Home

Our Services

	About
	Advertising
	Bespoke Software
	Contact Us
	Hosting Services
	Security Consulting
	Terms
	Web Solutions

Members

	BBcode FAQ
	Downloads
	Forums
	Forum FAQ
	Forum Rules
	Groups
	Your Account

Site News

	Forum News
	Stories Archive
	Topics

Tools

	Button Maker
	Domain Registration
	HTTP Return Codes
	Google PR
	MD5 Encrytion Tool
	Search
	Secure Your Email
	Web Links

Manual's

	Memory Terms
	Hex Colour Codes
	PEAR Manual
	phpBB 2.0 D.A.L.
	phpNuke How To
	Web Development

Guides

	Google Guide
	Online Advertising
	Yahoo Guide

Sentinel

We have caught 5883 shameful hackers.

NukeSentinel(tm)

Paypal Referral

Link Exchange

Join our free link exchange

Click Here

Yahoo! Assistant

Yahoo!

Yahoo! Assistant

From Wikipedia the free encyclopedia, by MultiMedia

Back | Home | Up | Next

Yahoo! Assistant, formerly named 3721 Internet Assistant, is a Browser Helper Object for Internet Explorer developed by Beijing 3721 Technology Co. Ltd, and was renamed to Yahoo! Assistant after Beijing 3721 Technology was acquired by Yahoo!.

3721 Internet Assistant, together with 3721 Chinese Keywords, are known as Spyware by Microsoft AntiSpyware, and malware or browser hijacker by some others, such as Panda Antivirus

Distrubution

3721 Internet Assistant was originally released as a normal client-server application. However, it turned to use ActiveX technology to install itself on a client system later and was also shipped with many sharewares as default install options. 3721 Internet Assistant was also blamed for its use of a flaw in Microsoft Internet Explorer to install itself automatically when a user is browsing an array of 3721 sponsored personal and commercial websites with Microsoft Internet Explorer. Yahoo! Assistant is also included in 3721 Chinese Keywords and Yahoo! Mail Express, but sometimes the whole package of Internet Assistant, Chinese Keywords and Mail Express is named "Yahoo! Assistant" in some sharewares.

Features

3721 claims 3721 Internet Assistant includes a lot of useful features, such as IE setting repair, security shield, removal of internet history information and blocking ads. However, it installs various windows hooks that will slow down the system, and tries to install the hooks repeatedly. Some users also reported that Internet Assistant buttons reappeared immediately after their manual removal using Internet Explorer customization features, and Blue Screen of Death appeared when using Internet Assistant.

Blocking popup ads

A test using http://www.kephyr.com/popupkillertest shows 3721 Internet Assistant can block roughly half of popup methods itself when the built-in popup blocker in Windows XP SP2 is not present or is turned off.

Internet Explorer Extension Management

3721 Internet Assistant can enable/disable individual Internet Explorer extensions, except the advertisement links and extensions installed by Yahoo products.

Concealing

3721 Internet Assistant processes are running as "Rundll32.exe" in Windows Task manager. If one is killed, it will be revived by others immediately.

A driver named CnsMinKP.sys is installed with 3721 Internet Assistant, along with several hidden Windows services.

After uninstallation, several files are left on the system, but they are not visible in Windows Explorer. They can be found by using tools such as Total Commander or in the DOS box.

Uninstall

3721 Internet Assistant, together with 3721 Chinese Keywords, according to Interfax, are regarded by Chinese internet users as "Hooligan" or "Zombie" applications. The uninstall program of the pair provided by 3721 simply redirects users to the 3721 website (in Simplified Chinese thus not recognizable except by Chinese speakers), and the default option of the web page is to keep 3721 Internet Assistant after the uninstallation. After following the web uninstallation wizard and a reboot, many 3721 files will still remain on the client system. The pair were ranked #1 by Beijing Association of Online Media in its list of Chinese Malware at 2005.

Because the pair used several kernel technologies to protect themselves, it is very difficult for many anti-spyware applications or IT professionals to remove them completely. For example, a driver named CnsMinKP.sys/vxd is installed with them and loaded even in Windows safe mode, and many kinds of attempts that try to remove 3721 files or registrys will be circumvented by this driver. For another, an incomplete uninstallation will trigger the "self-repair" feature that downloads missing files from internet. As a result, Microsoft AntiSpyware will enter an infinite loop when it is trying to remove the 3721 applications.

Step to block 3721 websites

Execution of following command lines may prevent a Windows NT/XP/2000 system from the automatic installation of 3721 applications when visiting many websites:

echo 127.0.0.1 cnsmin.3721.com >>%systemroot%\system32\drivers\etc\hosts 
echo 127.0.0.1 www.3721.net >>%systemroot%\system32\drivers\etc\hosts 
echo 127.0.0.1 www.3721.com >>%systemroot%\system32\drivers\etc\hosts 
echo 127.0.0.1 cn.zs.yahoo.com >>%systemroot%\system32\drivers\etc\hosts 
echo 127.0.0.1 cn.download.zs.yahoo.com >>%systemroot%\system32\drivers\etc\hosts

This will translate some 3721 websites to a local IP, thus block these websites.

External links

Yahoo!, made by MultiMedia | Free content and software

This guide is licensed under the GNU Free Documentation License. It uses material from the Wikipedia.

You can syndicate our News with backend.php

And our Forums with rss.php

You can also access our feeds via Feedburner Site News and LD Software Forums
© 2009 ld-software.co.uk All Rights Reserved.
PHP-Nuke Copyright © 2005 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.17 Seconds