GreenHat 0 Posted July 21, 2023 Posted July 21, 2023 We get notifications from our Protect server that a client has infected files in the UEFI. It only says the number of infected files and not what files exactly are infected. How can I see the files? How can I check if it is really malicious and how would I clean them up?
Administrators Marcos 5,730 Posted July 21, 2023 Administrators Posted July 21, 2023 If you mean EFI/CompuTrace PUsA detection, please refer to https://support.eset.com/en/kb6567 and https://forum.eset.com/topic/36292-eficomputracea-is-this-a-virus.
GreenHat 0 Posted July 21, 2023 Author Posted July 21, 2023 Well, we get an email notification stating the client has 20 infected files in the path you see in the screenshot. Maybe I am just reading it wrong but I don't see any EFI/CompuTrace PUsA detection when I check the client on the Protect server. It just says it couln't clean the detections but we get the notification almost daily.
Administrators Marcos 5,730 Posted July 21, 2023 Administrators Posted July 21, 2023 Unfortunately it's just a small snippet. On-demand scanner logs show detections unless you turn on filters. Please provide logs collected with ESET Log Collector.
Recommended Posts