# Search the Community

Showing results for tags 'babylon'.

• ### Search By Tags

Type tags separated by commas.

### Forums

• Announcements
• Malwarebytes News
• Beta Testing Program
• Malware Removal Help
• Windows Malware Removal Help & Support
• Mac Malware Removal Help & Support
• Mobile Malware Removal Help & Support
• Malware Removal Self-Help Guides
• Malwarebytes for Home Support
• Malwarebytes for Windows Support Forum
• Malwarebytes for Mac Support Forum
• Malwarebytes for Android Support Forum
• Malwarebytes for iOS Support
• Malwarebytes Privacy
• Malwarebytes Browser Guard
• False Positives
• Malwarebytes Endpoint Protection
• Malwarebytes Incident Response (includes Breach Remediation)
• Malwarebytes Endpoint Security
• Malwarebytes Tools and Other Products
• Malwarebytes Junkware Removal Tool Support
• Malwarebytes Anti-Rootkit BETA Support
• Malwarebytes Techbench USB (Legacy)
• Malwarebytes Secure Backup discontinued
• Other Tools
• Malwarebytes Tools Comments and Suggestions
• General Computer Help and Security Updates
• BSOD, Crashes, Kernel Debugging
• General Windows PC Help
• Research Center
• Newest IP or URL Threats
• Report Scam Phone Numbers
• General
• General Chat
• Forums Announcements & Feedback

• 0 Replies

• 0 Views

Found 22 results

1. ## False Positive for registry key related to Babylon translator software

Today I realised after a malwarebytes scan that I have the babylon PUP infecting(?) google chrome. I have tried many tools including malwarebytes, avast, ADWcleaner, FRST etc to try and diagnose and resolve the problem but with no luck. I (think) I have narrowed the problem down to a single file: C:\Users\"Username"\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences There is a line in this file which sets a startup URL to "http://search.babylon.com/?affID=111434&tt=010712_4&babsrc=HP_ss&mntrId=6e7008aa00000000000090a4dea255ab""http://search.babylon.com/?affID=111434&tt=010712_4&babsrc=HP_ss&mntrId=6e7008aa00000000000090a4dea255ab" I can manually delete this file, but every time I start chrome, it is added again? I have no idea what else I can do so any help will be greatly appreciated
3. ## can't remove babylon and buenosearch

Babylon was installed and now buenosearch has taken over. Followed the most widely recommended uninstall instructions (for windows 7): 1. Exited babylon in windows tray (worked) 2. Went to Uninstall using Control Panel – but it does not respond. Goes around in circle like might be initiating and then stops. Can’t open Malware at all will not respond. When open chrome or IE goes to buenosearch. I do have eset security on the computer. Thanks!
4. ## Babylon toolbar in Firefox prefs.js

Hello there. Every time (daily) Malwarebytes runs it finds entries for Babylon toolbar inside the prefs.js file in my Firefox profile. For the first few times I clicked 'Quarantine all', but the next scan the detections are back. I then tried manually selecting 'quarantine' for each item (about 20) but when the next scan is run, guess what? They're baa-aaack!. I then deleted the prefs.js file from this path: AppData\Roaming\Mozilla\Firefox\Profiles\nnnnnnnnnn\ but, you guessed it. The detections were back in the next scan. I'm really getting tired of this and would love to hear an explanation. Here are some typical entries: PUP.Optional.Babylon.A, C:\Users\username\AppData\Roaming\Mozilla\Firefox\Profiles\r19v7a82.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"), Replaced,[da9b53d6403b39fd095d79d1ce36ca36] PUP.Optional.Babylon.A, C:\Users\username\AppData\Roaming\Mozilla\Firefox\Profiles\r19v7a82.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.smplGrp", "none"), Replaced,[1263ec3d92e9bf7767ffa9a1ee16d12f] PUP.Optional.Babylon.A, C:\Users\username\AppData\Roaming\Mozilla\Firefox\Profiles\r19v7a82.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.srcExt", "ss"), Replaced,[175efd2cf289ba7cb5b163e780841ee2] PUP.Optional.Babylon.A, C:\Users\username\AppData\Roaming\Mozilla\Firefox\Profiles\r19v7a82.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.tlbrId", "base"), Complete log attached.MB_Log.txt Thank-you.

6. ## Malware Removal Attempt #2: The Reckoning

Knights of M.Bytes, I humbly request your consideration as I secure the machines that have until recently been under the exiguous care of my predecessor; Every device was running bare bones internet explorer(although I have heard many proclaim the redemption of MS's competence in the browser realm) and an inconsistent smattering of redundant antivirus', with no two machines running the same brand. As I assuage the chaos and foment a new zen in my jurisdiction I will post my inital malwarebytes .txt dymp here. I found this forum via google queries in the past month pertaining to specific species of malware. The user "Gringo" has proven to be a suitable search term since I have benefitted from his expertise several times with issues on my non-work projects. ____________________________________________________ It would appear that this first computer http://i.imgur.com/kpCcmud.jpg was host to at least two malicious objects (which is an improvement from 30+ last time around) and as soon as malwarebytes:anti-malware(fullscan) detected these two elements I recieved a pop up notification from my antivirus (Comodo Antivirus) indicating that it too had coincidentally noticed two malicious objects. I didn't really hesitate to select the "take care of it" button on the Comodo alert. Out of habit I was concurrently running an instance of Malwarebytes:Anti-Rootkit. It completed its scan shortly after I instructed Comodo to purge the offending objects and announced that there was no malware detected. at any rate here is the Malwarebytes log _____________________________________________________ Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.06.20.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16618 Apex :: APEX-I3-02 [administrator] 6/20/2013 2:41:00 PM MBAM-log-2013-06-20 (15-29-34).txt Scan type: Full scan (C:\|Q:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 347355 Time elapsed: 48 minute(s), 15 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PDFPerformer (PUP.BundleInstaller.IB) -> No action taken. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Program Files (x86)\Uninstall Information\Ib\34\3701\ib_uninstall.exe (PUP.BundleInstaller.IB) -> No action taken. (end) __________________________________________________________________________________ Following this scan I opted to strike the "Remove Selected" button (MalwareBytes:Anit-Malware), and I shall agree to restart my computer remove the active threats as soon as I have succesfully posted this message. Although I appear to have removed everything that is what I thought the first time around, hence; this thread. Thank you for your time -R.E.M.

12. ## remove a Babylon infection

Hello I need to remove a Babylon infection, pretty sure I got it from a Cnet installer and I exited as soon as I saw the word toolbar, I definately didn't authorize anything to install. I can keep it at bay in browser search and homepage but its still there when I use the actual address bar. Its driving me mad, and I want to add this PC to my network but I am woried it might transfer to the other computers. (this computer has never been on the network before). I ran malwarebytes full scan and it came out with no threats found. I was also running MS security essentials when it got in, I since changed that to Norton internet security. Can anyone help please. Cheers Keith
13. ## can't get babylon clean (repost)

Hello, I was working with Gringo on cleaning Babylon from my PC, but my account and the thread were lost in the recent data corruption. I have the e-mails, though, of course. Should I post anything from those? The last thing I did was run HJT and make some fixes, and then run the Eset Online Scanner. Below are the results of that scan. Thanks! Trevor ------------------------------------------- C:\Documents and Settings\trevor\My Documents\Downloads\cnet2_Unlocker1_9_1_exe.exe a variant of Win32/InstallCore.D application C:\Documents and Settings\trevor\My Documents\Downloads\Unlocker1.9.1.exe a variant of Win32/Toolbar.Babylon application
14. ## Babylon infection

hello first time here. it seems I downloaded the babylon thing that now has taken over as web browser. the malwarebyts software wont get rid of him. then I reset forefox and it seemed to work, until it didnt anymore. Then I looked for info on this site and tried to do what Maniac was telling other people. My IT knowledge is limited though. so I run that OTL or something anti-malware software and ran a scan and it gave a kind of very long report in the end. I saved that in a word file. I also told the OTL software to "clean". it did so and restarted pc but didnt work, Its still there. can anyone help me? I attach the results of the OTL scan, in case its useful thanks, maria malware.doc

17. ## Babylon

I have been infected with Babylon which takes over as the search engine and defaults to the Babylon when I open a new tab. I'm using IE8 and not the most computer literate person in town!

Hello~ I've been recently getting a random advertisement / music playing in the background coming from absolutely nothing. I've tried restarting numerous times, and even restored to an earlier point in time 3 times lol. It was proven no help and continued to make the random audio. I suspected it to be a virus/ malware so i ran numerous tests with spybot, malwarebytes, ccleaner and many more. I've also detected a babylon and managed to partially get rid of it. ( not quite sure if its fully removed because it is still in firefox about:config and some files continue to come back even after countless resets. And on IE i was able to disable babylon from search provider, but was unable to delete it). Im not quite sure if babylon has anything to do with this =/ , but if you could plz help me get to the bottom of this, itd rly help alot~ As you may already know, i dont know too much about computers =/ so a step by step direction would be greatly appreciated TY~ Also a system recovery is not responding and will not load for some reason =/
19. ## complaint

i just today got malwarebytes from everything i had read it was the best anti viral system out there now my browser has been hijacked by babylon which was not a probelm until i downloaded your system.This hijack came from your website.I am not a programmer or engineer and now i will have to pay to have this removed
20. ## Babylon problem

Hi everyone. I recently downloaded a sketchy torrent, and along with that torrent came a file called, "Online Media File" Or something. Instead of what I wanted to downloaded, it downloaded something like "Free ride games" and "Fun moods" and "Giant savings". I really didn't want these files, but along came the browser called "babylon". This is the part I hate most. Everytime I access Google Chrome (My main browser), it goes up as babylon. I think I've deleted all the other malicious games, but babylon is still there. I'm not sure if System Restore, will do the trick, and I've tried almost EVERY tactic there is on forums. None worked. So I'm counting on the experts and geniuses of MalwareBytes to solve this problem to the best of their abilities. Also, I'm really not that good with Computer terms, so I need a patient guide who will bare with me. I really appreciate whoever can help me, especially those who've had this problem. Best of luck to both of us. -Regards, Terry.
21. ## babylon has infected browsers - help needed!

Infected with babylon I use IE8 and google chrome on xp Both are infected with babylon No actions taken other than backup, ran malwarebytes and the tool to generate the attachments included thanks attach.txt dds.txt
22. ## isearch.babylon.com

Hi guys, first, please excuse my english, Im not a native speakter. OK, now whats the problem? The problem ist http://isearch.babylon.com. Every time when I put some word or phrase in the upper search task in place of ggogle isearch.babylon is going to search. I´ve already tried a lot: Spybot Search & Destroy, Unlocker, Registry Cleaning of all "Babylon" stuff, my homedirectory in the Firefox etc. Nothing works. I´ve the firefox 9.01 and windows 7 64 bit. Maybe anybody would be able to help me to get rid of that babylon search tool? In the attachment you´ll find a picture.... Greetings Jonathan
×

• Back
• Learn