1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Can't remove Baidu bar

Discussion in 'Virus & Other Malware Removal' started by hawai, Dec 8, 2005.

Thread Status:
Not open for further replies.
Advertisement
  1. hawai

    hawai Thread Starter

    Joined:
    Dec 8, 2005
    Messages:
    7
    Here is the "Open Uninstall Manager" list. The first line in "gibberish" is the the Baidu Bar program. Even though I tried to unistall it, it repairs itself and reappears again. What's frustrating is that everytime I try to delete the keys relating to Baidu in the registry, it would either be "not responding" or the keys I am able to delete reappears again in a second.


    °Ù¶È³¬¼¶ËÑ°Ô
    Ad-Aware SE Professional
    Adobe Atmosphere Player for Acrobat and Adobe Reader
    Adobe Photoshop Album 2.0 Starter Edition
    Adobe Reader 7.0.5
    ALPS Touch Pad Driver
    AOL Instant Messenger
    AsianSuite
    ATI Control Panel
    ATI Display Driver
    AviSynth 2.5
    BCM V.92 56K Modem
    BitComet 0.60
    Broadcom Advanced Control Suite
    ccCommon
    CleanUp!
    Dell Bluetooth Software
    Dell Digital Jukebox Driver
    Dell Media Experience
    Dell ResourceCD
    Dell Solution Center
    Dell Support 5.0.0 (766)
    Diet K
    Direct Show Ogg Vorbis Filter (remove only)
    DivX
    DivX Player
    DVD X Copy Platinum 4.0.3
    DVD X Rescue
    EarthLink Setup Files
    ewido security suite
    Get High Speed Internet!
    Google Toolbar for Internet Explorer
    GSpot Codec Information Appliance
    Handy Recovery 2.0
    Hijackthis 1.99.1
    HijackThis 1.99.1
    ICQ
    ICQ 5
    Intel(R) mDriver
    Intel(R) PROSet for Wireless
    Intel(R) Sebring API
    Internet Explorer Default Page
    Internet Worm Protection
    IrfanView (remove only)
    iTunes
    J2SE Runtime Environment 5.0 Update 2
    J2SE Runtime Environment 5.0 Update 4
    Jasc Paint Shop Photo Album
    Jasc Paint Shop Pro 8 Dell Edition
    Java 2 Runtime Environment, SE v1.4.2_05
    JD Secure 3.1
    Learn2 Player (Uninstall Only)
    LimeWire
    LiveReg (Symantec Corporation)
    LiveUpdate 2.6 (Symantec Corporation)
    Logitech MouseWare 9.80
    Macromedia Flash Player 8
    Macromedia Flash Player 8
    Macromedia Shockwave Player
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft Encarta Encyclopedia Standard 2004
    Microsoft Money 2004
    Microsoft Money 2004 System Pack
    Mjuice Components
    Modem Helper
    MSN Messenger 7.5
    MSN Music Assistant
    MUSICMATCH® Jukebox
    Nero 6 Ultra Edition
    Netscape Browser (remove only)
    Norton AntiVirus 2005
    Norton AntiVirus 2005 (Symantec Corporation)
    Norton AntiVirus Help
    Norton AntiVirus Parent MSI
    Norton AntiVirus SYMLT MSI
    Norton WMI Update
    Norton WMI Update
    PokerStars
    PowerDVD 5.1
    PPLive 1.1.0.7
    PPStream ²âÊÔ°æ
    PSP Video 9 1.74
    QuickSet
    QuickTime
    RealPlayer
    RealProducer Plus 10
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Windows XP (KB890046)
    Security Update for Windows XP (KB893066)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896422)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB896688)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Shockwave
    Sonic DLA
    Sonic MyDVD
    Sonic RecordNow!
    SPBBC
    Spy Sweeper
    Spybot - Search & Destroy 1.4
    Spyware Doctor 3.2
    SSH Secure Shell
    Symantec
    Symantec Script Blocking Installer
    SymNet
    Synacast Plug-in 1.1.0.7
    Tvants 1.0
    Update for Windows XP (KB894391)
    Update for Windows XP (KB898461)
    Viewpoint Manager (Remove Only)
    Viewpoint Media Player
    Winamp (remove only)
    WinAVI VideoConverter
    Windows Genuine Advantage v1.3.0254.0
    Windows Installer 3.1 (KB893803)
    Windows Media Format Runtime
    Windows Media Player 10
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885250
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB887742
    Windows XP Hotfix - KB888113
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB891781
    Windows XP Service Pack 2
    WinRAR archiver
    WinStdup
    WordPerfect Office 12
    Yahoo! Internet Mail
    Yahoo! Messenger
    Yahoo! Messenger Explorer Bar
     
  2. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,322
    Do you know what this is?

    °Ù¶È³¬¼¶ËÑ°Ô
     
  3. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,322
    I see from the entries in your Hijack THis log that this is the entry for the baidu toolbar:

    °Ù¶È³¬¼¶ËÑ°Ô

    * Go to Add/Remove programs and uninstall these:

    °Ù¶È³¬¼¶ËÑ°Ô
    J2SE Runtime Environment 5.0 Update 2
    J2SE Runtime Environment 5.0 Update 4
    Java 2 Runtime Environment, SE v1.4.2_05
    Viewpoint Manager (Remove Only)
    Viewpoint Media Player
    WinStdup


    * Now go here and install the latest version of Java.


    *Download Cleanup from here
    • Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu).
    • Click the Options... button on the right.
    • Move the arrow down to "Custom CleanUp!"
    • Put a check next to the following (Make sure nothing else is checked!):
      • Empty Recycle Bins
      • Delete Cookies
      • Cleanup! All Users
      Click OK
    • DO NOT RUN IT YET


    * Click Here and download Killbox and save it to your desktop.


    * Click here for info on how to boot to safe mode if you don't already know how.


    * Now copy these instructions to notepad and save them to your desktop. You will need them to refer to.


    * Run Hijack This again and put a check by any of these that may be left after uninstalling the Baidu bar. Close ALL windows except HijackThis and click "Fix checked"

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.seekerbar.com/ie.aspx?tb_id=50154

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

    O2 - BHO: std software - {6A512BF7-EC78-4e8d-9841-6C02E8FA9838} - C:\WINDOWS\SYSTEM32\stdup.dll (file missing)

    O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll

    O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

    O3 - Toolbar: °Ù¶È³¬¼¶ËÑ°Ô - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll

    O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe

    O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe

    O8 - Extra context menu item: °Ù¶È-´ÊµäËÑË÷ - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDU_DIC.HTM

    O8 - Extra context menu item: °Ù¶È-ËÑË÷MP3 - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUMP3.HTM

    O8 - Extra context menu item: °Ù¶È-ËÑË÷¸è´Ê - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDULYRIC.HTM

    O8 - Extra context menu item: °Ù¶È-ËÑË÷Ìù°É - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUPOST.HTM

    O8 - Extra context menu item: °Ù¶È-ËÑË÷ͼƬ - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUIMG.HTM

    O8 - Extra context menu item: °Ù¶È-ËÑË÷ÍøÒ³ - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUSEARCH.HTM

    O8 - Extra context menu item: °Ù¶È-ËÑË÷ÐÂÎÅ - res://C:\PROGRA~1\baidu\bar\baidubar.dll/BAIDUNEWS.HTM

    O9 - Extra button: Ãââ··ÑѾ¾««²²ÊÊÊÊÓÓÆƵµ³³¬¬ÁÁ÷÷³³©©ÔÔÚÚÏÏßß¹¹ÛÛ¿¿´´'
    val - {022C4009-5283-4365-97BF-144054B40E2E} - C:\WINDOWS\System32\shdocvw.dll



    * Restart your computer into safe mode now. Perform the following steps in safe mode:


    * Double-click on Killbox.exe to run it.
    • Put a tick by Standard File Kill.
    • In the "Full Path of File to Delete" box, copy and paste each of the following lines one at a time:

      C:\Program Files\Common files\SearchUpgrader

      C:\Program Files\Common files\WinTools

      C:\Program Files\baidu


    • Click on the button that has the red circle with the X in the middle after you enter each file.
    • It will ask for confimation to delete the file.
    • Click Yes.
    • Continue with that procedure until you have pasted all of these in the "Paste Full Path of File to Delete" box.
    • Killbox may tell you that one or more files do not exist.
    • If that happens, just continue on with all the files. Be sure you don't miss any.
    • Exit the Killbox.


    * Run Cleanup:
    • Click on the "Cleanup" button and let it run.
    • Once its done, close the program.


    * Restart back into Windows normally now.


    * Run ActiveScan online virus scan here

    When the scan is finished, save the results from the scan!

    Post a new HiJackThis log along with the results from ActiveScan
     
  4. Sequal7

    Sequal7

    Joined:
    Apr 14, 2001
    Messages:
    2,382
    Removal of Badiu.Sobar is as simple as downloading and instaling Windows Defender ,(if not already installed) , rebooting in safe mode (not with networking) and running Defender. The files will be deleted and the system will ask to re-boot to complete removal.

    Works on Windows XP Home SP2 and Pro SP2 as tested on my machines.

    These are the files associated with it:

    C:\Program Files\Baidu\bar
    -baidubar.dat
    -BaiDuBar.dll
    -bdgdins.dll
    C:\Program Files\Baidu\bar\img
    -imglist.bmp
    -logo.bmp

    Registry Keys:

    clsid:
    HKLM\SOFTWARE\CLASSES\CLSID\{FE14F22E-BE14-4F08-A80F-F27BC3A67B2D}

    clsid:
    HKLM\SOFTWARE\CLASSES\CLSID\{B580CF65-E151-49C3-B73F-70B13FCA8E86}

    clsid:
    HKLM\SOFTWARE\CLASSES\CLSID\{A7F05EE4-0426-454F-8013-C41E3596E9E9}

    clsid:
    HKLM\SOFTWARE\CLASSES\CLSID\{7C76C055-ED6E-4535-A70F-CD476E727F67}

    regkey:
    HKLM\SYSTEM\CurrentControlSet\Services\BdGuard

    regkey:
    HKLM\Software\Classes\MimeFilter.AdFilter.1

    regkey:
    HKLM\Software\Classes\MimeFilter.AdFilter

    regkey:
    HKLM\SOFTWARE\CLASSES\CLSID\{FE14F22E-BE14-4F08-A80F-F27BC3A67B2D}

    regkey:
    HKLM\SOFTWARE\CLASSES\CLSID\{B580CF65-E151-49C3-B73F-70B13FCA8E86}

    regkey:
    HKLM\SOFTWARE\CLASSES\CLSID\{A7F05EE4-0426-454F-8013-C41E3596E9E9}

    regkey:
    HKLM\SOFTWARE\CLASSES\CLSID\{7C76C055-ED6E-4535-A70F-CD476E727F67}

    regkey:
    HKLM\Software\Classes\BaiduBarEx.DropTarget.1

    regkey:
    HKLM\Software\Classes\BaiduBarEx.DropTarget

    regkey:
    HKLM\Software\Classes\BaiduBarEx.BandIE.1

    regkey:
    HKLM\Software\Classes\BaiduBarEx.BandIE

    regkey:
    HKLM\Software\Classes\BaiduBar.Tool.1

    regkey:
    HKLM\Software\Classes\BaiduBar.Tool

    regkey:
    HKLM\Software\Classes\BaiduBar.Baidu.1

    regkey:
    HKLM\Software\Classes\BaiduBar.Baidu

    regkey:
    HKCU@S-1-5-21-1715567821-1482476501-725345543-1003\software\baidu

    driver:
    BdGuard

    file:
    C:\WINDOWS\system32\drivers\BDGuard.SYS
     
  5. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,322
    Due to lack of feedback, I'm closing this thread. If you need it reopened please PM me or one of the other mods.

    Anyone else with a similar problem please start a "New Thread".
     
  6. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/423470