Removing Chinese Baidu Antivirus. Baidu - what is this program

Today we will learn how to clean a computer from the Chinese Baidu virus, which installs unnoticed by the user and significantly slows down the entire system. In addition to removal methods, you will learn how to protect yourself from such unpleasant surprises in the future and who benefits from spreading a virus that does not steal anything from you.

What is Baidu?

This virus has a very unusual history: its only purpose is an attempt to “tarnish” the reputation of Baidu, which, in fact, has nothing to do with this infection. Baidu is one of the major Chinese search engines (Like Yandex with us), and not so long ago they released a real, quite good and free antivirus(It uses not only its own developments, but also the engine of the popular product Avira Antivirus, which confirms its reliability). You can download the genuine product on the official website.

But soon after this, unknown persons began actively distributing this malware, which in appearance is very similar to the original antivirus, but is just “garbage” with the Baidu logo. The provocation was a success: almost no one here has heard of such a search engine and its useful products, but when it is mentioned, the first thing people remember is the virus.

Step 1: Initial removal.

Download 4 programs to your computer:

1. UltraAdwareKiller 0.1.0 (32-bit version | 64-bit version)

If you don't know which version of UAK (32-bit or 64-bit) to use, right-click on the My Computer icon → Properties. Pay attention to the line “System type”:

Restart your computer in safe mode with the support network drivers. To do this, during the reboot, until the Windows logo appears, press the F8 key on the keyboard several times. As a result, the following window will appear:

Go to Add or Remove Programs:

Windows XP:

Windows 7:

Windows 8:

Baidu An (Antivirus):

Select the program (blue icon), click “Delete”.
When a window with Chinese characters appears, select the button with a white background in the lower right corner, DO NOT touch the blue one:

The second window is similar:

Baidu SD:

Here the first window turns out to be more confusing: first click on the disgruntled horned Chinese, and only then press the white button.

Next is the white button again. Removal is complete.

Step 2: Final cleaning.

1. First, launch AdwCleaner.

In the main program window, click “Scan”.
The program will check everything from shortcuts to files, folders and registry entries. Upon completion, in each of the tabs you can see what exactly she found and, if necessary, prevent her from deleting an element by unchecking it.

When the scan is complete, click Clean. The program will ask you to restart your computer. Do this, but don't forget to enter Safe Mode again like last time.

If AdwCleaner refuses to work in safe mode, skip this step and move on to the next utility:

2. Now it’s UltraAdwareKiller 2.0.1.0’s turn:

Important: before using the program, disable your computer's Internet access! It is this version that copes well with the Baidu pseudo-antivirus, but after the update it stops finding it. Therefore we prohibit it.

In the main program window, click “Start scan”.
Once the scan is complete, UAK will display a list of files it has found that it is ready to delete. Make sure they are checked and then click “Cleanup”.

Important: Make sure that only Baidu viruses are checked, because By default, the program can also mark, say, extensions for your browsers that you use. Be careful!

3. Latest version UAK

Since this virus changes from time to time, for complete peace of mind you can now run the latest version of UAK. We perform the same actions and delete everything that is found. You can now boot your computer as usual.

If AdwCleaner did not want to work in safe mode, now is the time to launch it by running the check as described above.

Finally, run this program and check the registry:

Click “Clear”, and after removing all the errors found, check again. Very often, the second and subsequent scans find many more errors. Repeat this procedure (usually 5 times is enough) until nothing is found.

How to protect yourself from such viruses?

There are 2 rules:

1. Verified sources of downloaded files. When downloading anything from an unfamiliar site, it is very easy to stumble upon a file wrapped in a so-called “downloader” - an advertising module that, along with the content you need, also installs a lot of useless or harmful software. It can also change the start pages in browsers, add various unsafe plugins, etc.
2. Pay attention to what is written during installation (especially if the installer is in a language you don’t know). Many users, when installing software, simply press the “Next” or “Accept” button until a window with an installation scale appears. But it is during the pre-installation stages that you are often asked to voluntarily install this or that application, to which you agree by clicking “Next”. It is impossible to give an unambiguous recommendation, because... appearance and the button layout often differs, but in the case of Baidu it looks something like this:

Various Mail.Ru and Yandex products are often installed using the same principle. This type of spread does not necessarily mean that you will get the virus, but the likelihood is high, as we have already seen in this material.

Conclusion

Baidu's roots are quite deep, but thanks to programs that specialize in adware, its removal does not take much time. Fortunately, this virus does not pose a danger, but it can seriously spoil your nerves, slowing down the system as a whole.

There is one Chinese antivirus – Baidu. And, they say, it’s quite good. Personally, I haven’t installed it yet, so I can’t say anything about it. But the trouble is that it has a bad reputation among users. This happens due to the fact that various malicious programs disguise themselves as Chinese antivirus (for example, Baidu An, Baidu Sd and others) and, working on computers, ruin the lives of their owners. These malware slow down the system, change home page in browsers, display various advertisements in them, download unwanted software from the Internet, and install toolbars for browsers.

Like this Chinese canoe gets to the computer? As a rule, this happens when you download some program on some “murky” site. And then during its installation, this same Baidu is additionally installed on your computer. Moreover, this process usually takes place in hidden mode, and you can't even refuse to install it.

As an IT specialist, I am surprised by the fact that most of these Chinese programs are digitally signed by Baidu. In essence, it turns out that these are “legal malware”.

With this, I think I’ll finish my introductory remarks and move on to answering the main question: “ How to remove baidu from computer?”.

In this article I suggest you two ways to get rid of Baidu. The first is the removal of Baidu in automatic mode using AntiSMS program. Second - manual removal of Baidu.

If you choose the first option, you will need to create bootable USB flash drive with the AntiSMS utility and then boot the infected computer from it. Then she will do everything herself. This method is described in detail here. We open it and do everything as it is written there.

If this method seems complicated to you or it did not help, then we will remove baidu almost manually. I’ll say right away that this process is not quick: you won’t be able to solve the problem by pressing one button.

So let's get started:

1. Stop Baidu services. On the infected computer, go to “Start” – “Control Panel” – “Administration” – “Services”. In the list we find a service with the name Baidu(or something similar). In my case, the service “ BaiduHips”:
Open it by double-clicking and click the “Stop” button. If you don't have any services related to Baidu, just leave here.

2. Finish Baidu processes. Call “Windows Task Manager”. To do this, you can right-click at the bottom of the screen on the taskbar and select “Start Task Manager”:

Here we go to the “ tab Processes" Let's sort all processes alphabetically by clicking on the “Image name” column. Now let's see what we have here with the letter B. This screenshot shows that there are as many as six Baidu processes running on the computer:
You can right-click on each process in turn and select “ Open file storage location" After this, a window will open, in the top line of which you can see the full path to this file. But you don't have to remember this path.

Right-click on each of these Chinese processes and select “ End the process" The system will ask if you really want to complete it - click the “End Process” button again.

It is possible that not all Baidu processes can be completed. A window may appear: “The operation could not be completed. Access denied". No big deal - just skip it:

3. Remove Baidu from startup. To do this, you can use the standard Windows tool(“Start” – “Run” – msconfig– “Startup”), but I suggest using the utility CCleaner.

Let's launch CCleaner(if you don’t have it, you can download it) – select the “” tab on the left. In the window that opens, we find a program in which the word “ baidu" Right-click on it and select “Delete” – “OK”. There may be several of these here. It’s not a fact that they can all be removed.

4. Remove Baidu using the standard Windows uninstaller. Go to “Start” – “Control Panel” – “Programs and Features” (“Add or Remove Programs” in Windows XP).

Here we organize the programs by installation date(to do this, click on the “Installed” column). Those. at the very top will be displayed those programs that were installed recently. In my case, the Chinese programs were on top:

It is possible that you will not have them here.

We try to remove these programs from the computer: select the first one and click the “Delete” button. The following window will open, in which we click on the highlighted hieroglyph:

In general, the entire removal process is purely intuitive, because I don’t know Chinese characters (I think, like most of those reading this article 🙂).

In the following windows, click the buttons that are highlighted for me:

In the last window you can check all the boxes:

One program has been removed!

Now delete the following:

5. Now let's use a very good utility for removing various Adware, which is called. It is completely free and does not require installation.

Download the program. After that, launch it - click the “ button Scan" At the end of the scanning process, press the “ Clear" The program will then ask to restart a computer– we agree:

6. As soon as the computer reboots, we immediately begin to press the keyboard many times F8 key in order to get into Safe mode. This must be done, otherwise all the actions we have performed so far will be in vain - You can completely clean your computer from Baidu only in Safe Mode.

So, press the key F8 when the computer boots. After some time, this screen will appear in front of us:
Using the arrow on the keyboard, highlight the item “ Safe mode” and press the Enter key.

After Windows boots into Safe Mode, go to “Computer” (“My Computer”). We don’t pay attention to the fact that all the icons on the desktop are large, the screen resolution is low and in general the appearance is not very familiar.

Type the word in the search box baidu and press Enter:

We wait a while until the system finds all the paths on the computer where Baidu is located. When the list is finally built, delete all folders and files that are related to baidu:

If suddenly a malicious file is found somewhere in system folder, then the folder itself, of course, cannot be deleted - we delete only this file.

I will give an example of which folders the files can be located in baidu(including hidden files):

C:\Program Files (x86)\Baidu\
C:\Program Files (x86)\BaiduEx\
C:\Program Files (x86)\Baidu\BaiduAn\3.0.0.3971
C:\Program Files (x86)\Baidu\BaiduSd\2.1.0.3086
C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.1.0.733

C:\Program Files\Baidu\
C:\Program Files\BaiduEx\
C:\Program Files\Common Files\Baidu

C:\Users\Public\Documents\Baidu\
C:\ProgramData\Baidu\
C:\Users\your computer name\AppData\Roaming\Baidu
C:\Users\your computer name\AppData\Local\Baidu\Baidu\1.3.1.157

Baidu files can also be located on the system under the guise of drivers. Here is a list of such files that need to be found and deleted manually:

C:\Windows\System32\Drivers\BDMWrench.sys
C:\Windows\System32\Drivers\BDSafeBrowser.sys
C:\Windows\System32\Drivers\bd0004.sys
C:\Windows\System32\Drivers\BDMNetMon.sys
C:\Windows\System32\Drivers\BDArKit.sys
C:\Windows\System32\Drivers\bd0003.sys
C:\Windows\System32\Drivers\bd0002.sys
C:\Windows\System32\Drivers\bd0001.sys
C:\Windows\System32\bd64_x86.dll
C:\Windows\System32\bd64_x64.dll

After all folders with Baidu files have been deleted, run the search again: maybe there is still something left. Then restart your computer.

7. Once the computer restarts, Baidu should no longer be on it. But I still recommend finally scanning your computer with the program Malwarebytes Anti-Malware .

You can download Malwarebytes Anti-Malware from the official website ( free version quite enough). We install it and launch it. In the window that opens, click the link “ Update Now” to update antivirus database programs. Then press the big button “ Scan Now” to start checking:
Upon completion, you will see a window with a list of malicious components found (if, of course, they still remain in the system). In this case, press the button “ Apply Actions" ("Take action"). After cleaning, be sure to restart your computer.
After removing all malware from your computer, you can uninstall Malwarebytes Anti-Malware.

What is Baidu? Initially, it was positioned as a good Chinese antivirus, but someone had the crazy idea to start spreading it across the network as a virus.

In the vast majority of cases, the user will not even realize that this software has appeared on his machine, since the installation process is hidden and carried out automatically.

You won’t even have the opportunity to refuse dubious software.

A logical question is brewing: how to remove baidu from a windows computer so that the computer starts working again as it should.

Preliminary preparation

First of all, you need to copy all available addresses on the disks where the miracle antivirus is found. For these purposes, launch the task manager. You can do this in 2 ways:

1. CTRL+ALT+DEL;
2. Right-click on the Start panel and select the desired menu.

In the manager, you need to find and open the tab with processes, and then sort out the malware.

To do this, click on the “image name” column to arrange all running programs and applications in alphabetical order.

The “Description” column will help you localize the Chinese spy - he will identify himself with hieroglyphs.

In this case, you can observe as many as 6 processes that were opened to support the main one.

Create new document in a notepad into which you will copy the address of the running application.

The algorithm is incredibly simple: right-click on the task and select the item indicated in the screenshot.

You will see a window with the location. All that remains is to find out the full address, which we will need more than once. We copy this set of characters into our document.

For each process (we had 6 of them) we do the same. Remember that this is very important, and even if the paths are repeated, still copy them into the document.

At the end it will look something like this.

Your path may be different, so don't pay too much attention to the example. Only the algorithm and sequence of actions performed are shown here.

Uninstalling software

Despite the fact that the uninstallation takes place in Chinese, which is incomprehensible to many, there is nothing complicated about it. The main thing is to be careful.

First you need to go to “uninstall programs”. Click “Start” - “control panel”. The item you are looking for, by the way, may also be called “programs and components.”

We wait until the entire list of software is loaded and find a malicious product with a blue label. We are not interested in green.

Right-click on it to delete.

You will see a rather unusual Chinese window. Now you will have to rely only on screenshots with explanations, because confusing the button is as easy as shelling pears.

Click on the highlighted key.

A window will appear with a question mark and a strange request. Click on the left set of hieroglyphs, as shown below.

This way you confirm the deletion. Now all that remains is to wait while the set of executable files is uninstalled. Don't rush to rejoice, because at the end the window will come out again.

We press the only button, but under no circumstances do we check the boxes anywhere.

Now let’s remember about the second program with the “green” label. You need to get rid of it this way.

Do this until you are finally convinced that the system is more or less “cleansed” of foreign infection of the Chinese type.

Note! If you think that's all, you're wrong. Open the task manager again and make sure that Baidu is still functioning, but to a lesser extent. Now you need to “kill” all residual processes.

Let’s say right away that doing this in the standard way will not work. You will see the following message.

You have partially gotten rid of the unwanted guest. All that remains is to clean out all unnecessary debris. For this you will need one Text Document, which was created at the very beginning of the process.

First, reboot into safe mode. Press restart and periodically press F8 on the keyboard. If everything is done correctly, a window like this will open.

We are interested in “Safe Mode”. Open this item using the arrows and pressing Enter. Now Baidu will not be able to start because we have revoked its rights.

All that remains is to “finish off” the unfortunate antivirus.

Open notepad, copy the first path and paste it into Start - the “Run” line. Press “Enter” and go to the desired address.

You see several folders with the desired name, which you need to delete permanently.

Using the previously copied paths, we delete everything related to malware.

Now that you have done all this cumbersome and time-consuming work, and you have managed to remove baidu antivirus from your computer, you can safely reboot the system into normal mode and enjoy the absence of extraneous software.

Advice! Additionally, we would recommend installing a special cleaning program like CCleaner or Auslogics BoostSpeed. With their help, it would be a good idea to thoroughly scan and clean drives C and D, and then fix possible mistakes registry This will only benefit you. At the same time, you will finally make sure that you have removed unnecessary software.

Now you are once again convinced that downloading anything on the Internet from unknown and dubious sources is fraught with danger.

At best, you may download the wrong file. At worst, you get a virus, or some miracle antivirus, and you won’t even know that it has penetrated your system.

If you are not sure, ask a knowledgeable person to help you, or learn to use torrent trackers and safe resources where there is no such disservice. Good luck to you.

How to remove Baidu from your computer. Baidu how to get rid of the Chinese program

How to remove Baidu antivirus from Windows computer forever? detailed instructions

If you are reading this article, then you are one of those lucky ones who discovered the Chinese Baidu antivirus on your computer, along with several others of the same name and unnecessary programs. And most likely, you have already tried to remove them, but without success. Which is due to the cunning and persistence of their creators. In addition, in addition to the antivirus itself, malicious or adware programs like to be registered under the name Baidu, which must be removed using a certain algorithm.

Before proceeding directly to uninstalling programs, you need to start your computer in "". To do this, restart it and after loading the BIOS, click " ". Afterwards, a menu will appear as in the screenshot, where select a simple “Safe Mode”.

Step #2. We end all Baidu processes.

If this happens, then we simply skip this process.

Step #3. Remove Baidu from Startup.

Step #4. Removing the body of the Baidu program using Windows.

1. In the Control Panel, open Programs and Features.
   
   
2. Where we look for names like those shown in the image.
   
   
3. Select the first one and click the delete icon. This will open a window with an uninstaller, the only drawback of which is that it is in Chinese. Therefore, follow the removal instructions based on our instructions in pictures.
4. In the first window that opens, click the icon as indicated by the arrow.
   
   
5. In the second.
   
   
6. Further.
   
   
7. And in the last one, click on these hieroglyphs.
   
   
8. This was the first one. Let's move on to the second one.
   In the first window, check all the boxes and click on this icon.
   
   
9. In the second.
   
   
10. In the third and last.
    
    

Actually, the process is intuitive, and if you did something wrong the first time, it will definitely work out the second time.

Step #5. Cleaning through the registry.

We repeat this with everything we find.

Having deleted everything, restart the computer and check if all files have been deleted. Remember the saved file paths taken from the “Task Manager” that you wrote down in Notepad in the second Step?

Open Notepad and Explorer and copy the file paths from Notepad into the address bar of Explorer. If there is nothing, congratulations - you did it. Baidu files have been completely deleted.

In the vast majority of cases, Baidu is a free “trailer” for various utilities and files that can be “caught” when downloading them from the Internet. In this case, it is installed in hidden mode, and then begins to actively interfere with the operation of the computer or laptop, causing a completely justified desire to remove it. Note that, judging by the number of requests and comments regarding the removal of this Chinese program, getting rid of it is not so easy, but it is possible. We have selected for you some of the most effective methods remove Baidu.

One of simple ways– using the Baidu uninstaller itself. To do this, find the Baidu folder, and in it there is a file called “unins”. Launch it and in the window that appears, click the left one of the two virtual buttons located below. Don’t be confused by the Chinese characters - in each subsequent window, repeat the procedure until you see a window with uninstalling the program. If in one of the windows you see fields with places for ticks, feel free to put them everywhere and press the same left button. You can “clean it up” using the Unlocker utility. You can also deal with Baidu using the Autoruns program. The most effective way is through safe mode. Therefore, we boot the OS in safe mode, and in it, through “Start” using “Search”, we find everything related to Baidu (folders, files). Then we launch Autoruns utility and in the startup section we repeat the procedure for deleting everything associated with this Chinese program. To consolidate the result, you can also go to the “ Installation-removal programs" in the same safe mode and repeat the removal (if there is anything left there).

The more authentic way is to remove Baidu using the “Task Manager”. It starts with launching the “Task Manager”, which can be done through the key combination “ Ctrl + Alt + Delete" or by clicking on the start panel with the right mouse/touchpad button. In both cases, select “Task Manager” in the window that appears. In the “Dispatcher...” itself, go to “Processes” and find everything related to the word Baidu. Now we copy all the paths to this unnecessary Chinese program, for which we create a text document on the “Desktop” (Word, notepad - at your discretion), open it and return to the “Task Manager”. In it, on each process “marked” with hieroglyphs or the word Baidu, right-click and check “Open file storage location”. Here another Windows Explorer window will open, where we click on the address bar, copy from it the path to the process we have selected and transfer it to an open text document. We do this with every process whose name contains the word Baidu or Chinese characters. Text file save and close. Let's proceed to the direct removal of Baidu in a standard way– through a special system program “Add or Remove Programs” (“Remove a Program”, “Programs and Features”). You can access it through “Start” and “Control Panel”. Having opened the program, we again look for and delete all programs with the word Baidu or hieroglyphs. They are deleted via the right mouse button or touchpad.

We complete the process Baidu removal using the “Task Manager” by restarting the computer or laptop in safe mode (via F8). After entering it, in the previously created file with the paths to the Baidu folders, copy the first of them and paste it through “Start” into the “Search programs and files” line. Find the Baidu file or folder and delete it. We repeat the procedure with each path saved in the file. And as a final point, we reboot the computer.

Since Baidu often drags along a couple of other programs, the method that is effective in your case can be used to remove them. We also recommend that after all operations to remove Chinese programs, you clean your PC using CCleaner.