irsetup.exe

This was detected as a key logger by online armor premium . i currently opted to block this. i’m not sure what this actually is but it was detected today. avast scan was clean but i’m curious if anyone here can enlighten me on this thing thanks

I seem to recall having this one detected as a threat by an antispyware app some time ago. (At least a year.) Apparently the name has been used by spyware vendors, but if the file is from the Indigo Rose company, it should be OK.
Find it, (you may have to show hidden and system files…I think it normally lives in the C;\System or System32 folder) and have a look at the file properties courtesy of a right-click on the file.

If it appears to be a FP, better let the good folk at OA know. I’m at a bit of a loss to know why a firewall/HIPS should be alerting to this, unless it’s trying to run/connect, which could of itself be suspicious. If it is the installer made by Indigo Rose, it should have done its job some time ago. Mind you, there still could be applications that use it. Don’t really know.

I did a Google for the file name, and the results reminded me of that old detection on my machine.

Chances are it’s harmless, but have a look yourself and report back.


Welcome to the forums, pinnacle. :slight_smile:

Do you now, or have you in the past, used Indigo Rose programs? It is related to their Setup Factory.

http://www.indigorose.com/forums/showthread.php?t=9337

http://www.threatexpert.com/files/irsetup.exe.html

http://www.indigorose.com/products/setup-factory/?submit=GO

This file can also related to Avast! External Control Tool by Excessive-software.

http://www.hijackfree.com/en/processdetails/?id=610

This file can also be related to InfraRecorder.

http://infrarecorder.org/faq/

It seems it can also be related to malware according to some results from this Bing search :

http://www.bing.com/search?q=irsetup.exe&submit=Bing+Search


i did what Targ57 suggested saw no indigo rose in those hidden folders in system or system 32 and my in depth scan by avast 4.8 pro was clean i’m thinking this is related to Avast! External Control Tool by Excessive-software. i have never used any indigo rose programs or their set-up factory. i will forward this to tall emu it was showing in online armor as allowed in the keylogger section and as allowed in the program section. so its probably me being paranoid. but thanks for all that info and suggestion from both of you . i just happen to be looking through all the sections of my online armor and saw that key logger thing and was alarmed a bit. thanks for the warm welcome as well. :slight_smile:


You are welcome to the help.

Please come back often and learn more.


I have seen the irsetup.exe file used with RejZoRs Power Defragmenter so it may be used under similar defrag tools. This would have come from excessive software.

See image it shows my having kicked off a defrag, my firewall Outpost firewall Pro detects it and has a rule preset already for it.

man, you guys have really set my mind at ease, this forum rocks

No problem, glad I could help.

Welcome to the forums.