Malware

Win32/Baidu.I potentially unwanted removal guide

Malware Removal

The Win32/Baidu.I potentially unwanted is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Baidu.I potentially unwanted virus can do?

  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Win32/Baidu.I potentially unwanted?



File Info:

crc32: F783D0E3
md5: 4776a38e616b0e06d301487fa2555fc6
name: 4776A38E616B0E06D301487FA2555FC6.mlw
sha1: ccdc6d6363c27320674773f39bb9b5e43d8dd874
sha256: fdc158d303899678e530954b2a97605cbbb83bb56ae8f7d4874ac36166ea0a1a
sha512: a9bb32e612ea1b15388da45d2c03763e7360e76dd2c014c76ab4a5b596b53f571a03aed74bcc861c9a7595829e76f65f2654cd428c3d939b994339d891c22bb9
ssdeep: 98304:EezBiHUCJnukqJjDLw8blh9ICYt+OAFNT5tszs0cIByKWmLE:PBPC1ufjHw8ThYrAFXgC
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2010 Baidu Inc. All rights reserved.
InternalName: BaiduPinyinSetup.exe
FileVersion: 3.0.2.494
CompanyName: Baidu, Inc.
Comments: x767ex5ea6x8f93x5165x6cd5
ProductName: x767ex5ea6x8f93x5165x6cd5
ProductVersion: 3.0.2.494
FileDescription: x767ex5ea6x8f93x5165x6cd5x5b89x88c5x7a0bx5e8f
OriginalFilename: BaiduPinyinSetup.exe
Translation: 0x0804 0x04b0

Win32/Baidu.I potentially unwanted also known as:

K7AntiVirusAdware ( 004ede4e1 )
LionicTrojan.Win32.Zbot.l!c
DrWebTrojan.DownLoader26.17372
CylanceUnsafe
CrowdStrikewin/malicious_confidence_90% (D)
K7GWAdware ( 004ede4e1 )
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Baidu.I potentially unwanted
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-Spy.Win32.Zbot.gen
SophosGeneric PUA MM (PUA)
McAfee-GW-EditionBehavesLike.Win32.Generic.rc
MicrosoftPUA:Win32/Presenoker
McAfeeArtemis!4776A38E616B
VBA32Trojan.Downloader
TrendMicro-HouseCallTROJ_GEN.R002H07JT21
YandexRiskware.Agent!ydqRRjC9NCc
MaxSecureTrojan.Malware.7175482.susgen
FortinetRiskware/Baidu

How to remove Win32/Baidu.I potentially unwanted?

Win32/Baidu.I potentially unwanted removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment