Not what you were looking for? Ask our experts!
Reply
Visitor
an-an
Posts: 9
Registered: ‎04-08-2012

Is MyBabylonTB (a "recommended" toolbar with java download) a virus?

Hi

 

I did two downloads today - VLC media player and java. VLC was definitely a problem despite a pre-scan with Norton and seemed to have malware embedded with the download (when I clicked on "next" stages, I had problems). They seem to have been solved now, but I'm worried about the java (http://www.java.com) download as it also included a toolbar  MyBabylonTB.

 

Along with the java download (pre-scan first by Norton) there was a stage to tick or untick with "recommended Babylon toolbar" and setting homepage and default. I left the box ticked for the recommended toolbar and unticked the others.

 

A Norton scan showed that I'd agreed to allow this Babylon site to access my computer. I started to have second thoughts about it when I saw on the same scan results that there was another site that I'd also allowed to have access from the VLC download. In both cases no indication of warning was given by Norton, except that Norton, during the VLC download, had also blocked a "high" dangerous intrusion  - from the same website I'd allowed access to.

 

I did a full scan with anti-Malware, which showed up two adware objects from the problem site and I deleted them. The scan did not show up anything about MyBabylonTB from the java download.

 

An internet search I did brought up a variety of messages about this MyBabylon software. Some recommended doing a search for Babylon and to remove it.

 

Does anyone know anything about this software? Is it safe or a virus (a roottkit?)? How can I find and remove it if so? The anti-Malwarebytes scan did not detect it if it's a problem and neither did Norton.

 

Thanks for any help! 

Super Spam Squasher
Bombastus
Posts: 1,795
Registered: ‎11-16-2009

Re: Is MyBabylonTB (a "recommended" toolbar with java download) a virus?

Its is not a virus or a rootkit, but a "potentially unwanted program". It doesn't do anything malicious, but most users find it annoying, and it can be a pain to get rid of. It doesn't do anything useful, and you might as well remove it.

Visitor
an-an
Posts: 9
Registered: ‎04-08-2012

Re: Is MyBabylonTB (a "recommended" toolbar with java download) a virus?

Thanks. Good news that it's not a major problem.

 

Has anyone got any advice on how to locate and remove My BabylonTB? There're some ideas online but I'm abit worried about following instructions from an unknown source without really knowing what it will do to my computer. Anyway the instructions weren't clear to me.

 

I use Windows (Home) 7 version.

Bot Obliterator
Quads
Posts: 16,541
Registered: ‎07-21-2008

Re: Is MyBabylonTB (a "recommended" toolbar with java download) a virus?

Download OTL http://www.bleepingcomputer.com/download/otl/

 

Disable Norton for say 30 minutes

 

Start OTL,  

Click the Scan All Users checkbox.

Change file age to 90 days

 

Press the 

 

 

An OTL.txt  and extras.txt will be created.

 

Quads

Visitor
an-an
Posts: 9
Registered: ‎04-08-2012

Re: Is MyBabylonTB (a "recommended" toolbar with java download) a virus?

Thanks for the help. I'm a bit wary of running programs when I have so little knowledge of what to do if anything goes wrong. Normally I'm really careful about what I download so this has been frustrating.

 

I asked for more info on the bleeding computer site and got mixed answers. I uninstalled the toolbar MyBabylonTB from the control panel and then followed advice from the other sites to check for any traces in the add ons / extensions under all search engines. There wasn't any trace and another scan by MBAM showed up nothing.

 

However, when I uninstalled MyBabylonTB it took me to the Babylon site under Opera. I ran a check on this site address which is secured by Norton but has terrible community reports. Since then, I've had problems with Opera search engine.

 

Norton automatically opens Opera whenever I do a website address check and it always uses Opera when clicking on "get support". I uninstalled Opera and then re-installed it. Same problem. Without Opera, Norton safe site address check uses IE, but nothing happens when clicking on "support" etc.

 

Any ideas on what to do now? I don't mind not having Opera installed but why won't Norton use other search engines now?

 

This is what I get on Opera:

 

Bad Request

 

Your browser sent a request that this server could not understand.

 Size of a request header field exceeds server limit.

Cookie: __utma=41374496.270877458.1334016806.1342208490.1342211757.24; __utmz=41374496.1334016806.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); user_pref_lang=ENG; naintel=323a543a543a31322f31362f31333a423a463a543a333a327c323a543a463a372f32392f31303a3a543a463a313a31; TLID=NdCTxPK4DCt5X2ygQFGlPzJwd1x1Y4hzDGLpyyTNvm9hNTB176J0T!1775332451!1334491203333; AKNORT=36g3XCkTyEQCKWhZX2q2v0iGItxQ56uXIKWo58t-9szzD7JnwguSU2w; PROGRAMID=; PROGRAM_TYPE=UNKNOWN; VISITORID=1715954956; s_pers=%20s_eVar65%3D%255B%255B'store%25253Aonline%252520%2525281st%252529'%252C'1324590432079'%255D%252C%255B'store%25253Aretail'%252C'1324597905275'%255D%252C%255B'store%25253Aonline%252520%2525281st%252529'%252C'1324597920688'%255D%252C%255B'store%25253Aretail'%252C'1324598864574'%255D%252C%255B'store%25253Aonline%252520%2525281st%252529'%252C'1324598872213'%255D%252C%255B'store%25253Aretail'%252C'1324718900373'%255D%252C%255B'store%25253Aonline%252520%2525281st%252529'%252C'1333958732565'%255D%252C%255B'store%25253Aonline%252520%252528returning%252529'%252C'1333959342258'%255D%252C%255B'store%25253Aonline%252520%2525281st%252529'%252C'1338853473216'%255D%252C%255B'online%252520%2525281st%252529'%252C'1342148937234'%255D%255D%7C1499915337234%3B%20s_eVar63%3D%255B%255B'store%25253Archa'%252C'1324598864570'%255D%252C%255B'store%25253Aother'%252C'1324598872211'%255D%252C%255B'store%25253Archa'%252C'1324718900371'%255D%252C%255B'store%25253Aother'%252C'1331962103556'%255D%252C%255B'store%25253Anorefurl'%252C'1331962139977'%255D%252C%255B'store%25253Aother'%252C'1332021093798'%255D%252C%255B'store%25253Anorefurl'%252C'1333958732538'%255D%252C%255B'store%25253Aspecialoffersamsw'%252C'1333959342256'%255D%252C%255B'store%25253Anorefurl'%252C'1338853473212'%255D%252C%255B'symcom'%252C'1342148965923'%255D%255D%7C1499915365923%3B%20s_eVar4%3D%255B%255B'enus_hho_sp_addlresources_nis_forums'%252C'1342212960720'%255D%255D%7C1499979360720%3B%20s_gpv%3Den%252Fus%253A%2520hho%253A%2520products%253A%2520tutorials%253A%2520tutorials%253A%2520file%2520types%2520%257C%2520how%2520to%2520use%2520norton%2520file%2520insight%7C1342234559947%3B%20s_eVar72%3D%255B%255B'Community'%252C'1342208532786'%255D%252C%255B'Your%252520Security%252520Resource'%252C'1342208533237'%255D%252C%255B'Community'%252C'1342208535463'%255D%252C%255B'Products%252520%252526%252520Services'%252C'1342208538925'%255D%252C%255B'Community'%252C'1342211793900'%255D%252C%255B'Your%252520Security%252520Resource'%252C'1342211795193'%255D%252C%255B'Products%252520%252526%252520Services'%252C'1342211797226'%255D%252C%255B'Your%252520Security%252520Resource'%252C'1342212121541'%255D%252C%255B'Community'%252C'1342212134154'%255D%252C%255B'Products%252520%252526%252520Services'%252C'1342212135772'%255D%252C%255B'Community'%252C'1342212884571'%255D%252C%255B'Products%252520%252526%252520Services'%252C'1342212888571'%255D%252C%255B'Community'%252C'1342212972104'%255D%252C%255B'Your%252520Security%252520Resource'%252C'1342212974947'%255D%252C%255B'Products%252520%252526%252520Services'%252C'1342212976940'%255D%252C%255B'Your%252520Security%252520Resource'%252C'1342213116410'%255D%252C%255B'Products%252520%252526%252520Services'%252C'1342213118607'%255D%252C%255B'Your%252520Security%252520Resource'%252C'1342232756678'%255D%252C%255B'Products%252520%252526%252520Services'%252C'1342232760047'%255D%255D%7C1499999160047%3B%20s_prop61%3D%255B%255B'forum'%252C'1342208535781'%255D%252C%255B'Tutorials'%252C'1342208538985'%255D%252C%255B'forum'%252C'1342211794274'%255D%252C%255B'Tutorials'%252C'1342211797292'%255D%252C%255B'forum'%252C'1342212134590'%255D%252C%255B'Tutorials'%252C'1342212136164'%255D%252C%255B'forum'%252C'1342212885416'%255D%252C%255B'Tutorials'%252C'1342212888983'%255D%252C%255B'forum'%252C'1342212973001'%255D%252C%255B'Tutorials'%252C'1342232760401'%255D%255D%7C1499999160401%3B%20s_nr%3D1342232760889-New%7C1362968760889%3B%20event69%3Devent69%7C1362968761084%3B; needlepin=N150d13398052343740000000073b48cff0000000000000000; s_sv_112_p1=1@109@d/9630/9786/9585/8686/8235/7860&s/9620/9632/7911/7910/7908/7909/7861/7857/7764/7383/7216/7214/6893/5742&e/159; SSE=555323656e2353796d616e7465635f73796d457056656e646f72; tt=4349443a34303136382c34303136382c34303136382c34303136382c34303136382c34303136382c34303136382c34303136382c34303136382c34303136382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c34323233382c34323233382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c34323233382c34323233382c32373636382c32373636382c32373636382c34323233382c32373636382c34323233382c32373636382c32373636382c34323233382c34323233382c34323233382c34323233382c32373636382c34323233382c32373636382c34323233382c32373636382c32373636382c34323233382c34323233382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c34323233382c34323233382c32373636382c32373636382c34323233382c34323233382c32373636382c32373636382c34323233382c34323233382c32373636382c32373636382c32373636382c32373636382c34323233382c34323233382c34323233382c34323233382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c34323233382c34323233382c34323233382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c34323233382c34323233382c32373636382c32373636382c34323233382c34323233382c32373636382c32373636382c34323233382c34323233382c32373636382c32373636382c34323233382c34323233382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c34323233382c34323233382c32373636382c32373636382c34323233382c34323233382c32373636382c32373636382c34323233382c34323233382c32373636382c34323233382c32373636382c34323233382c32373636382c32373636382c34323233382c32373636382c32373636382c34323233382c34323233382c32373636382c32373636382c34323233382c34323233382c32373636382c32373636382c32373636382c32373636382c34323233382c34323233382c34323233382c34323233382c32373636382c32373636382c32373636382c34323233382c32373636382c32373636382c34323233382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636382c32373636387c4549443a32332c32332c32332c32332c32332c32332c32332c32332c32332c32332c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372c372

 

Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/0.9.8e-fips-rhel5 Server at localhost Port 80

 

 

Bot Obliterator
Quads
Posts: 16,541
Registered: ‎07-21-2008

Re: Is MyBabylonTB (a "recommended" toolbar with java download) a virus?

You don't want to go to bleeping Computer and download / USE  OTL.

 

Fine I won't remove the objects for you.  I have harder malware ro remove than this easy stuff.

 

Quads