GreenHat 0 Posted July 21, 2023 Share Posted July 21, 2023 We get notifications from our Protect server that a client has infected files in the UEFI. It only says the number of infected files and not what files exactly are infected. How can I see the files? How can I check if it is really malicious and how would I clean them up? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,278 Posted July 21, 2023 Administrators Share Posted July 21, 2023 If you mean EFI/CompuTrace PUsA detection, please refer to https://support.eset.com/en/kb6567 and https://forum.eset.com/topic/36292-eficomputracea-is-this-a-virus. Link to comment Share on other sites More sharing options...
GreenHat 0 Posted July 21, 2023 Author Share Posted July 21, 2023 Well, we get an email notification stating the client has 20 infected files in the path you see in the screenshot. Maybe I am just reading it wrong but I don't see any EFI/CompuTrace PUsA detection when I check the client on the Protect server. It just says it couln't clean the detections but we get the notification almost daily. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,278 Posted July 21, 2023 Administrators Share Posted July 21, 2023 Unfortunately it's just a small snippet. On-demand scanner logs show detections unless you turn on filters. Please provide logs collected with ESET Log Collector. Link to comment Share on other sites More sharing options...
Recommended Posts