yahoo search malware cannot be removed from my Mac
I've tried setting my default search engines (even though Yahoo isn't even included); I've tried checking the addons and deleting them all; I've tried deleting the application as well as my user folder and ~library files (doing a clean install from Mozilla's website); I've tried installing MalwareBytes, running a scan and rebooting. Nothing so far has worked.
Every time I reboot and attempt to search from the address bar, I get Yahoo Search results.
Application Basics
Name: Firefox Version: 62.0.3 Build ID: 20181001155545 Update Channel: release User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:62.0) Gecko/20100101 Firefox/62.0 OS: Darwin 17.7.0 Multiprocess Windows: 1/1 (Enabled by default) Web Content Processes: 4/4 Enterprise Policies: Inactive Google Key: Found Mozilla Location Service Key: Found Safe Mode: false
Crash Reports for the Last 3 Days
All Crash Reports Firefox Features
Name: Activity Stream Version: 2018.08.22.1219-93becf29 ID: activity-stream@mozilla.org
Name: Application Update Service Helper Version: 2.0 ID: aushelper@mozilla.org
Name: Firefox Screenshots Version: 33.0.0 ID: screenshots@mozilla.org
Name: Form Autofill Version: 1.0 ID: formautofill@mozilla.org
Name: Photon onboarding Version: 1.0 ID: onboarding@mozilla.org
Name: Pocket Version: 1.0.5 ID: firefox@getpocket.com
Name: Telemetry coverage Version: 7.0 ID: telemetry-coverage-bug1487578@mozilla.org
Name: Web Compat Version: 2.0 ID: webcompat@mozilla.org
Name: WebCompat Reporter Version: 1.0.0 ID: webcompat-reporter@mozilla.org
Extensions
Name: Disable Autoplay Version: 1.2 Enabled: true ID: {6674730a-e591-43c6-8680-d332ea121cc2}
Name: LastPass: Free Password Manager Version: 4.17.1.7 Enabled: true ID: support@lastpass.com
Name: Privacy Badger Version: 2018.10.3.1 Enabled: true ID: jid1-MnnxcxisBPnSXQ@jetpack
Name: Adobe Acrobat Version: 18.0.9 Enabled: false ID: web2pdfextension.17@acrobat.adobe.com
Security Software
Type:
Type:
Type:
Graphics
Features Compositing: OpenGL Asynchronous Pan/Zoom: wheel input enabled; scrollbar drag enabled; keyboard enabled; autoscroll enabled WebGL 1 Driver WSI Info: CGL WebGL 1 Driver Renderer: ATI Technologies Inc. -- AMD Radeon HD - FirePro D700 OpenGL Engine WebGL 1 Driver Version: 4.1 ATI-1.68.20 WebGL 1 Driver Extensions: GL_ARB_blend_func_extended GL_ARB_draw_buffers_blend GL_ARB_draw_indirect GL_ARB_ES2_compatibility GL_ARB_explicit_attrib_location GL_ARB_gpu_shader_fp64 GL_ARB_gpu_shader5 GL_ARB_instanced_arrays GL_ARB_internalformat_query GL_ARB_occlusion_query2 GL_ARB_sample_shading GL_ARB_sampler_objects GL_ARB_separate_shader_objects GL_ARB_shader_bit_encoding GL_ARB_shader_subroutine GL_ARB_shading_language_include GL_ARB_tessellation_shader GL_ARB_texture_buffer_object_rgb32 GL_ARB_texture_cube_map_array GL_ARB_texture_gather GL_ARB_texture_query_lod GL_ARB_texture_rgb10_a2ui GL_ARB_texture_storage GL_ARB_texture_swizzle GL_ARB_timer_query GL_ARB_transform_feedback2 GL_ARB_transform_feedback3 GL_ARB_vertex_attrib_64bit GL_ARB_vertex_type_2_10_10_10_rev GL_ARB_viewport_array GL_EXT_debug_label GL_EXT_debug_marker GL_EXT_depth_bounds_test GL_EXT_texture_compression_s3tc GL_EXT_texture_filter_anisotropic GL_EXT_texture_mirror_clamp GL_EXT_texture_sRGB_decode GL_APPLE_client_storage GL_APPLE_container_object_shareable GL_APPLE_flush_render GL_APPLE_object_purgeable GL_APPLE_rgb_422 GL_APPLE_row_bytes GL_APPLE_texture_range GL_ATI_texture_mirror_once GL_NV_texture_barrier WebGL 1 Extensions: ANGLE_instanced_arrays EXT_blend_minmax EXT_color_buffer_half_float EXT_frag_depth EXT_sRGB EXT_shader_texture_lod EXT_texture_filter_anisotropic EXT_disjoint_timer_query OES_element_index_uint OES_standard_derivatives OES_texture_float OES_texture_float_linear OES_texture_half_float OES_texture_half_float_linear OES_vertex_array_object WEBGL_color_buffer_float WEBGL_compressed_texture_s3tc WEBGL_compressed_texture_s3tc_srgb WEBGL_debug_renderer_info WEBGL_debug_shaders WEBGL_depth_texture WEBGL_draw_buffers WEBGL_lose_context WebGL 2 Driver WSI Info: CGL WebGL 2 Driver Renderer: ATI Technologies Inc. -- AMD Radeon HD - FirePro D700 OpenGL Engine WebGL 2 Driver Version: 4.1 ATI-1.68.20 WebGL 2 Driver Extensions: GL_ARB_blend_func_extended GL_ARB_draw_buffers_blend GL_ARB_draw_indirect GL_ARB_ES2_compatibility GL_ARB_explicit_attrib_location GL_ARB_gpu_shader_fp64 GL_ARB_gpu_shader5 GL_ARB_instanced_arrays GL_ARB_internalformat_query GL_ARB_occlusion_query2 GL_ARB_sample_shading GL_ARB_sampler_objects GL_ARB_separate_shader_objects GL_ARB_shader_bit_encoding GL_ARB_shader_subroutine GL_ARB_shading_language_include GL_ARB_tessellation_shader GL_ARB_texture_buffer_object_rgb32 GL_ARB_texture_cube_map_array GL_ARB_texture_gather GL_ARB_texture_query_lod GL_ARB_texture_rgb10_a2ui GL_ARB_texture_storage GL_ARB_texture_swizzle GL_ARB_timer_query GL_ARB_transform_feedback2 GL_ARB_transform_feedback3 GL_ARB_vertex_attrib_64bit GL_ARB_vertex_type_2_10_10_10_rev GL_ARB_viewport_array GL_EXT_debug_label GL_EXT_debug_marker GL_EXT_depth_bounds_test GL_EXT_texture_compression_s3tc GL_EXT_texture_filter_anisotropic GL_EXT_texture_mirror_clamp GL_EXT_texture_sRGB_decode GL_APPLE_client_storage GL_APPLE_container_object_shareable GL_APPLE_flush_render GL_APPLE_object_purgeable GL_APPLE_rgb_422 GL_APPLE_row_bytes GL_APPLE_texture_range GL_ATI_texture_mirror_once GL_NV_texture_barrier WebGL 2 Extensions: EXT_color_buffer_float EXT_texture_filter_anisotropic EXT_disjoint_timer_query OES_texture_float_linear WEBGL_compressed_texture_s3tc WEBGL_compressed_texture_s3tc_srgb WEBGL_debug_renderer_info WEBGL_debug_shaders WEBGL_lose_context Uses Tiling: true Uses Tiling (Content): true Off Main Thread Painting Enabled: true Off Main Thread Painting Worker Count: 4 GPU #1 Active: Yes Vendor ID: 0x1002 Device ID: 0x6798
Diagnostics AzureCanvasAccelerated: 0 AzureCanvasBackend: skia AzureContentBackend: skia AzureFallbackCanvasBackend: none TileHeight: 1024 TileWidth: 1024 Decision Log WEBRENDER: opt-in by default: WebRender is an opt-in feature
Media
Audio Backend: audiounit Max Channels: 2 Preferred Sample Rate: 48000 Output Devices Name: Group Logitech USB Headset H540: AppleUSBAudioEngine:Logitech Inc :Logitech USB Headset H540:00000000:2 ZoomAudioDevice: ZoomAudioEngine:0 Internal Speakers: AppleHDAEngineOutput:1B,0,1,1:0 ASUS PB278: AppleHDAEngineOutputDP:0,1,0,1,5:0:{6904-27A3-000126C4} ASUS PB278: AppleHDAEngineOutputDP:0,1,0,1,0:1:{6904-27A3-00012601} Input Devices Name: Group Unknown USB Audio Device: AppleUSBAudioEngine:Unknown Manufacturer:Unknown USB Audio Device:45A6F5D0:3 Logitech USB Headset H540: AppleUSBAudioEngine:Logitech Inc :Logitech USB Headset H540:00000000:1 ZoomAudioDevice: ZoomAudioEngine:0
Important Modified Preferences
browser.cache.disk.capacity: 1048576 browser.cache.disk.filesystem_reported: 1 browser.cache.disk.smart_size.first_run: false browser.places.smartBookmarksVersion: 8 browser.sessionstore.upgradeBackup.latestBuildID: 20181001155545 browser.startup.homepage_override.buildID: 20181001155545 browser.startup.homepage_override.mstone: 62.0.3 browser.urlbar.timesBeforeHidingSuggestionsHint: 0 dom.forms.autocomplete.formautofill: true dom.push.userAgentID: bd113097e823484e9b1bb3316256d1e4 extensions.lastAppVersion: 62.0.3 font.internaluseonly.changed: true media.gmp-gmpopenh264.abi: x86_64-gcc3 media.gmp-gmpopenh264.lastUpdate: 1537921040 media.gmp-gmpopenh264.version: 1.7.1 media.gmp-manager.buildID: 20181001155545 media.gmp-manager.lastCheck: 1539363245 media.gmp-widevinecdm.abi: x86_64-gcc3 media.gmp-widevinecdm.lastUpdate: 1537921041 media.gmp-widevinecdm.version: 1.4.9.1088 media.gmp.storage.version.observed: 1 network.cookie.prefsMigrated: true network.predictor.cleaned-up: true places.database.lastMaintenance: 1538759304 places.history.expiration.transient_current_max_pages: 48456 plugin.disable_full_page_plugin_for_types: application/pdf privacy.sanitize.pending: [{"id":"newtab-container","itemsToClear":[],"options":{}}] security.sandbox.content.tempDirSuffix: e1190200-99c4-9245-bb7d-c80fcac5f42f services.sync.declinedEngines: services.sync.engine.addresses.available: true signon.importedFromSqlite: true signon.rememberSignons: false storage.vacuum.last.index: 1 storage.vacuum.last.places.sqlite: 1537978786
Important Locked Preferences
Places Database
JavaScript
Incremental GC: true
Accessibility
Activated: false Prevent Accessibility: 0
Library Versions
NSPR Expected minimum version: 4.19 Version in use: 4.19
NSS Expected minimum version: 3.38 Version in use: 3.38
NSSSMIME Expected minimum version: 3.38 Version in use: 3.38
NSSSSL Expected minimum version: 3.38 Version in use: 3.38
NSSUTIL Expected minimum version: 3.38 Version in use: 3.38
Sandbox
Content Process Sandbox Level: 3 Effective Content Process Sandbox Level: 3
Internationalization & Localization
Application Settings Requested Locales: ["en-US"] Available Locales: ["en-US"] App Locales: ["en-US"] Regional Preferences: ["en-US"] Default Locale: "en-US" Operating System System Locales: ["en-US"] Regional Preferences: ["en-US"]
Alle Antworten (1)
Thank you for the detailed configuration information. Unfortunately, that page doesn't show details of your search engine plugins.
Q: What is your current default search engine plugin?
Some third party search plugins like McAfee may show Yahoo results.
Q: Have you tried disabling extensions to see whether those might be causing the problem?
You can view, disable, and often remove unwanted or unknown extensions on the Add-ons page. Either:
- Command+Shift+a (Windows: Ctrl+Shift+a)
- "3-bar" menu button (or Tools menu) > Add-ons
- type or paste about:addons in the address bar and press Enter/Return
In the left column of the Add-ons page, click Extensions.
Then cast a critical eye over the list on the right side. Any extensions Firefox installs for built-in features are hidden from this page, so everything listed here is your choice (and your responsibility) to manage. Anything suspicious, nonessential, or that you just do not remember installing or why? If in doubt, disable (or remove), at least for testing.
Any improvement?