading UEFI firmware didn't make any difference as you stated.

[EnTi 0]

Hi Marcos!

Thanks for your reply! So i do not have any malware?

[itman 1,364]

Refer to this Eset Knowledge base article: https://support.eset.com/en/kb6567-you-receive-an-eset-uefi-detection

The problem with CompuTrace is it has vulnerabilities in it: https://www.cvedetails.com/product/46115/Absolute-Computrace-Agent.html?vendor_id=17983 . This means it can be potentially maliciously exploited. Hence, the Eset PUA detection for it.

[EnTi 0]

So of it is or not malicious how do i find out? How do i get rid of this issue? Sorry for asking again but i am not an IT specialist and i need this laptop to work.

[Marcos 4,192]

As already recommended, exclude the app from detection by adding it to Detection exclusions.