Detections made by ESET Internet Security

[jlewis40 0]

Hi Eset Community,

Greetings.

My ESET Internet Security detected these as 'potentially unsafe application'. These I believe are laptop manufacturer applications that Eset believes to be unsafe. What should I do?

Format: Name    Detection   Action *(I copied and pasted the findings directly from the Detection Window.)

C:\Program Files (x86)\Lenovo\Lenovo Photo Master\reaper_u.dll    a variant of Win32/Lenovo.G potentially unsafe application    No action

C:\ProgramData\Downloaded Installations\{897100E7-24D5-4C02-B00C-0D54ADF92D90}\OneKey Optimizer.msi    a variant of Win32/Lenovo.G potentially unsafe application    No action

C:\Users\All Users\Downloaded Installations\{897100E7-24D5-4C02-B00C-0D54ADF92D90}\OneKey Optimizer.msi    a variant of Win32/Lenovo.G potentially unsafe application    No action

C:\Users\Documents\Lenovo\ProduKey\ProduKey.exe    a variant of Win64/PSWTool.ProductKey.A potentially unsafe application    No action

C:\Windows\Installer\59f66.msi    a variant of Win32/Lenovo.G potentially unsafe application    No action

 

[Marcos 4,706]

Potentially unsafe applications are typically legitimate applications that can be misused in the wrong hands, e.g. uninstallers working in kernel mode to bypass self-defense protection, product key viewers, buggy uninstallers that can delete files that you normally don't have access to, etc.

We don't recommend using system and registry optimizers which are typically detected as potentially unwanted or unsafe applications.

[jlewis40 0]

Hi Marcos,

Greetings.

What can/should I do? 

[peteyt 361]

2 hours ago, jlewis40 said:

Hi Marcos,

Greetings.

What can/should I do? 

With a PUA it is up to the user if the pros outweigh the negatives.

Some PUA's are mainly annoyances e.g try to install extra stuff, hard to get rid of etc. For example the popular CCleaner program I believe comes up as a PUA as it's installer tries to get you to install extra but that doesn't mean it doesn't have its uses 

[jlewis40 0]

In that case, I will have to try the 'Exclude from Detection'  option on one, multiple, or all PUAs and observe how ESET Internet Security behaves thereafter a scan. 

[peteyt 361]

35 minutes ago, jlewis40 said:

In that case, I will have to try the 'Exclude from Detection'  option on one, multiple, or all PUAs and observe how ESET Internet Security behaves thereafter a scan. 

If you exclude them should be fine. I think you can exclude them as a PUA

[itman 1,538]

As far as Eset's detection of OneKey Optimizer, it appears the PUA detection is justified as noted here: https://tipsmake.com/instructions-for-removing-lse-on-lenovo-computers . In fact, this article classifies the source of this software,

Quote

'Lenovo Service Engine' (LSE) - a piece of code that attaches the firmware on the computer's motherboard.

as a rootkit.

Edited July 27, 2021 by itman

[jlewis40 0]

itman, 

Great follow-up and update on this forum. I was about to execute the PUA instructions mentioned above. A BONUS too. My laptop model is listed in the List of Lenovo computers with LSE installed. Bute, what happens next? Will my system act up?
For now, I'll let this forum open to see additional information added.

Edited July 27, 2021 by jlewis40

[itman 1,538]

13 hours ago, jlewis40 said:

My laptop model is listed in the List of Lenovo computers with LSE installed. Bute, what happens next? Will my system act up?

I can't answer this question obviously. Google "is your friend" in this regard.

I assume that since the disabling software is provided by Lenovo, it is safe to use for your specific device.