Search.babylon.com

Search.babylon.com Description


Search.babylon.com is a fake search engine website that imitates Google, as well as using browser hijackers to steal Google’s traffic and lock down other aspects of web-browsing applications. SpywareRemove.com malware researchers have found that most Search.babylon.com infections occur from compromised software installations that also contain Search.babylon.com’s malicious Browser Helper Object (also known as a BHO) and may install it without consent. You shouldn’t try to combat the symptoms of a Search.babylon.com browser hijack by changing your browser; instead, delete the browser hijacker itself by using a suitable anti-malware program.

Finding Your Way to Search.babylon.com (and Why You’ll Want to Come Back)


The majority of Search.babylon.com attacks happen only after the victim has installed Babylon-brand translation software, which often contains a Search.babylon.com browser hijacker that it also installs. SpywareRemove.com malware researchers have noted that, much like a ,Google Redirect Virus, ,Google Redirect Hijacker or Redirecting Google Searches infection, Search.babylon.com’s browser hijacker can redirect you from Google searches to Search.babylon.com’s own search page without your permission. These attacks may target any popular browser, including Firefox, Chrome and Internet Explorer.

Unlike some forms of search engine hijackers, however, Search.babylon.com will also hijack your homepage and lock it to Search.babylon.com.
Download SpyHunter Spyware Scanner
Meanwhile, browser settings will be ‘grayed out’ to prevent you from changing their values back to normal. Although keeping your web browser and security software up-to-date can help to reduce these forms of security vulnerabilities, nothing except avoiding a Search.babylon.com browser hijacker infection altogether can perfectly protect your computer from Search.babylon.com redirects.

Browsing Search.babylon.com’s Fraudulent Search Result Scenery


Search.babylon.com tries to appeal to casual visitors by using the same interface as Google, but SpywareRemove.com malware experts have noted huge differences between Google’s search results and Search.babylon.com’s – namely, in the fact that Search.babylon.com’s search results aren’t useful at all! Visiting Search.babylon.com’s search result links can result in any or all of the following issues:
  • Losing private information to phishing websites that imitate the appearance, but not the security of a legitimate website. Phishing sites may appear to be identical to a normal website in all ways, save for a mismatched web address or URL.
  • Being attacked by automatically-installed infections through drive-by-download Flash or JavaScript scripts. Disabling Java and Flash can reduce, but does not eliminate the chances of such drive-by-download attacks.
  • Being exposed to fake system alerts, error messages and system scans that warn you about infections and other problems that aren’t on your PC. Websites that use these attacks may attempt to sell rogue security software, which try to ask for money while simultaneously pretending that your PC is being threatened by countless Trojans, worms and other types of harmful software.

You can remove Search.babylon.com browser hijackers with suitably-powerful anti-malware software, although, in the meantime, SpywareRemove.com malware analysts strongly encourage you to use Safe Mode and avoid usage of your browser.

Search.babylon.com Automatic Detection Tool (Recommended)


Is your PC infected with Search.babylon.com? To safely & quickly detect Search.babylon.com, we highly recommend you run the malware scanner listed below.



Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
  • The following files were created in the system:
    # File Name
    1 %Windows%\system32\DRIVERS\mrxsmb.sys
    2 %Windows%\system32\consrv.dll
    3 BabylonToolbar.dll
    4 BabylonToolbarsrv.exe

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\BabylonToolbar\BabylonToolbarSubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
  • The following CLSID's were detected:
    HKEY..\..\{CLSID Path} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}\Instl\DataHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}\VersionIndependentProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}
Posted: October 3, 2011 | By
Share:
Follow Me on Pinterest More More
Threat Level: 5/10
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Rate this article:

One Comment

Leave a Reply

What is 6 + 6 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)