IPInsight

Description

IPInsight is a process or IE Browser Helper Object that monitors addresses entered into web forms, ostensibly to try to make a database of physical locations of IP addresses.

Variants

IPInsight/Sentry: installs a process Sentry.exe and datafile Sentry.ini in the Windows folder. This variant cannot be detected by the script at this site.

IPInsight/Ipinsigt: a reimplementation of the original Sentry as a BHO, provided by IPINSIGT.DLL in the Windows folder. This code is based on theTransponder parasite from Mindset Interactive; there is even a leftover message from Transponder/VX2 in the code about the software opening pop-up ads, which it doesn’t!

IPInsight also make connection monitoring software that is included in some ISP’s installation discs. This is not the same software as the ‘IPInsight’ parasite and is not detected by the script at this site.

Distribution

Bundled with Morpheus 2 and software from Blue Haven Media.

What it does

Advertising

No.

Privacy violation

Yes. Any address information you enter into a form using Internet Explorer is leaked to the IPInsight’s servers, along with a unique ID. Their privacy policy claims any house number sent is ’rounded’ so as not to pass a completely accurate address.

Security issues

Yes. Can silently download and install updates.

Stability problems

No.

Removal

Some installations of IPInsight/Ipinsigt have an entry in Add/Remove Programs, which removes the software from the current setup adequately.

However it leaves a copy behind in the ‘last known good setup’ which may reappear if you boot using this option. Delete the file IPINSIGT.DLL from the LastGood folder in the Windows folder, and IPINSIGT.PNF and IPINSIGT.inf from the LastGood\INF folder. Finally you can remove IPInsigt from the hidden ‘inf’ folder in the Windows folder to clean up.

Spybot Search & Destroy can remove IPInsight.

Manual removal

Sentry variant: open the registry (Start->Run->regedit) and open the key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run. Delete the ‘Sentry’ entry. Reboot Windows and delete Sentry.exe and Sentry.ini in the Windows folder.

Ipinsigt variant: open a DOS command prompt window (Start->Programs->Accessories) and enter the following commands:

cd "%WinDir%\System"
regsvr32 /u "..\IPINSIGT.DLL"

Reboot Windows and delete IPINSIGT.DLL in the Windows folder. You can also delete the registry key HKEY_LOCAL_MACHINE\Software\IPInsight to clean up if you wish. Then see the LastGood removal instructions above.