1. /
  2. Security Response/
  3. Adware.Ipinsight

Adware.Ipinsight

Updated:
February 13, 2007 11:32:50 AM
Type:
Adware
Version:
Not available
Publisher:
IPinsight
Risk Impact:
Medium
File Names:
ipinsigt.dll,ipinsight.exe,sentry.exe,sentry.dll,Belt.exe
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

When Adware.Ipinsight is installed, it does the following:
  1. Creates the folder %ProgramFiiles%\ip.

    Note: %UserProfile% is a variable that refers to the current user's profile folder. By default, this is C:\Documents and Settings\[CURRENT USER] (Windows NT/2000/XP).

  2. Creates files in %Windir% folder.

    Note: %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.

  3. May drop the file %Windir%\Sentry.ini

  4. Creates the following registry subkeys:

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
    \App Management\ARPCache\IPInsight
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
    \Uninstall\IPInsight


  5. Adds the values:

    "Sentry"=%windir%\sentry.exe"
    "Belt"=%windir%\Belt.exe"
    "conscorr" = "[PATH TO THE ADWARE FILE]\conscorr.exe"

    to the registry subkey:

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run


Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver