LookinAround
Posts: 6,429 +186
hmm; concerned with Look@Lan
I just found it also installs
C:\WINDOWS\iun6002.exewhich has been reported as a KeyLogging tool
regedit contains only one enter; that with the Uninstall of Look@Lan, which implies
the application has to explicitly launch iun6002.exe
I've elected to disable Look@Lan
Caveat Emptor,
Jeff
hmm..... Caveat Emptor??
How about.... Scientia est potentia!
- On the one hand, one should only download and use software they want on their computer
- On the other hand, it's helpful to be knowledgeable about the big picture and look beyond a single data point (especially as we know about things called false positives)
!!! It's reporting a warning on something debunked and declared a false positive circa 2006 - 2007 !!!
- Your malware scanner is spitting out false positives and/or
- How up to date (and how good?) are its malware definitions?
Here's the "bigger picture" (for a more balanced assessment)
- Start with the fact that Look@LAN is available for download from numerous trusted web-sites which pre-screen for malware. I provide just a few example sites below. You should also note: these 3 sites alone have already downloaded Look@LAN tool over 600,000 times! (and they continue to do so!)
- Warnings about C:\Windows\iun6002.exe were pretty much debunked and declared false positives circa 2006-2007
- iun6002.exe is the uninstaller portion of Setup Factory 6.0 from www.indigorose.com
- As an uninstaller it deletes files, gets invoked via the registry and takes other actions which a malware scanner could honestly misinterpret as a false positive
=> Except this particular file and issue of false positive was addressed years ago
=> Here's just one of the many old threads to be found on the topic. It's from Emsi software (manufacturer of trusted anti-malware products - also see my P.S. below)
=> Yet this issue is still not fixed in your scanner of choice! (IMHO: that would make me wary of the scanner itself)
iun6002.exe will be installed by ANY application installer that is built with Setup Factory, be it legitimate or malicious. The presence of this file on a machine is NOT an indication of infection, just as finding unwise.exe (WISE installer) or unins000.exe (InnoSetup installer) on a system doesn't indicate an infection even if malware used that application to build it's installer. - I'll add that i've been using Look@LAN for years. Never had a problem. Never had any scanner ever report it as problem
P.S.
wrt Emsi Software and for anyone reading, here's another of my freeware tool tips!
Checkout another great and free! malware prevention tool from Emsi Software: a-squared HiJackFree 3.1