Comments:Other than replacing the IE search feature with a Chinese site likely to be incomprehensible to non-Chinese users, CnsMin is not overtly harmful, but it uses extremely anti-social methods to make it difficult to uninstall. Is installed by ActiveX drive-by-download at its company's site, 3721.com. Has also apparently been included in junk e-mail, which could be how some Western users have ended up with it.
Removal Instructions:You cannot delete CnsMin whilst it is running; if you try to deregister it, it restores all its registry entries immediately. In Windows 95 and 98 you can boot without loaded it must be done by using Start -> Shutdown -> Restart in MS-DOS mode and typing the following commands:
cd DOWNLO~1
del cns*.*
del 3721\\*.*
rmdir 3721
exit
Then reboot.
In Windows NT/2000/XP it is possible to move the files so that they cannot be reloaded. Open the Command prompt (Start -> Programs -> Accessories) and type:
cd "%WinDir%\\Downloaded Program Files"
ren CnsMin.dll CnsDel.dll
Reboot and load the Command prompt again. Type:
cd "%WinDir%\\Downloaded Program Files"
del cns*.*
The first time you reboot after deleting or moving CnsMin you'll get an error about not being able to find it. Ignore this. To clean up the remaining traces of the software that cause this, open the registry (Start -> Run -> regedit) and delete the following keys:
HKEY_CLASSES_ROOT\\CLSID\\{B83FC273-3522-4CC6-92EC-75CC86678DA4}
HKEY_CLASSES_ROOT\\CLSID\\{D157330A-9EF3-49F8-9A67-4141AC41ADD4}
HKEY_CLASSES_ROOT\\CnsHelper.CH
HKEY_CLASSES_ROOT\\CnsHelper.CH.1
HKEY_CLASSES_ROOT\\CnsMinHK.CnsHook
HKEY_CLASSES_ROOT\\CnsMinHK.CnsHook.1
HKEY_CURRENT_USER\\Software\\3721
HKEY_LOCAL_MACHINE\\Software\\3721
HKEY_LOCAL_MACHINE\\Software\\InterChina
HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\AdvancedOptions\\!CNS
HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Extensions\\{5D73EE86-05F1-49ed-B850-E423120EC338}
HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Extensions\\{ECF2E268-F28C-48d2-9AB7-8F69C11CCB71}
HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Internet Explorer\\Extensions\\{FD00D911-7529-4084-9946-A29F1BDF4FE5}
HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\CnsMin
HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\CnsMin
|
