How to uninstall "Baidu"??? Solved

Question

Hello, Help, please I have the same problem  Configuration: Windows 7 / Chrome 45.0.2453.0

alexkhatch · Answer

Hello,
The Baidu software was installed as an option with a download. It's been 3 days and I can't uninstall it (it's not in the control panel and it's in Chinese).

Thank you for helping me remove it, please.

Anonymous user · Answer

Hello,  Need a helping hand?    -- O.o°* ???Breathe deeply, write your message in proper French and clearly. It will go well, you'll see, well, we're trying!!! o°.Oø¤º°'°º¤ø

Anonymous user · Answer

@ alexkhatch :  Have you tried uninstalling it with Revo?  * Download and save ZHPDiag to your desktop:   https://nicolascoolman.eu  or:  https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/  Once downloaded to your desktop, launch it  /!\ Users of Vista, Seven and W8:  Right-click on the ZHPdiag logo, "Run as Administrator"  Click on "Scan"  Let the tool work, even if it seems stuck!  At the end of the scan, the report will be displayed,   * Save the report to your Desktop using the floppy disk icon  Host the ZHPDiag.txt report on: https://www.cjoint.com/ to read => https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers  , then copy/paste the provided link in your next reply on the forum    ZHPDiag tutorial:  https://nicolascoolman.eu    Note: ZHPDiag is wrongly detected by some antivirus programs and Windows SmartScreen, disable them to run the tool if there’s a detection!   -- O.o°* ???Breathe deeply, write your message in proper French and clearly. It will be fine, you'll see, well, let's give it a try!!! o°.Oø¤º°'°º¤ø

alexkhatch · Answer

Hello Electrician 69, I've tried everything: CCleaner, Revo ... nothing works... Here is the report, please https://www.cjoint.com/c/EGpnZH0ltg1  Thank you

Anonymous user · Answer

Download and save Zhpfix to your desktop:  https://nicolascoolman.eu  Run it, it will install on your PC,  /!\ Users of Vista, Seven, and W8:  Right-click on the ZHPfix logo, “Run as Administrator”    /!\ Warning /!\,  this script is only valid for this PC, during the cleaning process, do not use it on another PC, risk of crashing!   Launch ZHPFix via the shortcut on your Desktop, the icon looks like a syringe.     Click on “import”  You will see a warning message, click Ok.  * Copy ( Ctrl + C ) and paste ( Ctrl + V ) the following bold lines into the Zhpfix window:  ---------------------------------------------------------  Zhpfix Script [MD5.6455FDCA5559B84691AC958796CF233A] - (.????????(??)???? - ??????.) -- C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe [64008] [PID.1020] [MD5.A3F93FB6C47A5D348ECA105B52762B91] - (.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdSvc.exe [805896] [PID.604] [MD5.A98F26BB3478D84D5F8F4B1D5CBC7C81] - (.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe [1047048] [PID.636] [MD5.E35B2982EADFE96D227B36093F29A45D] - (.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdTray.exe [2526216] [PID.3612] [MD5.06C969E36DFEFB3F69570846DAB6A19C] - (.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe [2257864] [PID.1200] [MD5.91602B30B2F9C54891FC36F74E9B812C] - (.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdUProxy64.exe [718856] [PID.4256] [MD5.8E6CB9BEEC711C4AABD71E6355BF2A3C] - (.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdUpdate.exe [965640] [PID.6336] P2 - FPN: [HKLM] [@baidu.com/BaidusdDetectNPPlugin] - (.????????(??)????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\explugin
pBaiduSDDetectPlug.dll P2 - FPN: [HKLM] [@qq.com/npAndroidAssistant] - (.Tencent, Inc..) -- C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198
pQQPhoneManagerExt.dll P2 - FPN: [HKLM] [@qq.com/QQPCMgr] - (.Tencent.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218
pQMExtensionsMozilla.dll O4 - HKLM\..\Wow6432Node\Run: [baidusdTray] . (.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdTray.exe O4 - HKLM\..\Wow6432Node\Run: [BaiduAnTray] . (.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe O23 - Service: BaiduHips (BaiduHips) . (.????????(??)???? - ??????.) - C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe O23 - Service: BDKVRTP Service (BDKVRTP) . (.????????(??)???? - ????????.) - C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdSvc.exe O23 - Service: BDMRTP Service (BDMRTP) . (.????????(??)???? - ????????.) - C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe HKLM\SOFTWARE\Wow6432Node\Baidu O43 - CFD: 2015/07/12 22:53:19 - [] D -- C:\Program Files (x86)\Baidu O43 - CFD: 2015/07/14 16:17:10 - [] D -- C:\ProgramData\Baidu O43 - CFD: 2015/07/12 22:51:06 - [] D -- C:\Program Files (x86)\Common Files\Baidu O43 - CFD: 2015/07/14 16:17:10 - [] D -- C:\Users\user\AppData\Roaming\Baidu O58 - SDL:2015/07/14 16:43:42 A . (.Baidu - bd0001 x64.) -- C:\Windows\System32\drivers\bd0001.sys [202704] O58 - SDL:2015/07/14 16:43:45 A . (.Baidu - bd0002.) -- C:\Windows\System32\drivers\bd0002.sys [198600] O58 - SDL:2015/06/08 08:03:22 A . (.Baidu - ????????(x64).) -- C:\Windows\System32\drivers\bd0003.sys [69448] O58 - SDL:2015/04/03 07:02:20 A . (.Baidu Technology - BDArKit.) -- C:\Windows\System32\drivers\BDArKit.SYS [152392] O58 - SDL:2015/07/12 23:18:07 A . (.Baidu - ????????.) -- C:\Windows\System32\drivers\BDDefense.sys [103752] O58 - SDL:2015/04/03 07:02:20 A . (.Baidu - Network Monitor.) -- C:\Windows\System32\drivers\BDMNetMon.sys [241992] O58 - SDL:2015/04/03 07:02:20 A . (.Baidu - ????????.) -- C:\Windows\System32\drivers\BDMWrench_x64.sys [62280] O87 - FAEL: "{CF9A96D1-143A-4E10-9D1E-1D649484483B}" [In-None-P6-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdSvc.exe O87 - FAEL: "{161AE790-A435-4DC8-ADEB-BD1D82A3EECD}" [In-None-P17-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdSvc.exe O87 - FAEL: "{6B994BDF-5D8C-4234-AB22-444BBA5DE373}" [In-None-P6-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdSvc.exe O87 - FAEL: "{9F35888B-A1B9-4D56-AD4B-9AEE954E5409}" [In-None-P17-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdSvc.exe O87 - FAEL: "{295C016A-C886-4818-8D95-74C6EE06C326}" [In-None-P6-TRUE] .(.????????(??)???? - ???????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSd.exe O87 - FAEL: "{20964F1C-3C7A-417E-89A6-C3785311371B}" [In-None-P17-TRUE] .(.????????(??)???? - ???????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSd.exe O87 - FAEL: "{75F4CEFB-96FB-43D1-828A-0060519EC828}" [In-None-P6-TRUE] .(.????????(??)???? - ???????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSd.exe O87 - FAEL: "{825FF31A-8318-47B3-93A8-D10AF5B82A15}" [In-None-P17-TRUE] .(.????????(??)???? - ???????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSd.exe O87 - FAEL: "{05FE3AF8-B342-443F-B51A-CD01A24D39E5}" [In-None-P6-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdTray.exe O87 - FAEL: "{B966DED1-B90E-45D2-A613-045EE014D904}" [In-None-P17-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdTray.exe O87 - FAEL: "{90E0C774-4BCC-4A4F-AC02-F1EE973ABAEA}" [In-None-P6-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdTray.exe O87 - FAEL: "{BDCCEF32-665A-41B5-BE69-51EE30DEC540}" [In-None-P17-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdTray.exe O87 - FAEL: "{162D51CC-F960-4D0F-B21C-BD941A08CA39}" [In-None-P6-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdUpdate.exe O87 - FAEL: "{A286EBB1-19A3-49A4-9D33-4E4380E552B9}" [In-None-P17-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdUpdate.exe O87 - FAEL: "{16034D3B-8E7B-4F08-8830-9D4AA5FCEB50}" [In-None-P6-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdUpdate.exe O87 - FAEL: "{AE95A896-A31A-4DCA-813A-9C58B9CB28D5}" [In-None-P17-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdUpdate.exe O87 - FAEL: "{76C22F18-5D49-4FF7-945B-D6DC909E60F6}" [In-None-P6-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdBugRpt.exe O87 - FAEL: "{F9D06E82-DE93-4608-92F7-8755BABE578E}" [In-None-P17-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdBugRpt.exe O87 - FAEL: "{19FCFE77-3E0E-45B6-8F58-665981379688}" [In-None-P6-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdBugRpt.exe O87 - FAEL: "{651E60F2-F1C8-42CC-A10B-A903F6BC8BCA}" [In-None-P17-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdBugRpt.exe O87 - FAEL: "{1175A8F4-0EE6-4276-9B12-E3D1219A9518}" [In-None-P6-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdUProxy64.exe O87 - FAEL: "{FA9200A2-1F1A-4028-A897-DB5CFA4AC209}" [In-None-P17-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdUProxy64.exe O87 - FAEL: "{60134111-F2F2-47D1-BDA4-91282D7001BD}" [In-None-P6-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdUProxy64.exe O87 - FAEL: "{9D0EE788-EE88-4234-B8C6-23252BF5D41C}" [In-None-P17-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdUProxy64.exe O87 - FAEL: "{F7DAA31D-7BD2-47B0-9E9C-E83EA79E62AE}" [In-None-P17-TRUE] .(.Baidu - ????????.) -- C:\program files (x86)\common files\baidu\bddownload\109\bddownloader.exe O87 - FAEL: "{318E1B6B-DCF7-4EA2-8F84-AAFD0347C3D7}" [In-None-P17-TRUE] .(.Baidu - ????????.) -- C:\program files (x86)\common files\baidu\bddownload\109\bddownloader.exe O87 - FAEL: "{22517CBD-1EF1-48BD-9820-FCF7D54AF2EB}" [In-None-P6-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe O87 - FAEL: "{F71331C5-AE8E-45EB-BFF5-57867CF7D36F}" [In-None-P17-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe O87 - FAEL: "{4677114C-DAAF-4D49-8447-E014DBF77AD3}" [In-None-P6-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe O87 - FAEL: "{2F336D0A-C0C3-4262-A8A4-E19EA0B810AC}" [In-None-P17-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe O87 - FAEL: "{5F0AA6FE-B243-4622-8F94-064B70F6E72B}" [In-None-P6-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe O87 - FAEL: "{794ADAF4-874A-4C0C-8B5A-D5E1C64D091C}" [In-None-P17-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe O87 - FAEL: "{0F5A2055-7BD4-40D8-A020-B2C1366F46B9}" [In-None-P6-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe O87 - FAEL: "{237F38C7-F27E-4BB4-8A84-DC037E9DCFAB}" [In-None-P17-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnTray.exe O87 - FAEL: "{1976DACF-4085-46CF-AE5E-DBD3866E2098}" [In-None-P6-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnUpdate.exe O87 - FAEL: "{147D4631-3059-491C-8968-15FF85D745F8}" [In-None-P17-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnUpdate.exe O87 - FAEL: "{CD1101CB-7CD2-4FA6-ACD6-DE6E94321183}" [In-None-P6-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnUpdate.exe O87 - FAEL: "{87987864-6E55-46E4-946D-89596E59C4FB}" [In-None-P17-TRUE] .(.????????(??)???? - ????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnUpdate.exe O87 - FAEL: "{19795CB6-3556-4371-AD9E-CC4616EBC44C}" [In-None-P6-TRUE] .(.????????(??)???? - ??????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnBugRpt.exe O87 - FAEL: "{9931F754-92AD-499E-BC06-99A503183233}" [In-None-P17-TRUE] .(.????????(??)???? - ??????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnBugRpt.exe O87 - FAEL: "{B1083F0E-E87E-45DD-B903-39DBD3179CA8}" [In-None-P6-TRUE] .(.????????(??)???? - ??????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnBugRpt.exe O87 - FAEL: "{136AFF06-8840-4057-AD0C-27D822EE9411}" [In-None-P17-TRUE] .(.????????(??)???? - ??????????.) -- C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnBugRpt.exe SR - Auto [2015/04/03 07:01:50] [ 64008] BaiduHips (BaiduHips) . (.????????(??)????.) - C:\Program Files (x86)\Common Files\Baidu\BaiduHips\1.2.0.751\BaiduHips.exe SR - Auto [2015/06/08 08:03:22] [ 805896] BDKVRTP Service (BDKVRTP) . (.????????(??)????.) - C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\BaiduSdSvc.exe SR - Auto [2015/04/03 07:01:52] [ 1047048] BDMRTP Service (BDMRTP) . (.????????(??)????.) - C:\Program Files (x86)\Baidu\BaiduAn\4.0.0.5166\BaiduAnSvc.exe P2 - FPN: [HKLM] [@qq.com/npAndroidAssistant] - (.Tencent, Inc..) -- C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198
pQQPhoneManagerExt.dll P2 - FPN: [HKLM] [@qq.com/QQPCMgr] - (.Tencent.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218
pQMExtensionsMozilla.dll HKLM\SOFTWARE\Wow6432Node\Tencent HKCU\SOFTWARE\PluginAddon HKCU\SOFTWARE\Start Page HKCU\SOFTWARE\Tencent HKCU\SOFTWARE\AppDataLow\Software\Smartbar G2 - GCE: Extension [User Data\Default] [dbaonaocldpohelilahfhnkmjankmbcc] Orbitum Speed Dial R3 - URLSearchHook: (no name) - {0633EE93-D776-472f-A0FF-E1416B8B2E3D} Orphean O2 - BHO: WebGuard BHO Class [64Bits] - {1B2639A9-EE25-4AE7-A2E3-B308F08125C4} (Orphean) O2 - BHO: QPMIEHelper [64Bits] - {50F4150A-48B2-417A-BE4C-C83F580FB904} (Orphean) SS - Auto [2015/07/14 16:27:17] [ 125408] 10809 (10809) . (...) - C:\Windows\Temp\10809 Firewallraz EmptyPrefetch ShortcutFix Emptytemp EmptyClsid     ---------------------------------------------------------- - Click on the “GO” button to start the cleaning, - confirm the cleaning - Host the ZHPFIX.txt report on https://www.cjoint.com/  then copy/paste the provided link in your next response on the forum.     Tutorial at the bottom of this page: https://nicolascoolman.eu    -- O.o°* ???Breathe deeply, write your message in proper French and clearly. It will go well, you will see, well we try!!! o°.Oø¤º°'°º¤ø

alexkhatch · Answer

Here  https://www.cjoint.com/c/EGpoT23Axw1

Anonymous user · Answer

ok

restart the PC to see if the Chinese thing has disappeared!

--
O.o°* ???Breathe deeply, write your message in proper French and clearly. It will be fine, you'll see, at least we're trying!!! o°.Oø¤º°'°º¤ø

alexkhatch · Answer

He is always there! I am desperate.

Anonymous user · Answer

but no,

give me a new Zhpdiag report via cjoint to see

--
O.o°* ???Breathe deeply, write your message in proper French and clearly. It's going to be alright, you'll see, well we're trying!!! o°.Oø¤º°'°º¤ø

alexkhatch · Answer

https://www.cjoint.com/c/EGppANstCU1

And here is the screenshot: as you can see it is still there, although I managed to stop the process at startup using Revo, as soon as I run ZHPDiag or Revo or another cleaning tool - the little Chinese one is there

https://www.cjoint.com/c/EGppBSi7uf1

Anonymous user · Answer

he is still there,

actually, you have been dragging him along since April!

we're going to try to stop him with OTM!

* /!\ WARNING :
this script is to be used only for this infected pc and on this topic, it is not valid for any other pc.

/!\ Vista User: Don't forget to disable UAC just for the time of disinfecting your pc, you will re-enable it later:
Tutorial: https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac

Download OtmoveIT (by Old_Timer) to your Desktop

http://general-changelog-team.fr/fr/outils/67-otm

Double-click on OTMoveIt.exe to launch it.

/!\ Vista and Windows 7 Users: Right-click on the OtmoveIT logo, "run as Administrator"

Copy the list that is in bold in the quote below and paste it into the left box of OTMoveIt under Paste List of Files/Folders to move.

:processes
explorer.exe
:services
BaiduHips.exe
BaiduSdSvc.exe
BaiduAnSvc.exe
:reg
[-HKLM\SOFTWARE\Wow6432Node\Baidu]
:files
C:\Program Files (x86)\Common Files\Baidu
C:\Program Files (x86)\Baidu
C:\Program Files (x86)\Common Files\Tencent
C:\ProgramData\Baidu
C:\Users\user\AppData\Roaming\Baidu
:Commands
[emptytemp]
[purity]
[start explorer]
[Reboot]

# click on MoveIt! to start the removal.

# The result will appear in the "Results" box.

# Click on Exit to close.

# Post the report located in C:\_OTMoveIt\MovedFiles.

# You may be asked to restart the pc to complete the removal. If so, accept by Yes.

--
O.o°* ???Breathe deeply, write your message in good French and clearly. it will be okay, you'll see, well we will try!!! o°.Oø¤º°'°º¤ø

alexkhatch · Answer

This thing manifested itself 3 days ago, even though it has been there since April? Here is the report https://www.cjoint.com/c/EGpqj7YR1M1

Anonymous user · Answer

I see the date of April on the report

restart the PC so that OTM can finish the cleanup!

we'll see if it's still there!

--
O.o°* ???Breathe deeply, write your message in proper French and clearly. It's going to be fine, you'll see, well, let's try!!! o°.Oø¤º°'°º¤ø

alexkhatch · Answer

Always and again,
I don’t know if it has anything to do with it, but in the report I read "Folder move failed" which means that the overwrite has failed,
is there still something that could save me? Please
Thank you

Anonymous user · Answer

yes, just Unlocker!

https://www.commentcamarche.net/telecharger/utilitaires/22737-unlocker/

or try to reinstall Baidu and install it properly!

or even, restore the PC as far back as possible!

--
O.o°* ???Breathe deeply, write your message in correct French and clearly. It's going to be fine, you'll see, well we're trying!!! o°.Oø¤º°'°º¤ø

alexkhatch · Answer

Hello,
First of all, I would like to thank Abel and Electricien 69 for their presence and help.
Unlocker did not work;
I don’t know if the method I used to get rid of this thing is correct since my knowledge in the IT field is minimal, but here it is:
- booting in safe mode
- uninstalling Baidu with Revo Pro
- restarting in normal mode
- several scans/cleanings with AdwCleaner

The Chinese thing is no longer there (unless it's hiding somewhere, and if that’s the case, how can I see it?)
Did I do something wrong?
Thank you

Anonymous user · Answer

Hello,

If you can't see it anymore,

but start the PC in normal mode,

send me a new Zhpdiag report via cjoint so we can see what remains!

--
O.o°* ???Breathe deeply, write your message in good French and clearly. It will be fine, you'll see, well we'll try!!! o°.Oø¤º°'°º¤ø

alexkhatch · Answer

Re: Baidu Here it is. Indeed, we can see it in the report https://www.cjoint.com/c/EGqoJl5rj41

Anonymous user · Answer

/!\ Warning /!\,  this script is only valid for this PC, during the cleanup, do not use it on another PC, risk of crashing!   Launch ZHPFix via the shortcut on your Desktop, the icon looks like a syringe.     Click on "import"  You will see a warning message, click OK.  Open this document and copy and paste the entire content into the Zhpfix window:  * Copy (Ctrl + C) and paste (Ctrl + V) the following bold lines into the Zhpfix window:  ---------------------------------------------------------  Zhpfix Script P2 - FPN: [HKLM] [@baidu.com/BaidusdDetectNPPlugin] - (.BeiJing Baidu Netcom Science Technology Co., Ltd.) -- C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\explugin
pBaiduSDDetectPlug.dll P2 - FPN: [HKLM] [@qq.com/npAndroidAssistant] - (.Tencent, Inc..) -- C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3198
pQQPhoneManagerExt.dll P2 - FPN: [HKLM] [@qq.com/QQPCMgr] - (.Tencent.) -- C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16434.218
pQMExtensionsMozilla.dll O2 - BHO: WebGuard BHO Class [64Bits] - {1B2639A9-EE25-4AE7-A2E3-B308F08125C4} (Orphean) O2 - BHO: (no name) [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Orphean) O2 - BHO: (no name) [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} (Orphean) O23 - Service: 10809 (10809) . (...) - C:\Windows	emp\10809 (.not file.) O42 - Software: Íýíñè Äðþ. Ïëàòüå äëÿ ïåðâîé ëåäè - (...) [HKLM][64Bits] -- Íýíñè Äðþ. Ïëàòüå äëÿ ïåðâîé ëåäè_is1 O42 - Software: Íýíñè Äðþ. Ñåêðåò ñòàðèííûõ ÷àñîâ - (...) [HKLM][64Bits] -- Íýíñè Äðþ. Ñåêðåò ñòàðèííûõ ÷àñîâ_is1 O42 - Software: Íýíñè Äðþ. Ñåêðåòû ìîãóò óáèâàòü - (...) [HKLM][64Bits] -- Íýíñè Äðþ. Ñåêðåòû ìîãóò óáèâàòü_is1 O42 - Software: Íýíñè Äðþ. Ñîêðîâèùå êîðîëåâñêîé áàøíè - (...) [HKLM][64Bits] -- Íýíñè Äðþ. Ñîêðîâèùå êîðîëåâñêîé áàøíè_is1 O42 - Software: Íýíñè Äðþ. Òàéíà àëîé ðóêè - (...) [HKLM][64Bits] -- Íýíñè Äðþ. Òàéíà àëîé ðóêè_is1 O42 - Software: À-Ç-Î-Â (v.1.0) - (...) [HKLM][64Bits] -- ÒÉ: À-Ç-Î-Â_is1 O42 - Software: Àñòðàëüíàÿ Ïðîåêöèÿ (v.1.1) - (...) [HKLM][64Bits] -- ÒÉ: Àñòðàëüíàÿ Ïðîåêöèÿ_is1 O42 - Software: Ìãíîâåííàÿ Ýâîëþöèÿ (v.1.2) - (...) [HKLM][64Bits] -- ÒÉ: Ìãíîâåííàÿ Ýâîëþöèÿ_is1 O42 - Software: Ìåäèòàöèÿ íà ÎÌ (v.1.1) - (...) [HKLM][64Bits] -- ÒÉ: Ìåäèòàöèÿ íà ÎÌ_is1 O42 - Software: Ðàçâèòèå ñèñòåìû ÷àêð (v.1.1) - (...) [HKLM][64Bits] -- ÒÉ: Ðàçâèòèå ñèñòåìû ÷àêð_is1 O43 - CFD: 2015/07/12 22:51:06 - [] D -- C:\Program Files (x86)\Common Files\Baidu O58 - SDL:2015/04/03 07:02:20 A . (.Baidu - Network Monitor.) -- C:\Windows\System32\drivers\BDMNetMon.sys [241992] Proxyfix Firewallraz EmptyPrefetch ShortcutFix Emptytemp EmptyClsid     ---------------------------------------------------------- - Click the "GO" button to start the cleanup, - confirm the cleanup - Host the ZHPFIX.txt report on https://www.cjoint.com/  Then copy/paste the provided link in your next response on the forum.     Tutorial at the bottom of this page: https://nicolascoolman.eu    -- O.o°* ???Breathe deeply, write your message in good French and clearly. It will go well, you'll see, well we try !!! o°.Oø¤º°'°º¤ø

alexkhatch · Answer

https://www.cjoint.com/c/EGqpNvSBNd1  ZHPDiag scan done after the restart https://www.cjoint.com/c/EGqpOfZqJ11

Anonymous user · Answer

the plugin and driver are still there,  restart the pc  run a new Zhpdiag afterwards to see     -- O.o°* ???Breathe deeply, write your message clearly and in good French. It will be fine, you'll see, well we're trying!!! o°.Oø¤º°'°º¤ø

alexkhatch · Answer

Here is https://www.cjoint.com/c/EGqt71BXvn1  I can't find it in the path indicated in the report; and Revo doesn't detect it either... C:\Program Files (x86)\Baidu\BaiduSd\4.0.0.6697\explugin
pBaiduSDDetectPlug.dll

Anonymous user · Answer

ok,  restart the PC one more time and let me know if you see it   we'll finish by uninstalling the tools afterwards    -- O.o°* ???Breathe deeply, write your message in good French and clearly. It will be fine, you'll see, well, let's try!!! o°.Oø¤º°'°º¤ø

alexkhatch · Answer

At startup, nothing in Chinese anymore since the removal in safe mode by Revo Pro Browser - ok - AdwCleaner - 0 items - Malwarebytes - 0 items - Revo Pro - does not detect any remaining files   But it is still in the report https://www.cjoint.com/c/EGquUA8NmD1  Thank you

Anonymous user · Answer

In the report, it presents itself as a plugin in Mozilla Firefox! For the driver, it has become inactive!  Do you really want us to try to get rid of it? Download The Avenger by Swandog46 to your Desktop:  http://www.geekstogo.com/forum/files/file/393-the-avenger-by-swandog46/  Click on Avenger.zip to open the file Extract avenger.exe to your desktop   Now, launch The Avenger by clicking on its desktop icon  /!\ Vista and Seven users, right-click and run as administrator  Copy all the text in bold below: highlight it and press the keys (Ctrl+C):  Drivers to disable: BDMNetMon.sys Drivers to delete: BDMNetMon.sys Files to delete: C:\Windows\System32\drivers\BDMNetMon.sys  Paste this text (Ctrl+V) into the box: Input script here  Press Execute  The PC will restart If the report does not appear, it is located in C:\ avenger Tutorial: http://www.oxygenepc.com/forum/the-avenger-t594.html  -- O.o°* ???Breathe deeply, write your message in proper French and clearly. It’s going to be okay, you’ll see, well, we’ll try!!! o°.Oø¤º°'°º¤ø

alexkhatch · Answer

Here is the message that appears https://www.cjoint.com/c/EGrh1hYkER1

Anonymous user · Answer

try again to paste the script in the window to see,  we might be looking for a ghost file!    -- O.o°* ???Breathe deeply, write your message in proper French and clearly. It will be fine, you'll see, well we're trying!!! o°.Oø¤º°'°º¤ø

alexkhatch · Answer

It's always the same, the same message... If it's a ghost file, can we say the problem is solved?

Anonymous user · Answer

If you can no longer see it in the list of programs, nor in the processes, it means we've got it!   Restart the PC to see,  if there are no traces, we'll uninstall the tools, etc. etc. :-)    -- O.o°*??? Breathe deeply, write your message in proper French and clearly. It's going to be okay, you'll see, at least we'll try!!! o°.Oø¤º°'°º¤ø

alexkhatch · Answer

Here it is, Programs - ok Processes - ok I only see the files in ADW Quarantine

Anonymous user · Answer

ok,  we're finishing up:  Download Delfix to your desktop:  https://toolslib.net/downloads/viewdownload/2-delfix/  or     Check the following boxes: => Remove disinfecting tools (checked by default) => Purge system restore   Then click on Run and wait during the removal process.  When the procedures are completed, the tool will close and disappear from the desktop.  A report is saved to the clipboard: you just need to right-click and "paste" in your next reply to send me the report  the report is stored at this location: C:\DelFix.txt  Warning: The report is unique and is deleted each time we re-run one or more options of DelFix.  Note: Delfix does not uninstall MBAM, it's up to you to decide if you want to keep it or uninstall it.      -- O.o°* ???Breathe deeply, write your message in proper French and clearly. It'll be alright, you'll see, well we're trying !!! o°.Oø¤º°'°º¤ø

alexkhatch · Answer

It is not in the location: C:\DelFix.txt It is on my desktop, is that normal?  https://www.cjoint.com/c/EGrnWK7tOo1

Anonymous user · Answer

it's just a report, it changed places :P  know that Delfix has created a new restore point, it might come in handy just in case :-)  on that note, happy surfing ;-)    -- O.o°* ???Breathe deeply, write your message in proper French and clearly. it's going to be fine, you'll see, well we're trying!!! o°.Oø¤º°'°º¤ø

alexkhatch · Answer

A big THANK YOU for your help.

Anonymous user · Answer

:-)    -- O.o°* ???Breathe deeply, write your message in proper French and clearly. It will be fine, you’ll see, well we’ll try!!! o°.Oø¤º°'°º¤ø

afideg · Answer

Hello, Congratulations on this interesting topic ... and resolved. I also followed at Nicolas's. ;) Albert  -- Patience-Vigilance-Love.

How to uninstall "Baidu"???

36 answers

Reinstallation of w11 impossible after pc crash...

Tencent impossible to remove

Is there enough storage space on my vps?

Car gps tracker

Transfer mp3 from pc to mobile

Unrefreshed usb drive on android interface

Erreur de captcha

How to delete quarantine files in defender?

Issue with accents

Https://www.youtube.com/@topblazo