Remove BAIDUCLIENTRENDER.EXE malware
BAIDUCLIENTRENDER.EXE Malware Removal Guide
Manual removal instructions:
Antivirus Report of BAIDUCLIENTRENDER.EXE:
baiduclientrender.exe
Full path on a computer: %LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUCLIENTRENDER.EXE
Autostart registry keys:
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\{D235629A-7647-4E23-B71F-D15D02C764B2}: "V2.25|ACTION=ALLOW|ACTIVE=TRUE|DIR=IN|PROTOCOL=6|PROFILE=DOMAIN|APP=%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUCLIENTRENDER.EXE|NAME=??????|"
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\{FECFE176-77C7-45CB-B484-3CBC731C719F}: "V2.25|ACTION=ALLOW|ACTIVE=TRUE|DIR=IN|PROTOCOL=17|PROFILE=DOMAIN|APP=%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUCLIENTRENDER.EXE|NAME=??????|"
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\{BE49844A-63C9-4E2D-AD3E-831E9F19E34C}: "V2.25|ACTION=ALLOW|ACTIVE=TRUE|DIR=IN|PROTOCOL=6|PROFILE=PRIVATE|APP=%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUCLIENTRENDER.EXE|NAME=??????|"
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\{1EA3A38E-FC08-461A-B31E-79C90DF11C48}: "V2.25|ACTION=ALLOW|ACTIVE=TRUE|DIR=IN|PROTOCOL=17|PROFILE=PRIVATE|APP=%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUCLIENTRENDER.EXE|NAME=??????|"
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\{80D49AB7-E202-474E-997E-C8FAD6759B21}: "V2.25|ACTION=ALLOW|ACTIVE=TRUE|DIR=IN|PROTOCOL=6|PROFILE=PUBLIC|APP=%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUCLIENTRENDER.EXE|NAME=??????|"
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\{D2EED540-C294-4058-9FF0-79A842236177}: "V2.25|ACTION=ALLOW|ACTIVE=TRUE|DIR=IN|PROTOCOL=17|PROFILE=PUBLIC|APP=%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUCLIENTRENDER.EXE|NAME=??????|"
Related Files:
%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUASSISTANT.EXE
%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUBUGRPT.EXE
%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUCLIENTRENDER.EXE
%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUSERVICE.EXE
%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUUPDATE.EXE
The file BAIDUCLIENTRENDER.EXE is malware related.
You must delete the file BAIDUCLIENTRENDER.EXE immediately!
Delete the file BAIDUCLIENTRENDER.EXE without delay!
Kill the process BAIDUCLIENTRENDER.EXE and remove BAIDUCLIENTRENDER.EXE from the Windows startup.
BAIDUCLIENTRENDER.EXE is related to: Generic.7E6, BAIDUCLIENTRENDER.EXE.
Virustotal = 1/57
MD5 = BB02591FB49911F2C0D7E403E05AEE0C
File Size: 44536
File information:
OriginalFilename: BaiduClientRender.exe
FileDescription: ?????Chrome???
InternalName: BaiduClientRender.exe
CompanyName: ????????(??)????
FileVersion: 1.8.0.607
LegalCopyright: Copyright (C) 2014 Baidu Inc.
BAIDUCLIENTRENDER.EXE | Malware |
BAIDUCLIENTRENDER.EXE | Dangerous |
BAIDUCLIENTRENDER.EXE | High Risk |
Autostart registry keys:
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\{D235629A-7647-4E23-B71F-D15D02C764B2}: "V2.25|ACTION=ALLOW|ACTIVE=TRUE|DIR=IN|PROTOCOL=6|PROFILE=DOMAIN|APP=%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUCLIENTRENDER.EXE|NAME=??????|"
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\{FECFE176-77C7-45CB-B484-3CBC731C719F}: "V2.25|ACTION=ALLOW|ACTIVE=TRUE|DIR=IN|PROTOCOL=17|PROFILE=DOMAIN|APP=%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUCLIENTRENDER.EXE|NAME=??????|"
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\{BE49844A-63C9-4E2D-AD3E-831E9F19E34C}: "V2.25|ACTION=ALLOW|ACTIVE=TRUE|DIR=IN|PROTOCOL=6|PROFILE=PRIVATE|APP=%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUCLIENTRENDER.EXE|NAME=??????|"
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\{1EA3A38E-FC08-461A-B31E-79C90DF11C48}: "V2.25|ACTION=ALLOW|ACTIVE=TRUE|DIR=IN|PROTOCOL=17|PROFILE=PRIVATE|APP=%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUCLIENTRENDER.EXE|NAME=??????|"
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\{80D49AB7-E202-474E-997E-C8FAD6759B21}: "V2.25|ACTION=ALLOW|ACTIVE=TRUE|DIR=IN|PROTOCOL=6|PROFILE=PUBLIC|APP=%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUCLIENTRENDER.EXE|NAME=??????|"
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES\{D2EED540-C294-4058-9FF0-79A842236177}: "V2.25|ACTION=ALLOW|ACTIVE=TRUE|DIR=IN|PROTOCOL=17|PROFILE=PUBLIC|APP=%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUCLIENTRENDER.EXE|NAME=??????|"
Related Files:
%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUASSISTANT.EXE
%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUBUGRPT.EXE
%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUCLIENTRENDER.EXE
%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUSERVICE.EXE
%LOCAL APPDATA%\BAIDU\BAIDUCLIENT\2.5.0.1935\BAIDUUPDATE.EXE
The file BAIDUCLIENTRENDER.EXE is malware related.
You must delete the file BAIDUCLIENTRENDER.EXE immediately!
Delete the file BAIDUCLIENTRENDER.EXE without delay!
Kill the process BAIDUCLIENTRENDER.EXE and remove BAIDUCLIENTRENDER.EXE from the Windows startup.
BAIDUCLIENTRENDER.EXE is related to: Generic.7E6, BAIDUCLIENTRENDER.EXE.
Virustotal = 1/57
MD5 = BB02591FB49911F2C0D7E403E05AEE0C
File Size: 44536
File information:
OriginalFilename: BaiduClientRender.exe
FileDescription: ?????Chrome???
InternalName: BaiduClientRender.exe
CompanyName: ????????(??)????
FileVersion: 1.8.0.607
LegalCopyright: Copyright (C) 2014 Baidu Inc.
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.