Why Google's Gmail works for 3721?

Posted on 2005-05-17
Last Modified: 2010-03-17
For a few months, I have been bothered by the 3721. Although I could spend some minutes with the Ad aware to clear it, but it is annoying that it comes back again and again.
I did not know where it came from and searching online failed to have useful information.
So I spent the last few days clearing everything under safe mood and made a shortcut to the Progam Files, for me to check after going online.
Finally, on my notebook, I found that when I log on to Gmail, the 3721 files appeared in the folder.

I never doubt Google for it because 3721 is bought by Yahoo. It seems that I may be wrong that they are co-operating for whatever reasons we never know.

Does any expert know about this? Is there any way to avoid or just not to use Gmail? Is free services again is just a SCAM from the famous Google?
Question by:fhtong
    LVL 23

    Expert Comment

    I use Gmail and I have no problems.
    LVL 15

    Accepted Solution

    I believe that is spyware. I did some checking and it seems Trendmicro has a solution.

    This is another removal tool that works well

    Make sure that you don't have the program in your start folder. Attempt to disable it before it can rearm itself again.

    Its a nasty parasite, but you should be able to deal with it. Let us know if you need further assistance. Good luck

    Author Comment

    Thanks, Computron.

    From the link, it seems that confirmed my previous assumption (with another question) that the 3721 affected Chinese version only.

    After the posting of my question, I tested this morning and found that the same visit to was without the 3721 invasion. I am not sure whether they backed off because of the disclosure or not.

    I may keep this question open for awhile to get more attention because I really want to investigate not for the solution but for the confirmation of how 3721 be enforced.

    As for my finding yesteray, I am sure what I have found. Although I am not an expert, but I have been online over ten years and have good experience as an user and to solve lots of similar problem without any assistance before.

    With experts-exchange, I save a lot time. I must say that experts-exchange is the best site for me and all the experts are wonderful online friends.

    LVL 15

    Expert Comment

    It looks like it attaches to searchs you make. That is perhaps the connection with google. I found a few more links to provide additional information.

    Author Comment

    Thanks again.

    In fact, I shall keep a close look for what will happen later. If it is confirmed that the gmail is to blame, then I have to consider giving up the gmail account and look for other email solution.

    I am sure that this will not be the last case. Nowadays, we cannot trust big companies anymore. It has been my attitude to accept all types of commercial etc. of any website because they have to survive, but not without notice and affects the PC of individual. May be there should be a law to punish the use of other's PC without approval, say certain amount per day.

    LVL 5

    Expert Comment

    check your host file

    under c:\windows\system32\drivers\etc\hosts

    open the file and check if anything that says google or gmail. delete the line

    sounds like u got hijacked.

    secondly, check your start up programs. make sure nothing says 3721 or anything suspecious.

    Author Comment

    Thanks, chiingliang
    I follow your advice and cannot find evidence of google or gmail. That may be a point for me to confirm the problem.
    Perhaps it is better to say more about my previous evidence.

    I use a PC and a notebook. The PC has three hard disks, each has different Windows, viz. (1) Windows 2000 Chinese Traditional, (2) Windows 98 Chinese Simplified and (3) Windows 98 English.

    Windows 2000 Chinese Traditional - is my major daily system for all works including calling my Gmail account
    Windows 98 Chinese Simplified - is used to browse Chinese Daily News and one of my Gmail account in Chinses Simplifed name
    Notebook (Windows XP) - is used to browse two Gmail accounts of my clients.
    All these three systems are infected by 3721.
    I cannot confirm anything with the Windows 2000 Chinese Tradition because of daily visits of many sites.
    Windows 98 Chinese Simplified - Chinese Daily News is Chinese official site and will not work with any commercial activity, so I began to worry whether it was Gmail.
    After reboot in safe mode for PC and notebook as well, run Ad Aware and clear accordingly, then erase the 3721 folder (in Program Files).
    To have a fast checking, I made a shortcut to Program Files for the PC and notebook.
    My notebook has a Chinese Anti-virus program "Jiang Min".
    I started IE with the notebook, enter, after loading the "Jiang Min" jumped up with a notice that there was an intrusion for the reg. Then I checked the shortcut for Program Files, a folder 3721 appeared.
    The next step was, of course, reboot in safe mode and delete the folder 3721.

    Basing on this, so I posted my question, hoping to get advice. As mentioned, after my post, I tested again the next day with the notebook and there was nothing happened. Together with your advice to find the evidence, I can say that there is not evidence anymore.

    That is why I said that I shall keep on checking this case with the same way. If that wil happen again, I shall follow your suggestion immediately to look for evidence.

    This question will be close very soon.

    Thanks again.

    LVL 6

    Expert Comment

    If you still suspect Google, or if you ever have a problem, I'm sure they'd love to hear from you, there are some good people working there.

    From within Gmail, you can click on Help, Contact Us, and then filter through the options till you arrive at your issue. Or, sign into gmail, then go to


    Author Comment

    Hi, all.
    This morning, after clearing the 3721 with Ad Aware under Safe Mode, then I start the Windows 2000 Chinese Traditional. Open the Program Files, there is no folder of 3721.
    After opening IE, I check again, no 3721.
    Then I browse, after page loaded, then I check the Program Files, there is a 3721 folder.
    Is it possible that 3721 can slip into and take a free ride to intrude?
    If not, then why browsing will have the 3721 files created in Program Files?
    I follow Bernie's link to check services. and cannot find anything related to 3721.
    I wish that anyone with Windows (Chinese) to follow my way to investigate.


    Author Comment

    After the last post, I try again to verify the situation.
    It is found that after clearing the 3721 folder, started with the IE browser, the first one was OK without problem.
    Then I went to other website, not Google, the 3721 folder appeared again. So it is confirmed that it has nothing to do with Google. It is the next site that bought up the problem.
    Now I think that it is the auto backup has been locked to 3721.
    I have searched the 3721 and the result indicated that /WINNT/Repair/RegBack had the 3721.
    Is there a way to work it out?
    LVL 15

    Expert Comment

    Did you follow the removal instructions for the link I gave at the top ? The files and registry settings are important to remove.

    Author Comment

    Computron, I have checked your reference. In fact, the Ad Aware has found those files and duly deleted.
    I can use Registry Editor and Taskman in my PC due to unknown reason and I am checking for the solution. It is possible that I have to reinstall the Windows.
    For the time being, I just spend something to reboot in safe mood and use Ad Aware to clear the 3721.
    The thing that I need is to locate from which site the 3721 is linked. Then that site will never be visited anymore. Of course, if I can confirm, I shall tell everyone to abandon that site forever.

    Author Comment


    the second line should be:

    I cannot use Registry Editor and Taskman in my PC due to unknown reason and I am checking for the solution. It is possible that I have to reinstall the Windows.
    LVL 15

    Expert Comment

    If you go to command prompt and do netstat -an to look at active connections. Its tough to help with Windows problems since we know nothing about your computer.

    Also, you can cehck out

    They have allot of utilities to help you see what is happening on your computer as it happens.

    Author Comment


    I have found information about 3721 in various forums of China. It seems that the dirty work of 3721 has angered many netizen. Of course, those affected are Windows Chinese version. It may be sad that there is nothing like expert-exchange in Chinese.

    My case is not yet over, although there is nothing happened to my PC for a few days. I am still using the same method to find out which site works for 3721. If there is any proof or even possible relation, I shall circulate that to everyone and of course, post here to alert everyone.

    Frankly speaking, I do not like 3721 even since their establishment. The first impression is right that such a guy would never be good, yet unfortunately this type of guy would become rich and powerful.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Free Trending Threat Insights Every Day

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Suggested Solutions

    This solves the problem of diagnosing why an internet connection is no longer working. It also helps identify the likely cause of the lost connection if the procedure fails to re-establish your internet connection. It helps to pinpoint the likely co…
    Sometimes you have to pull out old tricks to get a new firewall to work… While we were installing a new Sonicwall at a customers site we found that sites they were able to visit before were not working.  It seemed random and we could not understa…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now