Updated: February 13, 2007 11:32:50 AM
Type: Adware
Version: Not available
Publisher: IPinsight
Risk Impact: Medium
File Names: ipinsigt.dll,ipinsight.exe,sentry.exe,sentry.dll,Belt.exe
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
When Adware.Ipinsight is installed, it does the following:
- Creates the folder %ProgramFiiles%\ip.
Note: %UserProfile% is a variable that refers to the current user's profile folder. By default, this is C:\Documents and Settings\[CURRENT USER] (Windows NT/2000/XP).
- Creates files in %Windir% folder.
Note: %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.
- May drop the file %Windir%\Sentry.ini
- Creates the following registry subkeys:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
\App Management\ARPCache\IPInsight
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
\Uninstall\IPInsight
- Adds the values:
"Sentry"=%windir%\sentry.exe"
"Belt"=%windir%\Belt.exe"
"conscorr" = "[PATH TO THE ADWARE FILE]\conscorr.exe"
to the registry subkey:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
