Eset

Discussion in 'other anti-virus software' started by donaddams, Jan 19, 2023.

  1. donaddams

    donaddams Registered Member

    Joined:
    Jul 5, 2008
    Posts:
    99
    Location:
    mojave Desert
    I just received a warning from ESET Smart Security Premium - C:\Program Files (x86)\Kerish Doctor\kerishdoctor.exe - a variant of Win32/KerishDoctor.A potentially unwanted application
    Eset wants to delete it? anyone have any advice?
     
  2. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,286
    Location:
    Las Vegas
    Often the unwanted application is the AV itself...
     
  3. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    6,555
    Location:
    New York City
    Last edited: Jan 19, 2023
  4. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    Or you can just exclude the .exe or even the entire Kerish Doctor folder under C:\Program Files (x86)\Kerish Doctor\, but my preference would be that they fix the FP.
     
  5. Spartan

    Spartan Registered Member

    Joined:
    Jun 21, 2016
    Posts:
    1,424
    Location:
    Dubai
    I wouldn't come near Kerish Doctor or any similar utilities with a 10 foot pole on any of my computers. These snake oil programs will not make your computer faster and often times their registry cleaners will destroy a perfectly working machine. ESET is detecting it as a PUP and this is certainly not a false positive. Who knows what data they are collecting.
     
  6. donaddams

    donaddams Registered Member

    Joined:
    Jul 5, 2008
    Posts:
    99
    Location:
    mojave Desert
    Decided to uninstall, thanks for the input.
     
  7. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    They are detecting it as being potentially unwanted, rather than malware. Some apps can be classified as being potentially unwanted, because they may provide little benefit to the user and publisher may use false and exaggerated claims of the benefits to promote it. In the case of Kerish Doctor specifically, it a useful app and the publisher doesn't make any misleading claims. You don't actually need to use apps like this, but it won't cause any problems and may make your computer run faster.

    If you did find it to be useful, I'd recommend installing it again.
    The registry cleaner is in Kerish Doctor is safe to use, as it won't delete any needed registry keys. Based on my testing (and I've tested every registry cleaner that has ever been published), at least 99% of registry cleaners have issues with false positives and will sometimes delete needed registry keys. However, Kerish Doctor is one of the very few that doesn't, so it's safe to use and won't cause any issues. I've been using Kerish Doctor since the first version was released in 2006 and it's never caused any problems. It actually can make a computer run faster. It won't always do so, but at worst it won't cause problems. If you read comments about Kerish Doctor both here and at MalwareTips, you will see that many people are very happy with it.

    It's important to note too, that PUPs don't collect data. They are often apps that may not be needed or don't work as well at the publishers claim, but they don't do anything malicious or steal data. In my many years of testing PUPs, where I've done my best to test every PUP I could find, I've yet to find one that is malicious. that is why they are classified as being "potentially wanted" and not malware.
     
  8. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,920
    Decided to uninstall what? Eset or Kerish Doctor?
     
  9. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    I presume he meant Kerish Doctor.
     
  10. Buddel

    Buddel Registered Member

    Joined:
    Apr 28, 2015
    Posts:
    1,920
    Maybe, maybe not. Who knows...
     
  11. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,556
    Emsisoft also detected it as well. But they recently corrected the false positive.
     
  12. marciano222

    marciano222 Registered Member

    Joined:
    Nov 10, 2016
    Posts:
    32
    Location:
    Poland
    Kerish Doctor is a very good and clean program and eset is a mistake, I've been hearing about false positives from eset for a long time so I advise you not to worry
    and to be sure, you can scan with some other program and it will show you that it's ok
    Regards


    ps virustotal.com On this page, scan yourself
     
    Last edited: Jan 20, 2023
  13. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    8,624
    Location:
    USA
    Agreed. ESET has less false positives than any other product I have ever used.
     
  14. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,556
    I do wonder why ESET decided just now to detect it. Kerish isn’t a new software.

    ESET should have known of its existence for many years and I don’t remember reading of it being detected.
     
  15. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    That may be true of some such apps but it is complete unadulterated rubbish in the case of Kerish Doctor. I have used the app for a number of years and it has NEVER, REPEAT NEVER cause an issue with my system, and has kept it running smoothly.

    You may have experienced something different and that & your view is to be respected...but don't trash an app on the basis of other apps. Let's have a balanced view, please.

    And in any case, what is being discussed is ESET suddenly starting to identify KD as a PUP. And that only since the last upgrade of ESET. I have had both running together on my system and ESET has never, ever identified an issue with KD being installed/run on the same system as it is.
     
  16. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,886
    Location:
    Innsbruck (Austria)
    It has been classified some days ago by AE as a deceptor app (https://customer.appesteem.com/deceptors), so several vendors will start detecting it as PUA. Reasons why they classified it as a deceptor can be found on that page.
     
  17. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    1,556
    Thank you.
     
  18. Hiltihome

    Hiltihome Registered Member

    Joined:
    Jul 5, 2013
    Posts:
    1,131
    Location:
    Baden Germany
    In my experience, with hundreds of customer machine,
    tuning and cleaning tools do not necessarily cause issues.
    But many machines with issues have such installed.
    Seriously: Non I know of ist anything else, than placebo.
    Maybe in the days of Win98 some where useful, but not today.

    If it ain't broken, don't fix it.
     
    Last edited: Jan 20, 2023
  19. Spartan

    Spartan Registered Member

    Joined:
    Jun 21, 2016
    Posts:
    1,424
    Location:
    Dubai
    I've been using ESET's NOD32 since 2001 and never had a false positive. If something was detected, it was either a PUP or a virus.
     
  20. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    WOuld really love to see the reason or reasons foir this classification...as I suspect that it is erroneous, as I can see no reason why KD would all of a sudden start doing something that would compromise it's reputation.

    I am going to notify KD about this and see if that can find out what is going on. I am assuming that AE have not/will not contact them about this...just postulate. :blink:.
     
  21. digmor crusher

    digmor crusher Registered Member

    Joined:
    Jul 6, 2012
    Posts:
    1,156
    Location:
    Canada
    This is why.
    Screenshot 2023-01-21 131005.png
     
  22. marciano222

    marciano222 Registered Member

    Joined:
    Nov 10, 2016
    Posts:
    32
    Location:
    Poland
    Hello
    IBK
    What is this site and why should I trust it
    how the program works and everything is fine for several years Kerish Doctor is very good
    and on this page, if it says that it forces you to buy the program for the repair, why is there no screnshoot attached to this message someone got money from the competition to do anti-advertising shame!!
    Kerish Doctor has a trial so they won't extort you for repairing money, you can fix errors for free !!
    Please read how good this program is and then give some pseudo pages with slander
    https://programyzadarmo.net.pl/threads/giveaway-kerish-doctor-2023.50279/ Regards Sincerely Peter https://twitter.com/HSeller80 angellomichel387 programyzadarmo.net.pl
     
  23. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    Thanks...but show me a system utilities app or registry cleaner that does not highlight empty Registry keys and offer to remove them given that there is a school of thought that a Regisrty should be lean & mean and not have such keys taking up space, etc.

    And as for the "requires customer to purchase app in order to complete the fix"...in the case of KD that is UNADULTERATED CLAPTRAP...as marciano222 states...KD's trail version is fully functional until it expires (and they do not have a hobbled free version). One tries the software and if one likes it one can by it or not...simple.

    I suspect that AE have screwed up in their analysis somewhat...period.

    Anyway, I have written to Kerish and suggested that if they do not know about this that they should contact ESET & appesteem to see if the whole thing can be sorted out between them...as it should be.
     
  24. plat

    plat Registered Member

    Joined:
    Dec 19, 2018
    Posts:
    2,233
    Location:
    Brooklyn, NY
    Well, this was a thing over at Malwaretips also. I was on the side that said ESET is prob. not going to change its mind about this "detection." If you are comfy w/Kerish, exclude it in the UI.

    This reminds me of when UserBenchMark was flagged as malicious by the BitDefender engine. Every product that had that engine flagged UBM. Slowly, things cleared but the bad taste lingers. Has there been an official explanation yet for why this specific Kerish version? It seems to be a difference of opinion among the various AV and their philosophies.
     
  25. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    Agreed, plat...would seem to be another case of just that...one amongst many due to "...a difference of opinion among the various AV and their philosophies." And think of the commercial damage something like this can do to a legitimate company. :mad:
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.