Malware

How to remove “Win32/Baidu.O potentially unwanted”?

Malware Removal

The Win32/Baidu.O potentially unwanted is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Baidu.O potentially unwanted virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32/Baidu.O potentially unwanted?



File Info:

name: 43785E863EC231B0E20A.mlw
path: /opt/CAPEv2/storage/binaries/44b31dd91d3ac4a4480b47fc8d6d78aabbc9929b098c4c01d1c5db78fbc38377
crc32: 40853537
md5: 43785e863ec231b0e20aeec42db0cf04
sha1: d346463048890a6faf4f07d201aa84bd846f2765
sha256: 44b31dd91d3ac4a4480b47fc8d6d78aabbc9929b098c4c01d1c5db78fbc38377
sha512: 7291b52697fa3380555759bb7d02a8a26cfeb627b01ed9749bfaebc00e985c64a562ad0438fdd05a5352979478b412599a7e1ce293a709d784cc13d93e0b24a1
ssdeep: 49152:DcGccpccUccL7cc2ccOcc9cc4VcbcoHcIyLF2fljZt/LhCGSCer/8Gjaw1T75X9v:DcGccpccUccL7cc2ccOcc9cc4VcbcoHK
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15F9533425785D2D3F9B205721433CA568BB67C03E6A8C0DB4B4ABE7DF4334A44A2E677
sha3_384: 44cfa53d27a7126dd40f30e0683b3bcccc0beba35113721dbf4978ff686a35a2de4b4d65d24cc7910fbeeda2e760bf90
ep_bytes: 81ecd4020000535556576a2033ed5e89
timestamp: 2012-02-24 19:19:59


Version Info:

CompanyName: 百度在线网络技术(北京)有限公司
FileDescription: 百度下载助手安装程序
FileVersion: 1.6.0.67
LegalCopyright: Copyright (C) 2014 Baidu Inc.
LegalTrademarks: Baidu
ProductName: 百度下载助手
ProductVersion: 1.6.0.67
Translation: 0x0804 0x03a8

Win32/Baidu.O potentially unwanted also known as:

BkavW32.AIDetectMalware
Cylanceunsafe
SangforTrojan.Win32.Baidu.V4r2
K7AntiVirusAdware ( 0052c5131 )
K7GWAdware ( 0052c5131 )
ESET-NOD32a variant of Win32/Baidu.O potentially unwanted
AvastWin32:Malware-gen
SophosGeneric ML PUA (PUA)
GoogleDetected
MalwarebytesGeneric.Malware/Suspicious
FortinetRiskware/Baidu
AVGWin32:Malware-gen

How to remove Win32/Baidu.O potentially unwanted?

Win32/Baidu.O potentially unwanted removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment