CompuTrace/ Variant UEFI in C repository

[MisoSt 0]

Hello,

 

Today I installed ESET on mum's laptop (she used a different anti-malware program before) and there have been some files detected in the C repository:

Protokol

C:\Windows\Firmware\SystemFirmware.bin » UEFI » uefi:\\Volume 1\Raw volume {C9C9C056-98EC-4026-BDE9-5C8C950250EC}\Unnamed partition\Volume 1\Firmware Volume Image {9E21FD93-9C72-4C15-8C4B-E77F1DB2D792}\Volume 1\Application {821ACA26-29EA-4993-839F-597FC021708D} - variant EFI/CompuTrace.A potenciálne nebezpečná aplikácia - výber akcie bol odložený na koniec kontroly

 

C:\Windows\Firmware\SystemFirmware.bin » UEFI » uefi:\\Volume 1\Raw volume {881EC7F2-82EE-477C-A829-78518783EC1F}\Unnamed partition\Volume 1\Firmware Volume Image {9E21FD93-9C72-4C15-8C4B-E77F1DB2D792}\Volume 1\Application {821ACA26-29EA-4993-839F-597FC021708D} - variant EFI/CompuTrace.A potenciálne nebezpečná aplikácia - výber akcie bol odložený na koniec kontroly

 

C:\Windows\Firmware\SystemFirmware.bin » UEFI » uefi:\\Volume 1\Raw volume {F6D787F3-D9C5-4E45-9C81-DA2D83628EE3}\Unnamed partition\Volume 1\Firmware Volume Image {9E21FD93-9C72-4C15-8C4B-E77F1DB2D792}\Volume 1\Application {821ACA26-29EA-4993-839F-597FC021708D} - variant EFI/CompuTrace.A potenciálne nebezpečná aplikácia - výber akcie bol odložený na koniec kontroly

 

C:\Windows\Firmware\SystemFirmware.bin » UEFI » uefi:\\Volume 1\Raw volume {A70CBED3-E575-47F3-BC82-4535BE135EC9}\Unnamed partition\Volume 1\Firmware Volume Image {9E21FD93-9C72-4C15-8C4B-E77F1DB2D792}\Volume 1\Application {821ACA26-29EA-4993-839F-597FC021708D} - variant EFI/CompuTrace.A potenciálne nebezpečná aplikácia - výber akcie bol odložený na koniec kontroly

 

Protokol

C:\Windows\System32\DriverStore\FileRepository\capsule.inf_amd64_1b5087b2b661628f\SystemFirmware.bin » UEFI » uefi:\\Volume 1\Raw volume {C9C9C056-98EC-4026-BDE9-5C8C950250EC}\Unnamed partition\Volume 1\Firmware Volume Image {9E21FD93-9C72-4C15-8C4B-E77F1DB2D792}\Volume 1\Application {821ACA26-29EA-4993-839F-597FC021708D} - variant EFI/CompuTrace.A potenciálne nebezpečná aplikácia - výber akcie bol odložený na koniec kontroly

 

C:\Windows\System32\DriverStore\FileRepository\capsule.inf_amd64_1b5087b2b661628f\SystemFirmware.bin » UEFI » uefi:\\Volume 1\Raw volume {881EC7F2-82EE-477C-A829-78518783EC1F}\Unnamed partition\Volume 1\Firmware Volume Image {9E21FD93-9C72-4C15-8C4B-E77F1DB2D792}\Volume 1\Application {821ACA26-29EA-4993-839F-597FC021708D} - variant EFI/CompuTrace.A potenciálne nebezpečná aplikácia - výber akcie bol odložený na koniec kontroly

 

C:\Windows\System32\DriverStore\FileRepository\capsule.inf_amd64_1b5087b2b661628f\SystemFirmware.bin » UEFI » uefi:\\Volume 1\Raw volume {F6D787F3-D9C5-4E45-9C81-DA2D83628EE3}\Unnamed partition\Volume 1\Firmware Volume Image {9E21FD93-9C72-4C15-8C4B-E77F1DB2D792}\Volume 1\Application {821ACA26-29EA-4993-839F-597FC021708D} - variant EFI/CompuTrace.A potenciálne nebezpečná aplikácia - výber akcie bol odložený na koniec kontroly

 

C:\Windows\System32\DriverStore\FileRepository\capsule.inf_amd64_1b5087b2b661628f\SystemFirmware.bin » UEFI » uefi:\\Volume 1\Raw volume {A70CBED3-E575-47F3-BC82-4535BE135EC9}\Unnamed partition\Volume 1\Firmware Volume Image {9E21FD93-9C72-4C15-8C4B-E77F1DB2D792}\Volume 1\Application {821ACA26-29EA-4993-839F-597FC021708D} - variant EFI/CompuTrace.A potenciálne nebezpečná aplikácia - výber akcie bol odložený na

koniec kontroly

 

I have dealt before with CompuTrace detection on an Acer laptop some two years ago but there has been detection in UEFI, not in the C drive, i.e. I could only ignore it.

 

I just want to make sure I can ignore it. The laptop type is HP.

 

Thanks for help.

 

[Marcos 5,189]

You can ignore it and create a detection exclusion as per https://support.eset.com/en/kb6567.