X
Tap here to go to the mobile version of the site.

Support Forum

My browser is infected by .zanzibog.com/?t=1812&ap=1505308272458314&r=8ef9c660131c874196dd8cb4cc9f7705&hp=1&rst=196&z=1 and I can't seem to remove it.

Posted

Hi, From a similar question I downloaded Malwarebytes, which scanned and identified the above as a threat. However, it doesn't seem to have removed the threat. Do you know how I can delete Zanzibog from my Mac please?

Hi, From a similar question I downloaded Malwarebytes, which scanned and identified the above as a threat. However, it doesn't seem to have removed the threat. Do you know how I can delete Zanzibog from my Mac please?

Chosen solution

It sounds like this may be set as your Firefox home page. Restore the default home page this article can help you do that.

Read this answer in context 1
Quote

Additional System Details

Installed Plug-ins

  • Shockwave Flash 32.0 r0

Application

  • Firefox 69.0
  • User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:69.0) Gecko/20100101 Firefox/69.0
  • Support URL: https://support.mozilla.org/1/firefox/69.0/Darwin/en-US/

Extensions

  • Amazon.co.uk 1.1 (amazon@search.mozilla.org)
  • Amazon.com 1.1 (amazondotcom@search.mozilla.org)
  • Bing 1.0 (bing@search.mozilla.org)
  • DuckDuckGo 1.0 (ddg@search.mozilla.org)
  • eBay 1.0 (ebay@search.mozilla.org)
  • Google 1.0 (google@search.mozilla.org)
  • Twitter 1.0 (twitter@search.mozilla.org)
  • Wikipedia (en) 1.0 (wikipedia@search.mozilla.org)
  • Adobe Acrobat 18.0.10 (web2pdfextension.17@acrobat.adobe.com) (Inactive)
  • IBM Security Rapport 2.2.17 (rapportext@trusteer.com) (Inactive)

Javascript

  • incrementalGCEnabled: True

Graphics

  • adapterDescription:
  • adapterDeviceID: 0x6741
  • adapterDrivers:
  • adapterRAM:
  • adapterVendorID: 0x1002
  • contentUsesTiling: True
  • crashGuards: []
  • driverDate:
  • driverVendor:
  • driverVersion:
  • featureLog: {u'fallbacks': [], u'features': [{u'status': u'available', u'description': u'Compositing', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'HW_COMPOSITING'}, {u'status': u'available', u'description': u'OpenGL Compositing', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'OPENGL_COMPOSITING'}, {u'status': u'opt-in', u'description': u'WebRender', u'log': [{u'status': u'opt-in', u'message': u'WebRender is an opt-in feature', u'type': u'default'}], u'name': u'WEBRENDER'}, {u'status': u'blacklisted', u'description': u'WebRender qualified', u'log': [{u'status': u'available', u'type': u'default'}, {u'status': u'blacklisted', u'message': u'No qualified hardware', u'type': u'env'}], u'name': u'WEBRENDER_QUALIFIED'}, {u'status': u'available', u'description': u'Off Main Thread Painting', u'log': [{u'status': u'available', u'type': u'default'}], u'name': u'OMTP'}]}
  • info: {u'CMSOutputProfile': u'AAAM1GFwcGwCEAAAbW50clJHQiBYWVogB+MAAQAFAA4ANAAqYWNzcEFQUEwAAAAAQVBQTAAAAAAAAAAAAAAAAAAAAAAAAPbWAAEAAAAA0y1hcHBsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARZGVzYwAAAVAAAABiZHNjbQAAAbQAAAG8Y3BydAAAA3AAAAAjd3RwdAAAA5QAAAAUclhZWgAAA6gAAAAUZ1hZWgAAA7wAAAAUYlhZWgAAA9AAAAAUclRSQwAAA+QAAAgMYWFyZwAAC/AAAAAgdmNndAAADBAAAAAwbmRpbgAADEAAAAA+Y2hhZAAADIAAAAAsbW1vZAAADKwAAAAoYlRSQwAAA+QAAAgMZ1RSQwAAA+QAAAgMYWFiZwAAC/AAAAAgYWFnZwAAC/AAAAAgZGVzYwAAAAAAAAAIRGlzcGxheQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG1sdWMAAAAAAAAAIwAAAAxockhSAAAACAAAAbRrb0tSAAAACAAAAbRuYk5PAAAACAAAAbRpZAAAAAAACAAAAbRodUhVAAAACAAAAbRjc0NaAAAACAAAAbRkYURLAAAACAAAAbRubE5MAAAACAAAAbRmaUZJAAAACAAAAbRpdElUAAAACAAAAbRyb1JPAAAACAAAAbRlc0VTAAAACAAAAbRhcgAAAAAACAAAAbR1a1VBAAAACAAAAbRoZUlMAAAACAAAAbR6aFRXAAAACAAAAbR2aVZOAAAACAAAAbRza1NLAAAACAAAAbR6aENOAAAACAAAAbRydVJVAAAACAAAAbRmckZSAAAACAAAAbRtcwAAAAAACAAAAbRoaUlOAAAACAAAAbRjYUVTAAAACAAAAbR0aFRIAAAACAAAAbRlc1hMAAAACAAAAbRkZURFAAAACAAAAbRlblVTAAAACAAAAbRwdEJSAAAACAAAAbRwbFBMAAAACAAAAbRlbEdSAAAACAAAAbRzdlNFAAAACAAAAbR0clRSAAAACAAAAbRwdFBUAAAACAAAAbRqYUpQAAAACAAAAbQAaQBNAGEAY3RleHQAAAAAQ29weXJpZ2h0IEFwcGxlIEluYy4sIDIwMTkAAFhZWiAAAAAAAADzFgABAAAAARbKWFlaIAAAAAAAAHHAAAA5igAAAWdYWVogAAAAAAAAYSMAALnmAAAT9lhZWiAAAAAAAAAj8gAADJAAAL3QY3VydgAAAAAAAAQAAAAABQAKAA8AFAAZAB4AIwAoAC0AMgA2ADsAQABFAEoATwBUAFkAXgBjAGgAbQByAHcAfACBAIYAiwCQAJUAmgCfAKMAqACtALIAtwC8AMEAxgDLANAA1QDbAOAA5QDrAPAA9gD7AQEBBwENARMBGQEfASUBKwEyATgBPgFFAUwBUgFZAWABZwFuAXUBfAGDAYsBkgGaAaEBqQGxAbkBwQHJAdEB2QHhAekB8gH6AgMCDAIUAh0CJgIvAjgCQQJLAlQCXQJnAnECegKEAo4CmAKiAqwCtgLBAssC1QLgAusC9QMAAwsDFgMhAy0DOANDA08DWgNmA3IDfgOKA5YDogOuA7oDxwPTA+AD7AP5BAYEEwQgBC0EOwRIBFUEYwRxBH4EjASaBKgEtgTEBNME4QTwBP4FDQUcBSsFOgVJBVgFZwV3BYYFlgWmBbUFxQXVBeUF9gYGBhYGJwY3BkgGWQZqBnsGjAadBq8GwAbRBuMG9QcHBxkHKwc9B08HYQd0B4YHmQesB78H0gflB/gICwgfCDIIRghaCG4IggiWCKoIvgjSCOcI+wkQCSUJOglPCWQJeQmPCaQJugnPCeUJ+woRCicKPQpUCmoKgQqYCq4KxQrcCvMLCwsiCzkLUQtpC4ALmAuwC8gL4Qv5DBIMKgxDDFwMdQyODKcMwAzZDPMNDQ0mDUANWg10DY4NqQ3DDd4N+A4TDi4OSQ5kDn8Omw62DtIO7g8JDyUPQQ9eD3oPlg+zD88P7BAJECYQQxBhEH4QmxC5ENcQ9RETETERTxFtEYwRqhHJEegSBxImEkUSZBKEEqMSwxLjEwMTIxNDE2MTgxOkE8UT5RQGFCcUSRRqFIsUrRTOFPAVEhU0FVYVeBWbFb0V4BYDFiYWSRZsFo8WshbWFvoXHRdBF2UXiReuF9IX9xgbGEAYZRiKGK8Y1Rj6GSAZRRlrGZEZtxndGgQaKhpRGncanhrFGuwbFBs7G2MbihuyG9ocAhwqHFIcexyjHMwc9R0eHUcdcB2ZHcMd7B4WHkAeah6UHr4e6R8THz4faR+UH78f6iAVIEEgbCCYIMQg8CEcIUghdSGhIc4h+yInIlUigiKvIt0jCiM4I2YjlCPCI/AkHyRNJHwkqyTaJQklOCVoJZclxyX3JicmVyaHJrcm6CcYJ0kneierJ9woDSg/KHEooijUKQYpOClrKZ0p0CoCKjUqaCqbKs8rAis2K2krnSvRLAUsOSxuLKIs1y0MLUEtdi2rLeEuFi5MLoIuty7uLyQvWi+RL8cv/jA1MGwwpDDbMRIxSjGCMbox8jIqMmMymzLUMw0zRjN/M7gz8TQrNGU0njTYNRM1TTWHNcI1/TY3NnI2rjbpNyQ3YDecN9c4FDhQOIw4yDkFOUI5fzm8Ofk6Njp0OrI67zstO2s7qjvoPCc8ZTykPOM9Ij1hPaE94D4gPmA+oD7gPyE/YT+iP+JAI0BkQKZA50EpQWpBrEHuQjBCckK1QvdDOkN9Q8BEA0RHRIpEzkUSRVVFmkXeRiJGZ0arRvBHNUd7R8BIBUhLSJFI10kdSWNJqUnwSjdKfUrESwxLU0uaS+JMKkxyTLpNAk1KTZNN3E4lTm5Ot08AT0lPk0/dUCdQcVC7UQZRUFGbUeZSMVJ8UsdTE1NfU6pT9lRCVI9U21UoVXVVwlYPVlxWqVb3V0RXklfgWC9YfVjLWRpZaVm4WgdaVlqmWvVbRVuVW+VcNVyGXNZdJ114XcleGl5sXr1fD19hX7NgBWBXYKpg/GFPYaJh9WJJYpxi8GNDY5dj62RAZJRk6WU9ZZJl52Y9ZpJm6Gc9Z5Nn6Wg/aJZo7GlDaZpp8WpIap9q92tPa6dr/2xXbK9tCG1gbbluEm5rbsRvHm94b9FwK3CGcOBxOnGVcfByS3KmcwFzXXO4dBR0cHTMdSh1hXXhdj52m3b4d1Z3s3gReG54zHkqeYl553pGeqV7BHtje8J8IXyBfOF9QX2hfgF+Yn7CfyN/hH/lgEeAqIEKgWuBzYIwgpKC9INXg7qEHYSAhOOFR4Wrhg6GcobXhzuHn4gEiGmIzokziZmJ/opkisqLMIuWi/yMY4zKjTGNmI3/jmaOzo82j56QBpBukNaRP5GokhGSepLjk02TtpQglIqU9JVflcmWNJaflwqXdZfgmEyYuJkkmZCZ/JpomtWbQpuvnByciZz3nWSd0p5Anq6fHZ+Ln/qgaaDYoUehtqImopajBqN2o+akVqTHpTilqaYapoum/adup+CoUqjEqTepqaocqo+rAqt1q+msXKzQrUStuK4trqGvFq+LsACwdbDqsWCx1rJLssKzOLOutCW0nLUTtYq2AbZ5tvC3aLfguFm40blKucK6O7q1uy67p7whvJu9Fb2Pvgq+hL7/v3q/9cBwwOzBZ8Hjwl/C28NYw9TEUcTOxUvFyMZGxsPHQce/yD3IvMk6ybnKOMq3yzbLtsw1zLXNNc21zjbOts83z7jQOdC60TzRvtI/0sHTRNPG1EnUy9VO1dHWVdbY11zX4Nhk2OjZbNnx2nba+9uA3AXcit0Q3ZbeHN6i3ynfr+A24L3hROHM4lPi2+Nj4+vkc+T85YTmDeaW5x/nqegy6LzpRunQ6lvq5etw6/vshu0R7ZzuKO6070DvzPBY8OXxcvH/8ozzGfOn9DT0wvVQ9d72bfb794r4Gfio+Tj5x/pX+uf7d/wH/Jj9Kf26/kv+3P9t//9wYXJhAAAAAAADAAAAAmZmAADypwAADVkAABPQAAAKW3ZjZ3QAAAAAAAAAAQABAAAAAAAAAAEAAAABAAAAAAAAAAEAAAABAAAAAAAAAAEAAG5kaW4AAAAAAAAANgAAp0AAAFWAAABMwAAAnsAAACWAAAAMwAAAUAAAAFRAAAIzMwACMzMAAjMzAAAAAAAAAABzZjMyAAAAAAABDHIAAAX4///zHQAAB7oAAP1y///7nf///aQAAAPZAADAcW1tb2QAAAAAAAAGEAAAoAwAAAAAySceAAAAAAAAAAAAAAAAAAAAAAA=', u'TileHeight': 512, u'ApzWheelInput': 1, u'ApzDragInput': 1, u'ApzKeyboardInput': 1, u'ApzAutoscrollInput': 1, u'AzureFallbackCanvasBackend': u'none', u'TileWidth': 512, u'AzureCanvasBackend': u'skia', u'AzureContentBackend': u'skia'}
  • numAcceleratedWindows: 1
  • numTotalWindows: 1
  • offMainThreadPaintEnabled: True
  • offMainThreadPaintWorkerCount: 3
  • targetFrameRate: 60
  • usesTiling: True
  • webgl1DriverExtensions: GL_ARB_blend_func_extended GL_ARB_draw_buffers_blend GL_ARB_draw_indirect GL_ARB_ES2_compatibility GL_ARB_explicit_attrib_location GL_ARB_gpu_shader5 GL_ARB_instanced_arrays GL_ARB_internalformat_query GL_ARB_occlusion_query2 GL_ARB_sample_shading GL_ARB_sampler_objects GL_ARB_separate_shader_objects GL_ARB_shader_bit_encoding GL_ARB_shader_subroutine GL_ARB_shading_language_include GL_ARB_tessellation_shader GL_ARB_texture_buffer_object_rgb32 GL_ARB_texture_cube_map_array GL_ARB_texture_gather GL_ARB_texture_query_lod GL_ARB_texture_rgb10_a2ui GL_ARB_texture_storage GL_ARB_texture_swizzle GL_ARB_timer_query GL_ARB_transform_feedback2 GL_ARB_transform_feedback3 GL_ARB_vertex_type_2_10_10_10_rev GL_ARB_viewport_array GL_EXT_debug_label GL_EXT_debug_marker GL_EXT_texture_compression_s3tc GL_EXT_texture_filter_anisotropic GL_EXT_texture_mirror_clamp GL_EXT_texture_sRGB_decode GL_APPLE_client_storage GL_APPLE_container_object_shareable GL_APPLE_flush_render GL_APPLE_object_purgeable GL_APPLE_rgb_422 GL_APPLE_row_bytes GL_APPLE_texture_range GL_ATI_texture_mirror_once GL_NV_texture_barrier
  • webgl1Extensions: ANGLE_instanced_arrays EXT_blend_minmax EXT_color_buffer_half_float EXT_disjoint_timer_query EXT_float_blend EXT_frag_depth EXT_shader_texture_lod EXT_sRGB EXT_texture_compression_rgtc EXT_texture_filter_anisotropic OES_element_index_uint OES_standard_derivatives OES_texture_float OES_texture_float_linear OES_texture_half_float OES_texture_half_float_linear OES_vertex_array_object WEBGL_color_buffer_float WEBGL_compressed_texture_s3tc WEBGL_compressed_texture_s3tc_srgb WEBGL_debug_renderer_info WEBGL_debug_shaders WEBGL_depth_texture WEBGL_draw_buffers WEBGL_lose_context
  • webgl1Renderer: ATI Technologies Inc. -- AMD Radeon HD 6750M OpenGL Engine
  • webgl1Version: 4.1 ATI-1.68.23
  • webgl1WSIInfo: CGL
  • webgl2DriverExtensions: GL_ARB_blend_func_extended GL_ARB_draw_buffers_blend GL_ARB_draw_indirect GL_ARB_ES2_compatibility GL_ARB_explicit_attrib_location GL_ARB_gpu_shader5 GL_ARB_instanced_arrays GL_ARB_internalformat_query GL_ARB_occlusion_query2 GL_ARB_sample_shading GL_ARB_sampler_objects GL_ARB_separate_shader_objects GL_ARB_shader_bit_encoding GL_ARB_shader_subroutine GL_ARB_shading_language_include GL_ARB_tessellation_shader GL_ARB_texture_buffer_object_rgb32 GL_ARB_texture_cube_map_array GL_ARB_texture_gather GL_ARB_texture_query_lod GL_ARB_texture_rgb10_a2ui GL_ARB_texture_storage GL_ARB_texture_swizzle GL_ARB_timer_query GL_ARB_transform_feedback2 GL_ARB_transform_feedback3 GL_ARB_vertex_type_2_10_10_10_rev GL_ARB_viewport_array GL_EXT_debug_label GL_EXT_debug_marker GL_EXT_texture_compression_s3tc GL_EXT_texture_filter_anisotropic GL_EXT_texture_mirror_clamp GL_EXT_texture_sRGB_decode GL_APPLE_client_storage GL_APPLE_container_object_shareable GL_APPLE_flush_render GL_APPLE_object_purgeable GL_APPLE_rgb_422 GL_APPLE_row_bytes GL_APPLE_texture_range GL_ATI_texture_mirror_once GL_NV_texture_barrier
  • webgl2Extensions: EXT_color_buffer_float EXT_disjoint_timer_query EXT_float_blend EXT_texture_compression_rgtc EXT_texture_filter_anisotropic OES_texture_float_linear WEBGL_compressed_texture_s3tc WEBGL_compressed_texture_s3tc_srgb WEBGL_debug_renderer_info WEBGL_debug_shaders WEBGL_lose_context
  • webgl2Renderer: ATI Technologies Inc. -- AMD Radeon HD 6750M OpenGL Engine
  • webgl2Version: 4.1 ATI-1.68.23
  • webgl2WSIInfo: CGL
  • windowLayerManagerRemote: True
  • windowLayerManagerType: OpenGL
  • windowUsingAdvancedLayers: False

Modified Preferences

Misc

  • User JS: No
  • Accessibility: No
My_Cheese_Is_Slippin'
  • Top 10 Contributor
66 solutions 765 answers

Helpful Reply

Hi billlogan1949, Malwarebytes should have quarantined it. Check the Quarantine tab. If it's there, you can delete it. It will be removed.

Also, take a look at the new Malwarebytes Browser Guard: https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/?src=search

Hi billlogan1949, Malwarebytes should have quarantined it. Check the Quarantine tab. If it's there, you can delete it. It will be removed. Also, take a look at the new Malwarebytes Browser Guard: https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/?src=search
Was this helpful to you? 1
Quote

Question owner

Thanks for getting back so quickly. I'm afraid, having done what you advised, the above address shows in my Web Search. I tried to take a screen shot of it, but it doesn't include the address.

Thanks for getting back so quickly. I'm afraid, having done what you advised, the above address shows in my Web Search. I tried to take a screen shot of it, but it doesn't include the address.
Was this helpful to you?
Quote
My_Cheese_Is_Slippin'
  • Top 10 Contributor
66 solutions 765 answers

I'm a Windoze user but, here is an article: Troubleshoot Firefox issues caused by malware https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware?cache=no#firefox:mac:fx69 Set for Mac users.

And another site which recommends using Bitdefender Adware Removal Tool: https://junkwareremoval.com/adware/remove-zanzibog-mac-os-x/

I'm a Windoze user but, here is an article: Troubleshoot Firefox issues caused by malware https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-caused-malware?cache=no#firefox:mac:fx69 Set for Mac users. And another site which recommends using Bitdefender Adware Removal Tool: https://junkwareremoval.com/adware/remove-zanzibog-mac-os-x/
Was this helpful to you?
Quote
My_Cheese_Is_Slippin'
  • Top 10 Contributor
66 solutions 765 answers

My fingers may have been moving faster than my brain, again. If the address is showing in your Search Results or History, it doesn't necessarily mean that you are still "infected". Clearing your Cache, Cookies and History may be all that you need to do.

My fingers may have been moving faster than my brain, again. If the address is showing in your Search Results or History, it doesn't necessarily mean that you are still "infected". Clearing your Cache, Cookies and History may be all that you need to do.
Was this helpful to you?
Quote

Question owner

I've followed both your latest posts and Zanzibog is still shown when I open Firefox, but when I open a new tab Firefox search comes up as normal. I wonder, as a last resort, should I delete Firefox as my browser and reload it presumably losing all my Bookmarks? Or should I simply use Safari as my default browser?

I've followed both your latest posts and Zanzibog is still shown when I open Firefox, but when I open a new tab Firefox search comes up as normal. I wonder, as a last resort, should I delete Firefox as my browser and reload it presumably losing all my Bookmarks? Or should I simply use Safari as my default browser?
Was this helpful to you?
Quote
Tyler Downer
  • Top 25 Contributor
  • Moderator
1530 solutions 10669 answers

Chosen Solution

It sounds like this may be set as your Firefox home page. Restore the default home page this article can help you do that.

It sounds like this may be set as your Firefox home page. [[How to set the home page#w_restore-the-default-home-page|Restore the default home page]] this article can help you do that.
Was this helpful to you? 1
Quote

Question owner

Bingo! Thanks a lot, that seems to have solved my problem.

Bingo! Thanks a lot, that seems to have solved my problem.
Was this helpful to you?
Quote
Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.