• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 310
  • Last Modified:


I have Kaspersky anti-virus. In the past few days I get a message about c:\programdata\q1srv1task\baidu.exe

It says "updater.exe got access to malware detected by Kaspersky Security Network.

It then wants to do a disinfect with reboot which makes no difference. I've renamed the folder and it gets created again. I can't see any startup items that might cause it. Doing a Google doesn't help much. Has anyone come across this please and how should I deal with it.
  • 2
1 Solution
David Johnson, CD, MVPOwnerCommented:

1. Remove using ADWare Cleaner

Download and install ADWare Cleaner. Important close all open programs and internet browsers,

2. Remove using Junkware removal tool

Let it run its scan and when the scan completes, it will display a log with the malicious files and registry keys that were removed from your computer.

3. Remove using Malware Bytes

update the definitions and let it run.. it will show you the PUP's (Potentially Unwanted Programs).
Make sure that everything is Checked then click on the Remove Selected button.
Download and Install Malware Bytes

4. Double-check for the Adware:Win32/Baidu.A infection with HitmanPro

Download Hitman Pro
run it.. if it finds anything .. activate the free 30 day trial to remove the items

5. Be Proactive and not Reactive

Malware Bytes Pro would have stopped this item in its tracks before it got a hold on to your computer. Since software can't prevent stupid or inattentive users then you have to step up your awareness when installing software from the internet. Most PUP installations are by the user ACCEPTING the installation as it is bundled with some other really wanted piece of software. They all have an opt-out clause before you install them.. but you have to be careful and read things to make sure you are getting a tag along programhttp://malwaretips.com/blogs/adware-win32-baidu-a-removal/
dengoldingAuthor Commented:
I'll try that. I don't install odd bits from the internet but I recently had a spate of ads popping up in all browers and redirected windows opened with constant big download buttons to update flash or such like but ignored them all. I managed to get rid of the software involved but then this appeared.  Quite often when genuinly updating Windows software there are several large download buttons on the same page and it's not clear which is correct for the update. I must have been caught out by the deceptive text. As a programmer I'd like to think that I'm fairly switched on to this but time pressures can catch one off guard.
dengoldingAuthor Commented:
I rather resented being called a stupid or inattentive user so I am abandoning this question. I have Bit Defender and it is constantly updated and so should have detected the file. I don't blithley accept anything when installing software but sometimes, especially with adobe, it's easy to miss their tiny tick boxes for other software. As it happens, I rarely install oddware.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now