How Do You Get Rid of the Babylon Toolbar?

This post, which explores some false paths taken in a decision making process, started with a previous post discussing how a senior client of mine went from a desktop to a laptop. She gave me her XP desktop, which apparently had not been updated from the factory. It had no service packs installed at all. Not to worry, I set about upgrading the hardware and then settled in to what I expected would be a tedious, but unchallenging series of updates to bring it up to modern standards. I was wrong.

The trouble started, as it often does, when I let my guard down in response to a Microsoft problem. It does not seem to directly support upgrading raw XP systems to the SP3 status, so I searched for a site that would have an SP1 or SP2 package that I could download. One of the top results was a link to Soft32, which was indicated as safe by my trusty WOT add-on in Firefox. It was late, and I was tired, so I probably simply overlooked the CNET.com alternative. A few clicks and I was in business. Having updated the basic XP, I could now start the arduous process of downloading the accumulated updates. Or course, Microsoft Security Essentials was one of my downloads. Malwarebytes was another.

Things looked real good until I happened to open Firefox again and saw that it had been hi-jacked by something called a Babylon toolbar. I did not want it. So started my headache, but it also presented a good example of following a decision tree to solve a problem. In what follows, you will see how I navigated inefficiently through the maze to eventual success.

I started by looking at Firefox itself. The intruder was not listed in the Firefox tools area, and nothing appeared in the “remove programs” part of the XP control panel. So next I went to Explorer and searched the HD for meaningful names to delete. This was followed by a quick search through the registry using regedit. You might be comfortable registry diving, but it always gives me pause. After deleting everything that looked remotely suspicious, I fired up Firefox again and, right across the blue banner at the top, was something called Babylon Search!

Obviously, at this point, I should have gone online and searched for help, but this is an article about decisions. I made the stubborn decision to persevere by myself. If something was wrong with Firefox, I figured I could simply uninstall it and do a clean re-install. That will usually fix anything. Surprise: The new installation had the same infection. In frustration, I uninstalled it again and ran scans with both Malwarebytes and MSE. The system was clean. Then I reinstalled Firefox for the third time. No change. In frustration, I resorted to an old friend, Spybot S&D. I downloaded it using Firefox and ran a scan. This time it found a lot of entries for Babylon and fixed them. That was good — for a while. When I opened Firefox again, it was still infected. For those of you following my fumbling, note the order in which I did things. A clue to what was wrong is right in front of us where I should have seen it. Alas, my mind must have been in neutral. In frustration again, I decided that maybe Internet Explorer — which I used to download Firefox — was compromised, so I downloaded Opera using another machine, installed it, and used it to install (fourth time) Firefox with no improvement; Babylon was still there offering to do whatever it does for me.

Having gone through a reasonable decision tree and not achieving success, I now did what should have been done sooner, and looked for a solution online. There are many solutions available. A quick reading of some of them showed me that the authors did not know any more about the situation than I did, even though they swore their method would work. But the consensus seemed to be that some of the things I did should have worked. So I must have been doing something stupid (acknowledging that you are doing something stupid is a valuable, but often overlooked tool). That turned out to be the case.

I think that there are enough clues embedded in this account to allow a reasonable guess about what I did wrong in trying to rid myself of Babylon. The answer follows, but before reading it, pretend that you are with me struggling with this problem. I value your input and beg for help. What do you suggest?

How Do You Get Rid of the Babylon Toolbar? I Did It.The answer is implicit in the screenshot showing the next to last step in uninstalling Firefox. Like many folk who are tired of the yada-yada on various screens, when this one popped up, I clicked the uninstall button at the bottom and waited. An observant person (which I was not) would notice the check box in the middle of the screenshot. By clicking uninstall without selecting that box, I was telling Firefox that I might be back and if I did come back, I wanted it to be the same as it was at the time of uninstallation — complete with Babylon.

Duh! When I finally woke up and realized that, I checked the box, uninstalled Firefox, and then reinstalled it with no difficulty — and it worked correctly!

Part of the reason for dwelling on this fiasco, which does not do my reputation any good, is to lay out the decision pattern I tried to follow, and if I had done it correctly instead of flailing, it would not have been such a problem.

We can speculate that since this was a new installation, I did not have any bookmarks or other personal data or customization invested in the Firefox installation. Therefore I was not as careful about deciding what to do as I would have been if there had been some personal investment of time involved. Maybe that is true, but it does not really matter. I made a couple of mistakes while upgrading a computer and paid for it with frustration. Let him who has never done the same thing cast the first stone.

Article Written by

  • hansjolo

     Hi, Youre over thinking the problem, keep a backup and then just delete these files and replace with your backup in the same locations. Ive been doing it for years.
    C/Documents and Settings/”your name”/Application Data:Mozilla and Mozilla control folders,,,,C/Documents and Settings/”your name”/Local Settings/Application Data:Mozzilla folder,,,,C/Program Files:Mozzilla active x control and mozzilla firefox and mozzilla.org folders.
    Joel

  • http://erniecordell.wordpress.com Ernie Cordell

    Isn’t there a way to kill it in deep browser settings (which may not meet with the approval of many) for those who don’t want to surrender that investment?

  • http://erniecordell.wordpress.com Ernie Cordell

    Isn’t there a way to kill it in deep browser settings (which may not meet with the approval of many) for those who don’t want to surrender that investment?

    • Sdeforest

       Probably, but the point of the post was that I was following a semi-logical decision tree rather than being an expert on browsers.  If I had been more observant, it would have been quickly solved without a detailed knowledge of browser settings.

      • http://erniecordell.wordpress.com Ernie Cordell

        And I was asking the question poorly:  That is information that I actually seek because I suspect that other intruders are using the same mechanism and I have a lot of settings that I want to keep.  I saw how your path to a solution was a little like what William H. Calvin called, “the meandering agenda of a scientist” in his book ‘Cerebral Symphony’ 
        http://books.google.com/books/about/The_Cerebral_Symphony.html?id=iZoHAAAACAAJ

  • johnwerneken

    daily…do it daily yes i do lol. I figure I can always fix it later…F.O.R.D., Found On Road Dead unless Fix Or Repair Daily! Windows REALLY comes from DETROIT!

  • Ian Singleton

    Most anti malware programs such as malware bytes will shift it for you as well it is adware although not very dangerous it’s a pain to get rid of and changes your home page which is very annoying. Also Revo uninstaller is very good to get rid of these programs that don’t show up in add remove programs on Windows.  The way you did it worked but you had to reinstall Firefox which is a pain.

    • Sdeforest

       It was more of an annoyance than a pain because this was a new install–or rather a re-construction.

  • Ian Singleton

    Most anti malware programs such as malware bytes will shift it for you as well it is adware although not very dangerous it’s a pain to get rid of and changes your home page which is very annoying. Also Revo uninstaller is very good to get rid of these programs that don’t show up in add remove programs on Windows.  The way you did it worked but you had to reinstall Firefox which is a pain.

  • Sdeforest

    The is no doubt I could have let it go to fix later.  It was not like having a Trojan, but it was not something I wanted.

  • Sdeforest

     Backups are good, but this was a fresh install with no backup.  Periodic factory recovers are good too.  But you have to have a history before either a backup or a recovery makes sense.

  • Bruce Bates

    From the start, I would have recommended using hijackthis! There never would have been a second option. 

    • Sdeforest

       I never claimed to have solved the problem optimally.  In fact, my approach was kind of backward, but at the time it was my frame of mind.

  • germs

    how many popup ads are too many for one article?

  • fireworksordie41

    Toolbars used to be good to provide instant search function in IE but then Firefox added one in the top right (and then later integrated search into the address bar much like Chrome, IE now, probably others) rendering toolbars completely useless.  As for notifications, toolbars also fail thank to the invention of tabbed browsing, since we have an e-mail tab open at all times.  And if you really want fast notifications, then you just use Firefox/Chrome extensions to put a single icon somewhere to notify you.  No need to use a whole bar.

    • Sdeforest

       I agree.  The issue here is dealing with toolbars that get installed automagically.

      • fireworksordie41

        Yeah I guess I was more responding to the video… it makes me angry that things like Java even have pre checked boxes for things like toolbars

  • Today

    From the start I would have backed up all files, gotton the XP Key it was registered with and reinstalled XP Service pk 3 with the same key from the disk I have.

  • aw3som3

    most awesom3 toolbar mess EVER!!! :D

    • Sdeforest

       Aw, I’ve seen worse

  • http://profiles.google.com/matt.wartell matt wartell

    That’s an arguably bad default to have it unchecked. If I’ve asked you to uninstall yourself, then uninstall.

    However, following the principle of least damage, I can see why Mozilla would not want to harm the user whose typical response to “app is misbehaving” is uninstall/re-install. The opacity of Windows MSI management has engendered the policy of “don’t try to figure out what is wrong because you can’t”. Sigh.

    • Sdeforest

       Interesting, I had exactly the same chain of thought.  I guess there is no right answer, but they could make it more obvious

  • http://profiles.google.com/rysliv ryan haz

    Ive seen like 20

    • Sdeforest

       How did anything else fit on the page?

  • Damon Grills

    >Tech enthusiast
    >Mac

    Okay there bud.

  • Damon Grills

    >Tech enthusiast
    >Mac

    Okay there bud.

  • mr_bulow

    Chrome. Done.

  • mr_bulow

    Chrome. Done.

  • DisturbedComputer

    Zero Toolbars for me   can’t say the same for my older sister her toolbar is like 5 to 7 inches long .. I fixed her PC and removed them all. the next day she was mad cause all the crap she likes did not work so I did a system restore to put them all back on.. and yet she wants to cry MY PC is SLOW .. I told her YES it will be .. also when I removed them she had 4,000 mywebsearch.. yes you read it right four thousand + just for mywebsearch. a year later she said she had to buy a new PC cause it 
    was so slow I told her well yes it will be with all the crap you have on it..(and it was a nice pc) so 6 to 8 months later with the new PC. she calls me and asks why is my PC slow again. I told her because of all the crap you THINK you want, sorry sis but I can’t help you, as long as you install that crap on your PC.it will be SLOW. then she said I will have to buy a new one then… oh you will ok give me your OLD one.. now about 4 months ago she was telling me her keyboard was broke cause she *
    spilled coke on it. that she was going to buy a now KB … I told no I will send you one I have 5 of them.. she said is it DELL I have a DELL PC .I told her no it’s Not DELL and it did not matter what brand it was. she said no it has to be a DELL as MY PC is a DELL.I then told her to STOP using Computers as she dose not know what the fuck she is doing.  oh and she has had a PC like 10 years long then I have had one… some people just don’t need to have PC’s.