How to remove the Chinese program from the baidu computer. How to remove "Baidu" from the computer? How to remove Baidu: useful information

If your computer has Baidu program, then you probably already guessed that this “comrade” is not so easy to deal with. It takes a little effort to remove such malware. Now we'll figure it out how to remove baidu from computer.

Baidu is a program that is installed on a computer in various ways and begins to set its own rules on it: it immediately changes the home pages in browsers, starts broadcasting its ads to you, installs third-party extensions, and other software from the Internet without your knowledge. If you try to remove it, then most likely, without additional tricks, you will not succeed.

You can grab this canoe to your computer during the installation of another program that was downloaded from the Internet. This Chinese brand has an eponymous antivirus and an app Baidu Root, but they don't seem to do that much damage. Also, with this name there is a suspicious application to combat malicious software. In any case, whatever you want to remove from the above, we provide you with a solution to this problem below.

Remove Baidu manually

First of all, on system drive open directory Program Files and try to find a folder named Baidu in it. It may contain a file called uninstall.exe. Run it and uninstall in the standard way. It is quite possible that such simple action will be enough to get rid of an unwanted guest.

If it didn’t work out, then we will remove Baidu using more severe methods. Now we will show you how to do it yourself. If you don’t want to go into this much, and it would be much better for you to have everything done automatically, then you can immediately skip to the next section of the article. And if necessary, you can always look at this manual.

Open the task manager and try to find processes of the form, as suggested below. They can be very easily calculated from Chinese characters.

  • Baidu.exe
  • BaiduAnSvc.exe
  • BaiduSdTray.exe
  • BaiduHips.exe
  • BaiduAnTray.exe
  • BaiduSdLProxy64.exe
  • bddownloader.exe

Alas, the files associated with these processes are not easily deleted.

So we'll start sneaking into the program in a different way - through the Control Panel and working in Safe Mode.

And so, boot the system in Safe Mode and perform the following steps:

1. Launch the Control Panel and open the Administration section in it, then go to the Services tab. Here we need to disable all services related to Baidu (we have already shown above how to calculate them.

2. Open the Task Manager and try to find the processes that are still running. If you find something related to Baidu, feel free to click right click mouse, and select "End Task".

3. Delete all files and folders that are in any way related to Baidu.

4. Now we remove everything unnecessary from startup. To do this, you can use one of three methods:

a) Open the registry editor and edit the parameter responsible for autoload. (optionally you can search all parameters, search query"baidu")
b) By simultaneously pressing the Win + R keys, we call the "Run" window and enter the msconfig command. In the next window, open the "Startup" tab and uncheck the boxes for unnecessary software.
c) In the controller itself Windows tasks 8 or 8.1, open the startup tab and also disable everything unnecessary.

5. Open the settings of all your browsers and see the list installed plugins and extensions. If there is something from Baidu, delete it. Be sure to look into the properties of shortcuts that launch browsers. If extra additions, new parameters are found there, and suspicious paths are indicated, then bring everything back to its original form. It is best to delete the old shortcut and create a new one from the folder where the browser is installed. Additionally, we recommend that you delete all cookies and cache.

6. When any malware appears on your PC, you should always check host file and look at the proxy servers that are set in the connection properties (they can be viewed through the Control Panel by opening the Browser or Internet Options and in the Connections section expanding the Network Settings tab, there you will need to uncheck the box next to the "Use proxy" item, if it is installed.

After all these steps, it will be possible to reboot the PC and boot in normal, operating mode. But we do not recommend that you immediately forget about this incident. For better reliability, you need to scan your computer again and automatic utilities, which can detect Baidu leftovers missed during manual deletion.

We remove Baidu with special utilities

And now we will tell you how you can get rid of Baidu using special software tools. The only difficulty in this method is that you will have to use several utilities at once, since one may not be able to cope with its task.

To increase your chances of finding malware modules, we recommend using this free utility, How Revo Uninstaller. It happens that this program finds and removes what has escaped the gaze of the standard search or CCleanera. But you should not blindly trust the checks of one program, sometimes it also misses important details. So let's move on to the next one.

After checking the previous program, we advise you to use the following malware removal utilities in a row: Hitman Pro and Malwarebytes Antimalware. We already mentioned them in earlier articles, and the verification process was also shown in detail there. The interface of such software is quite simple and understandable, so it is not difficult to figure out how to work with them. To check your computer accurately, you can also use ADWCleaner.

When you have finished all the checks and removed everything that you can manually find, look again at all the services and tasks of the scheduler (you can use CCleaner for this purpose) and look at startup. Baidu components and settings should not be left anywhere.

Do some windows with hieroglyphs, rockets and shields constantly appear on the desktop? This is an antivirus developed by our Chinese brothers, which, in its essence, is exactly antivirus program. However, since this software is installed without the consent of the user and independently performs actions on the computer, it can be considered malicious. In this article, we will figure out how to remove the annoying Chinese virus.

The programs that will be discussed below are presented in two varieties - Baidu And Tencent. Both of them have similar properties and can run in parallel on the same computer. Pests are located in the appropriate folders.

C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.148966.2
C:\Program Files (x86)\Tencent\QQPCMgr\12.7.18987.205

Programs prescribe their components to startup, Explorer's context menu, start processes. Consider deletion using Baidu as an example. Both methods below are only the first stage, after its implementation, some more actions are required, but first things first.

Method 1: Uninstall using programs

To remove Chinese viruses from your computer, the easiest way is to use a program such as Revo Uninstaller. It is able not only to remove software, but also to clean the system from the remaining files and registry keys. In addition, Revo can detect those programs that do not appear in the list, including in "Control Panels" Windows.

In nature, there is also a utility AdwCleaner, with which you can try to remove pests.

Method 2: Standard system tools

Under standard means implied deletion using an applet "Control Panels" "Programs and Features".


If the program is not in "Control Panels", then you need to go to one of the paths indicated above and find a file with the name "Uninstall". After launching it, you should do the same steps with the removal.

Additional operations

Following the above recommendations, the Chinese virus can be removed, but some files and folders may remain on the disk, because they are blocked by running background processes. The registry will also necessarily remain "tails" in the form of keys. There is only one way out - to boot the system into "Safe Mode". With such a load, most programs do not start, and we can remove all unnecessary manually.

Read more: How to enter "Safe Mode" in Windows XP, Windows 8, Windows 10, via BIOS

  1. First of all, we enable the display of hidden resources. This is done by pressing a button. "Organize" and choice of item "Folder and search options" in any folder, in our case it is "Computer".

    In the settings window that opens, go to the tab "View", put the switch in position "Show hidden files, folders and drives" and click "Apply".

  2. To search for files and folders, you can use the standard Windows function or special programs.

    We drive the name of the virus into the search - “Baidu” or “Tencent” and delete all documents and directories that we can find.

  3. Next, go to the registry editor - press the key combination Win+R and write a command

    Go to the menu "Edit" and choose the item "Find".

    Enter the name of the virus in the appropriate field and click "Find next".

    After the system finds the first key, it must be deleted (RMB - "Delete") and then press the key F3 to continue the search process.

    We do this until the editor displays a message that the search is completed.

    If you are afraid (or just too lazy) to delve into the registry manually, then you can use the CCleaner program to clean up unnecessary keys.

    4. This completes the removal of the Chinese antivirus virus.

Conclusion

In conclusion, we can say that you need to be more careful when installing various programs, especially free ones, to your computer. Do not give consent to the installation additional software, uncheck all installers. These rules will help to avoid problems with the subsequent removal of any muck from the system.

There is such chinese antivirusBaidu. And, they say, quite good. Personally, I have not installed it yet, so I can not say anything about it. But the trouble is that among users it is notorious. This happens due to the fact that various malicious programs (for example, Baidu An, Baidu Sd and others) are disguised as Chinese antivirus and, working on computers, spoil the lives of their owners. These malware slow down the system, change the start page in browsers, display various ads in them, download unwanted software from the Internet, and install toolbars for browsers.

Like this Chinese canoe gets on the computer? As a rule, this happens when you download some program on some "cloudy" site. And then during its installation, this Baidu is additionally installed on your computer. Moreover, this process usually takes place in stealth mode, and you can't even opt out of installing it.

As an IT specialist, I am surprised by the fact that most of these Chinese programs are signed digital signature Baidu company. In fact, it turns out that these are such “legal malware”.

On this I, perhaps, will finish my introductory remarks and move on to answering the main question: “ How to remove baidu from computer?”.

In this article, I offer you two ways to get rid of Baidu. The first is the removal of Baidu in automatic mode using the AntiSMS program. Second - remove Baidu manually.

If you choose the first option, then you will need to create bootable flash drive with the AntiSMS utility and then boot the infected computer from it. Then she will do everything herself. This method is described in detail here. We open it and do everything as it is written there.

If this method seems complicated to you or it did not help, then we will remove baidu almost manually. I must say right away that this process is not fast: it will not be possible to solve the problem by pressing one button.

So let's get started:

1. Stop Baidu services. On the infected computer, go to "Start" - "Control Panel" - "Administrative Tools" - "Services". In the list we find the service with the name Baidu(or something similar). In my case, the service " BaiduHips”:
Open it by double-clicking and pressing the “Stop” button. If you don't have any Baidu-related services, just get out of here.

2. We complete Baidu processes. We call "Windows Task Manager". To do this, you can right-click on the bottom of the screen on the taskbar and select "Start Task Manager":

Here we go to the tab " Processes". Sort all processes alphabetically by clicking on the Image Name column. Now let's see what we have here for the letter B. In this screenshot, you can see that there are already six Baidu processes running on the computer:
You can right-click on each process in turn and select “ Open file storage location". After that, a window will open, in the top line of which you can see full path before this file. But remembering this path is not necessary.

Right-click on each of these Chinese processes and select “ End Process". The system will ask you again if you really want to complete it - click the “End Process” button again.

It is possible that not all Baidu processes can be completed. A window may appear: “The operation could not be completed. Access denied". No big deal, just skip it:

3. Remove Baidu from startup. To do this, you can use the regular Windows tool("Start" - "Run" - msconfig- “Startup”), but I suggest using the utility CCleaner.

We launch CCleaner(if you don’t have it, you can download it) - select the “” tab on the left. In the window that opens, we find a program in which the word “ Baidu". We click on it with the right mouse button and select "Delete" - "OK". There may be several of these. Not sure if they can all be removed.

4. Remove Baidu through the standard Windows uninstaller. Go to "Start" - "Control Panel" - "Programs and Features" ("Add or Remove Programs" in Windows XP).

Arranging programs here by installation date(to do this, click on the “Installed” column). Those. at the very top, those programs that have been installed recently will be displayed. In my case, Chinese programs turned out to be on top:

It is possible that you will not have them here.

We are trying to remove these programs from the computer: select the first one and click the “Delete” button. The following window will open, in which we click on the selected hieroglyph:

In general, the entire removal process is purely intuitive, because. I don’t know Chinese characters (I think, like most of those reading this article 🙂).

In the following windows, click on the buttons that I have highlighted:

In the last window, you can put all the checkboxes:

One program was removed!

Now remove the following:

5. Now we will use a very good utility to remove various Adware, which is called. It is completely free and does not require installation.

Download the program. After that, run it - click the " Scan". At the end of the scanning process, press the " Clear". The program will then ask to restart a computer- we agree:

6. As soon as the computer goes into reboot, we immediately begin to press the keyboard many times F8 key in order to get into Safe mode. This must be done, otherwise all the actions we have performed so far will be in vain - You can completely clean your computer from Baidu only in Safe Mode.

So let's press the key F8 when the computer boots up. After a while, the following screen will appear in front of us:
Using the arrow on the keyboard, highlight the item " Safe mode” and press the Enter key.

After Windows boots in Safe Mode, go to “Computer” (“My Computer”). We do not pay attention to the fact that all the icons on the desktop are large, the screen resolution is low and in general appearance not very common.

Type the word in the search box Baidu and press Enter:

We are waiting for some time until the system finds all the paths on the computer where there is Baidu. When the list is finally built, we delete all folders and files that are related to baidu:

If suddenly a malicious file is found somewhere in system folder, then the folder itself, of course, cannot be deleted - we delete only this file.

I will give an example in which folders files can be located Baidu(including hidden files):

C:\Program Files (x86)\Baidu\
C:\Program Files (x86)\BaiduEx\
C:\Program Files (x86)\Baidu\BaiduAn\3.0.0.3971
C:\Program Files (x86)\Baidu\BaiduSd\2.1.0.3086
C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.1.0.733

C:\Program Files\Baidu\
C:\Program Files\BaiduEx\
C:\Program Files\Common Files\Baidu

C:\Users\Public\Documents\Baidu\
C:\ProgramData\Baidu\
C:\Users\your computer name\AppData\Roaming\Baidu
C:\Users\your computer name\AppData\Local\Baidu\Baidu\1.3.1.157

Also, Baidu files can be located in the system under the guise of drivers. Here is a list of such files that you need to find and delete manually:

C:\Windows\System32\Drivers\BDMWrench.sys
C:\Windows\System32\Drivers\BDSafeBrowser.sys
C:\Windows\System32\Drivers\bd0004.sys
C:\Windows\System32\Drivers\BDMNetMon.sys
C:\Windows\System32\Drivers\BDArKit.sys
C:\Windows\System32\Drivers\bd0003.sys
C:\Windows\System32\Drivers\bd0002.sys
C:\Windows\System32\Drivers\bd0001.sys
C:\Windows\System32\bd64_x86.dll
C:\Windows\System32\bd64_x64.dll

After all the folders with Baidu files are deleted, run the search again: suddenly something else is left. Then restart your computer.

7. After the computer restarts, Baidu should no longer be on it. But I still recommend that you finally scan your computer with the program Malwarebytes Anti-Malware.

You can download Malwarebytes Anti-Malware from the official website ( free version quite enough). Install it and run it. In the window that opens, click on the link " Update Now” to update anti-virus database programs. Then press the big button ScanNow” to start checking:
Upon completion, you will see a window with a list of found malicious components (if, of course, they still remain in the system). In this case, press the button Apply Actions" ("Take action"). After cleaning, be sure to restart the computer.
After removing all malware from your computer, you can uninstall Malwarebytes Anti-Malware.

Today we will learn how to clean a computer from the Chinese Baidu virus, which is installed unnoticed by the user and noticeably slows down the entire system. In addition to removal methods, you will learn how to protect yourself from such unpleasant surprises in the future and who benefits from spreading a virus that does not steal anything from you.

What is Baidu?

This virus has a very unusual history: its only purpose is to try to “tarnish” the reputation of Baidu, which, in fact, has nothing to do with this infection. Baidu is one of the major Chinese search engines (Like Yandex with us), and not so long ago they released a real, quite good and free antivirus(He uses not only his own work, but also the engine of the popular product Avira Antivirus, which confirms its reliability). You can download the genuine product on the official website.

But soon after that, unknown persons began actively spreading this malware, which looks very similar to the original antivirus, but is only “garbage” with the Baidu logo. The provocation was a success: in our country, almost no one has heard of such a search engine and its useful products, but when it is mentioned, the virus is first of all remembered.

Step 1. Initial removal.

Download 4 programs to your computer:
  1. UltraAdwareKiller 0.1.0 (32-bit | 64-bit)
If you don't know which version of UAK (32-bit or 64-bit) to use, right-click My Computer → Properties. Pay attention to the line "System type":

Restart your computer in safe mode with network driver support. To do this, during the reboot, until the Windows logo appears, press the F8 key on the keyboard several times. As a result, the following window will appear:


Go to Add/Remove Programs:

Windows XP:


Windows 7:


Windows 8:


Baidu An (Antivirus):

Choose a program ( blue icon), click "Delete".
When a window with Chinese characters appears, select the button with a white background in the lower right corner, DO NOT touch the blue one:


The second window is similar:


Baidu SD:

Here the first window turns out to be more confusing: first we click on the disgruntled horned Chinese, and only then we press the white button.


Next - again a white button. Removal completed.

Step 2. Final cleaning.

1. First, run AdwCleaner.

In the main window of the program, click "Scan".
The program will check everything from shortcuts to files, folders and registry entries. At the end, in each of the tabs, you can see what exactly she found and, if necessary, prevent her from deleting some element by unchecking it.


When the verification is finished, click "Clear". The program will ask you to restart your computer. Do this, but don't forget to enter Safe Mode again like last time.

If AdwCleaner refuses to work in safe mode, skip this step and move on to the next utility:


2. Now it's the turn of UltraAdwareKiller 2.0.1.0:

Important: before using the program, disable access to the computer to the Internet! It is this version that does an excellent job with the Baidu pseudo-antivirus, but after the update it stops finding it. Therefore, we prohibit.


In the main window of the program, click "Start scan".
When the scan is complete, UAK will display a list of found files that it is ready to delete. Make sure they are checked, then click "Cleanup".

Important: make sure only Baidu viruses are ticked, because by default, the program can also mark, say, extensions for your browsers that you use. Be careful!


3. latest version UAK

Since this virus changes from time to time, for complete peace of mind, you can now also run the latest version of UAK. We perform the same actions and delete everything that is found. Now you can boot your computer as usual.

If AdwCleaner did not want to work in safe mode, now is the time to start it by checking it as described above.

Finally, run this program and check the registry:

Click "Clear", and after removing all found errors, check again. Very often, the second and subsequent scans find many more errors. Repeat this procedure (usually 5 times is enough) until nothing is found.

How to protect yourself from such viruses?

There are 2 rules:
  1. Verified download sources. When downloading anything from an unfamiliar site, it is very easy to stumble upon a file wrapped in the so-called "loader" - an advertising module that, along with the content you need, puts a lot of useless or harmful software. He can also change start pages in browsers, add various insecure plugins, etc.
  2. Pay attention to what is written during installation (especially if the installer is in an unfamiliar language). Many users, when installing software, simply click the “Next” or “Accept” button until a window appears with the installation scale. But it is precisely at the stages before installation that you are often asked to voluntarily install this or that application, with which you agree by clicking "Next". It is impossible to give an unequivocal recommendation, because. the appearance and layout of the buttons are often different, but in the case of Baidu it looks something like this:

By the same principle, various Mail.Ru and Yandex products are often installed. This way of spreading does not necessarily mean that you will get a virus, but the probability is high, as we have already seen in the example of this material.

Conclusion

Baidu takes root deep enough, but thanks to adware-specializing programs, it doesn't take long to remove it. Fortunately, this virus is not dangerous, but it can pretty much damage nerves, slowing down the system as a whole.

Not all Chinese antiviruses are equally useful. Don't believe? In vain! This fact has been proven more than once or twice by user practice. And, unfortunately, sad: some of them cause too many problems. Here is the free Baidu antivirus- also persona non grata (that is, an undesirable person) in operating system Windows.

Yes, the developers of the company of the same name from the Celestial Empire ardently and furiously declare that, they say, our brainchild tirelessly and continuously protects computers from hacker attacks and does not ask for money, and updates its signature databases, and everything else, of course, is necessary and effective. But all these positive properties fade against the background of their opposite - negative ones. Which, by the way, are more.

If "Baida" suddenly appeared in Windows, shout "Trouble!"

So, here are five reasons (or five troubles, whatever you want) indicating that you need to remove Baidu, and then not regret what you did:

  • spreads on the network using adware and malware virus modules;
  • arbitrarily, “silently”, is installed into the system (like a virus!);
  • is not removed from the OS when using the built-in uninstaller (the remaining drivers after cleaning and rebooting the system re-install Baida);
  • the procedure for removing individual elements of the antivirus is difficult (the developers have provided for the protection of registry entries and files from access);
  • The Chinese PC protection program in most cases conflicts with other installed anti-virus products: Windows performance slows down dramatically, the security level decreases, etc.

So, let's take a closer look at how to remove Baidu from your computer completely, "without noise and dust."

Uninstaller activation

1. In the "Start" window, go to the "Control Panel".

2. Activate "Uninstall a program".

3. In the installed software directory, as a rule, there are two Baidu components (they are easy to find in the list, since the names are indicated in hieroglyphs). Start the uninstall from the blue shield icon (guard module).

4. Select it with a mouse click, and then click the "Delete / Change" function in the top panel.

5. In the uninstaller panel, click left button(it is not highlighted in blue).

6. In subsequent requests, also activate the button located on the left.

7. When the uninstall process is complete, press the blue button at the bottom of the panel.

8. Return to the list of software and run the "green shield" uninstaller in the same way: left-click → Change/Remove.

9. To confirm the deletion of Baidu antivirus, click the left button at the bottom of the window. Also click it on subsequent requests.

10. When finished cleaning, click on the big green button to close the uninstaller window.

Disable services and processes

1. Restart your PC in safe mode:

  • during the restart process, hold "F8";
  • in the menu, use the cursor keys to set "Safe Mode";
  • press "Enter".

2. Disable the services that use the antivirus:

  • open the "Control Panel";
  • in the "View" setting, set "Large icons";
  • go to "Administration";
  • double-click the left button on the "Services" shortcut;
  • disable the services used by the antivirus (they are not difficult to identify by name): double-click on the service → select the "Disabled" setting in the "Startup type" option.

3. End the "baida" processes:

  • press "Ctrl+Shift+Esc";
  • open the "Processes" tab in the dispatcher window;
  • disable the active files of the BaiduProtect antivirus, bddownloader: right-click on the name → End processes.

Note. Baidu processes may have other names. Their characteristic feature is the presence of hieroglyphs in the description (see the corresponding column in the object field).

Startup cleanup

Autoload settings can be performed both with standard system tools and with the help of special utilities. We will analyze each of the options for solving the problem separately.

Method number 1: OS functions

1. Click "Start" and type in the line - msconfig, and then press "Enter".

3. Disable baidusdTray and other elements in the autoload, the name of which contains the name of the antivirus:

  • click to uncheck the box next to the element;
  • click "Apply" and "OK";
  • when exiting the "System Configuration" window, refuse to restart the OS.

Method number 2: CCleaner utility

  1. Launch CCleaner, select the "Tools" section.
  2. Activate the "Startup" panel by clicking on it.
  3. Click with the left mouse button on the element "canoes".
  4. Click Remove.
  5. Close the utility window.

Deleting remaining folders and files

1. Open the Program Files / x86 directories and delete the BaiduSD folder in them<номер версии>: Right click → Delete.

2. To completely remove all leftovers, scan your system for files named "baidu":

  • press the combination "Win + E";
  • in the line "Search: Computer" (located in the upper right corner), enter "baidu" and press "Enter";
  • delete all found objects in a standard way(command "Delete" or dragging to the "Trash").

3. Open the directory drive C: (or the partition on which the system is installed) → Windows → System32 → Drivers.

4. Delete the following files in the Drivers folder:

  • BDMWrench.sys
  • BDSafeBrowser.sys
  • bd0004.sys
  • BDMNetMon.sys
  • BDArKit.sys
  • bd0003.sys
  • bd0002.sys
  • bd0001.sys
  • bd64_x86.dll
  • bd64_x64.dll

Registry check

1. Press "Win+R".

2. Enter the regedit command in the "Run" field, click "OK".

3. In the registry editor interface, open: Edit → Find (or "Ctrl+F").

4. In the "Find" line, enter the query "baidu". Start the directory analysis with the "Find next" button.

5. Remove the detected antivirus key:

  • click on the record (right button);
  • "Delete" (directive in the context menu).

6. Press "F3" to resume scanning.

7. Analyze all directories.

Prevention

Download Dr.Web CureIt! and check all partitions of the disk for viruses. Clean Windows of junk files and keys in the registry with the CCleaner cleaner or Reg Organizer. Update the bases of the main antivirus.



Loading...
Top