Infected with Babylon Search; need help cleaning PC

webgal318,

Here are some instructions that you will find helpful:
Remove Babylon Search hijack (Uninstall Guide)

Basically, this is how the process goes...


Uninstall Babylon Search

• Please click Start > Control Panel > Uninstall a program
• Search for and uninstall Babylon, Babylon toolbar on IE, Yontoo, BrowserProtect, or any Babylon related entry.

Remove Babylon Search from Internet Explorer

• Open Internet Explorer,then click on the gear icon at the top right and select: Manage add-ons.
• From the Toolbars and Extensions tab, select Babylon toolbar, Babylon toolbar helper, Babylon IE plugin, babylonToolbar.com or anything related to Babylon.
• Next click on: Disable
• Under Add-on Types, click: Search Providers
• Select a search provider, click Set Default, then click on Search the Web (Babylon) in the list and click on Remove
• To change your home page, go to the home page you normally use..
• Next, click on the gear icon , select Internet Explorer options, and in the General tab, under the Home page section, click on Use current to restore your Internet Explorer home page.

If you use FireFox or Chrome, check the link provided at the beginning of this post, and follow its instructions.


Remove Babylon Toolbar Registry keys

• Please download AdwCleaner: http://www.bleepingcomputer.com/download/adwcleaner/
• Save the program to the Desktop
• Close all open programs and internet browsers.
• Right-click on adwcleaner.exe and select: Run As Administrator
• At the program console, click on: Delete
• When the program is done, the computer is rebooted automatically, and a text file opens after the restart.

Please post the AdwCleaner report in your reply. <<<---



Scan with Malwarebytes Anti-Malware

• Download:http://www.malwarebytes.org/mbam-download-exe.php
• Save to the Desktop
• Right-click the MBAM file, and select: Run as Administrator
• When the installation begins, follow the prompts in the setup process.
• DO NOT make any changes to default settings and when the program has finished installing, make sure only the Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware options are checked.
• Uncheck: Enable free trial of Malwarebytes Anti-Malware PRO
• Click on the Finishbutton.
• If an update is found, the program automatically updates itself.
• At the program console, on the Scanner tab, and select: Perform Full Scan
• Next, click on the Scanbutton.
• When the Malwarebytes scan is completed, click on: Show Results
• When presented with a screen showing the malware detected, make sure everything is Checked, and click on: Remove Selected
• When removal is completed, a report opens in Notepad.

Please copy/paste the entire contents of the MBAM report in your reply. <<<---


Note: If MBAM encounters a file that is difficult to remove, you are asked to reboot the computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) prevents MBAM from removing all the malware.

webgal318,

Are you still having problems with Babylon Search?

Also use the Junkware Removal Tool Download
Save to the Desktop.

Make sure you temporarily disable your AntiVirus, Firewall, and any other AntiSpyware applications.
These programs may interfere with the running of JRT.
Info: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides


Right-click JRT.exe and select: Run as Administrator

The tool opens and starts scanning the system. Please be patient as this can take a while...


When done, a report, JRT.txt is saved on the Desktop.

Please post the contents of JRT.txt in your reply.



Last, let’s check the Security status with the following...

Download Security Check:
http://screen317.spywareinfoforum.org/
Save to your Desktop.

Double-click SecurityCheck.exe

Follow the onscreen instructions inside the black box.

When done, a Notepad report opens automatically, called: checkup.txt

Please post the checkup.txt in your reply.

(Please do not take any corrective actions!)

Security Check should support your system without any problem.

Delete the previous download, and try downloading it from here:
http://screen317.spywareinfoforum.org/SecurityCheck.exe

Then, run the program. See if you have better luck.

Let me do some more checking on the program. Would like to find out why it does not run on your system.

In the meantime, please run an online scanner...

This may take a while, so run the following when you can be home.

The ESET Scanner is implemented as an ActiveX control, so it is best run on Internet Explorer.
Right click the IE shortcut and select: Run as Administrator

Next, download: Free Online Virus Scanner | ESET

On the ESET website, click on: Run ESET Online Scanner
Click: Start

When asked, allow the add-on to be installed
Click: Start again

On the next prompt, Computer Scan Settings, check: Remove found threats
Next, click on: Advanced Settings


Make sure these options are checked:

• Scan for potentially unwanted applications
• Scan for potentially unsafe applications
• Enable Anti-Stealth Technology

Click: Scan



When the scan is completed, if threats are found, in the Scan Results prompt:

• Click on: List of threats found
• Click on: Export to text file
• Save to the Desktop and name it ESET Scan Results
• Click on: Back
• Place a check on: Uninstall application on close
• Click on: Finish, and close the program.

Please provide the ESET report in your reply to determine if any further action is necessary.

Just a thought...

Try running Security Check in Safe Mode:

Please start the computer, and as it starts, tap the F8 key before the Windows logo appears.
When you get the Advanced Boot Options screen, use the arrow keys to highlight Safe Mode, and then press: Enter