azteca24

Q: Genieo Virus

I was hit with a Genieo virus application that somehow got onto my Mac OS X 10.9.8 (MBP)

and installed itself into my login startup list.

 

This virus (we have to call it that as I did not ask for nor authorize it) must have been attached to

something else, though I am unsure how they did this.

 

When I tried to uninstall the program Genieo it ask me to install Java-6 to do it.

That was a BIG mistake because everything crash in my Mac.

 

So tomorrow I have an appointment in the Genius Bar, to check my computer.

My listing here is done for two reasons:

(1) to document that genio is

sending out virus (look up who to complain)

and (2) to ask the community for guidance in protecting

my Mac from further Genio (and other similar) intrusions.

 

However, any comments would be very appreciated.

 

Regards

iMac G5 with Mac OS X version 10.5.3, Mac OS X (10.5.3)

Posted on Nov 12, 2013 3:33 PM

Close

Q: Genieo Virus

  • All replies
  • Helpful answers

first Previous Page 3 of 4 last Next
  • by MadMacs0,

    MadMacs0 MadMacs0 Apr 5, 2014 4:24 AM in response to andyBall_uk
    Level 5 (4,801 points)
    Apr 5, 2014 4:24 AM in response to andyBall_uk

    andyBall_uk wrote:

     

    You're welcome. There is a new version (new icon at least). Although it looks very similar, I've not tested an install yet. Newer files inside are dated 27 March.

    Interesting. But the problem is that the installer is just a downloader that phones home for most of the payloads, so you can't really keep up with what all is actually being installed without testing it periodically.

  • by Kyle Brothers,

    Kyle Brothers Kyle Brothers Apr 6, 2014 7:29 PM in response to azteca24
    Level 1 (0 points)
    Apr 6, 2014 7:29 PM in response to azteca24

    I had the same problem and also found

    http://www.fixkb.com/2011/11/remove-genieo-on-mac.html

    from Thomas Reed a great help along with Linc Davis (here see top replies).

    I would add one lest thing. I went in to remove the necessary files and rebooted a few times but when clicking on the + to get a new tab the Genio page kept coming up. I went into Safari>General>Homepage and replaced genieo with google (my preference). Not entirely sure whether the virus is all gone now but will post here if I have further problems.

    Thank You so much, you people that take the time to help when you don't need to.

    Kyle

  • by thomas_r.,

    thomas_r. thomas_r. Apr 7, 2014 3:17 AM in response to Kyle Brothers
    Level 7 (30,929 points)
    Mac OS X
    Apr 7, 2014 3:17 AM in response to Kyle Brothers

    Kyle Brothers wrote:

     

    I had the same problem and also found

    http://www.fixkb.com/2011/11/remove-genieo-on-mac.html

    from Thomas Reed

     

    Just to be clear, I didn't actually write that. Someone else adapted my instructions from The Safe Mac there. Overall, those instructions look okay, though.

  • by Djune286,

    Djune286 Djune286 Apr 11, 2014 1:06 AM in response to azteca24
    Level 1 (0 points)
    Apr 11, 2014 1:06 AM in response to azteca24

    Yesterday morning my MacBook got hit by Genieo. This is the creepiest thing I have ever been hit with. Yesterday I removed all the files one by one as suggested by Linc and there were more than 50 files hiding n my library. I double checked everything and thought I had trashed them all but when I tried to reboot my computer it froze and refused to start. In the end I did manage to re-start my computer, repeated the process of checking everything, trashing 1 more Genieo still lurking in my library and the Bitdefender app I had downloaded found another one. But nothing helped, Genieo was still in control of my Safari browser. Yesterday evening I gave up, I rescued the most important files and returned my MacBook to the original factory settings. That helped, Genieo is gone now.

     

    But thanks for everyone for advice and help. I learned a lot yesterday!

  • by MadMacs0,

    MadMacs0 MadMacs0 Apr 11, 2014 1:25 AM in response to Djune286
    Level 5 (4,801 points)
    Apr 11, 2014 1:25 AM in response to Djune286

    That's the danger in using one of the older posts on this subject. Genieo 2.0 showed up last week and changed the location and names of several files, so I suspect that Linc's instructions from November didn't cover everything in your case.

     

    Glad you are finally rid of it and sorry you had to go to so much trouble.

     

    For anybody else who might read this, thomas_r. has updated his instructions at Adware Removal Guide : Genieo.

  • by Lexiepex,

    Lexiepex Lexiepex Apr 11, 2014 1:33 AM in response to Djune286
    Level 6 (10,519 points)
    Mac OS X
    Apr 11, 2014 1:33 AM in response to Djune286

    And you should also uninstall Bitdefender again.

    When searching in a mac use a search application like FindAnyFile from Thomas Tempelman.

  • by thomas_r.,

    thomas_r. thomas_r. Apr 11, 2014 2:53 AM in response to MadMacs0
    Level 7 (30,929 points)
    Mac OS X
    Apr 11, 2014 2:53 AM in response to MadMacs0

    I suspect that Linc's instructions from November didn't cover everything in your case.

     

    Yup, all of Linc's existing posts on the subject of Genieo removal were rendered outdated and useless by the changes to Genieo. This is the danger of posting the instructions directly on these forums, where they cannot be edited or updated at any point.

     

    Linc, if you're listening, are you ready to put your instructions in a user tip yet, so they can be updated easily as changes occur? As it is, you've probably got hundreds, maybe thousands, of posts on the topic of Genieo removal that are completely wrong at this point.

  • by Luxorama,

    Luxorama Luxorama Apr 12, 2014 2:40 PM in response to jillc12
    Level 1 (0 points)
    Apr 12, 2014 2:40 PM in response to jillc12

    Hey, Jill!

     

    "libgenkit.dylib” isn't a folder, it's a file inside the /usr/lib/ folder. Try the "reveal" trick again with the whole path: /usr/lib/libgenkit.dylib

     

    That said, you may not have those .dylib files. I didn't find them on my computer.

     

    And may I just add that thomas_r is a gentleman and a scholar? I've been going nuts for two days trying to figure out why my computer was crawwwwwlllling. I thought I'd gotten rid of that stupid Genieo when I trashed the main app, so I was freaked!

  • by MadMacs0,

    MadMacs0 MadMacs0 Apr 12, 2014 3:14 PM in response to Luxorama
    Level 5 (4,801 points)
    Apr 12, 2014 3:14 PM in response to Luxorama

    Luxorama wrote:

     

    Hey, Jill!

     

    "libgenkit.dylib” isn't a folder, it's a file inside the /usr/lib/ folder. Try the "reveal" trick again with the whole path: /usr/lib/libgenkit.dylib

    It looks like Jill is running an older version of OS X which works a bit differently from modern versions, so thomas_r. recently modified his instructions for finding such files to use the Services Context Menu rather than the Finder's Go menu.

    That said, you may not have those .dylib files. I didn't find them on my computer.

    And most users won't any more as Genieo 2.0 no longer installs those files in that location. Again, thomas_r. has updated his instructions to cover both versions and as many variants as he's been able to locate and test.

  • by Elizau ,

    Elizau Elizau Apr 28, 2014 11:12 AM in response to Linc Davis
    Level 1 (0 points)
    Apr 28, 2014 11:12 AM in response to Linc Davis

    I have followed all your instructions and I also consulted with the safe mac website but genieo still pops up everytime I open google chrome.  Any suggestions?

  • by MadMacs0,

    MadMacs0 MadMacs0 Apr 28, 2014 11:22 AM in response to Elizau
    Level 5 (4,801 points)
    Apr 28, 2014 11:22 AM in response to Elizau

    Elizau wrote:

     

    genieo still pops up everytime I open google chrome.

    Pops up where? Please take a screenshot and post it here using the camera icon in the reply toolbar.

  • by Elizau ,

    Elizau Elizau Apr 28, 2014 11:46 AM in response to MadMacs0
    Level 1 (0 points)
    Apr 28, 2014 11:46 AM in response to MadMacs0

    Screen Shot 2014-04-28 at 18.57.23.png

  • by MadMacs0,

    MadMacs0 MadMacs0 Apr 28, 2014 11:55 AM in response to Elizau
    Level 5 (4,801 points)
    Apr 28, 2014 11:55 AM in response to Elizau

    You must not have followed the instructions that told you to change your home page and search engine.

     

    Not sure whether you want a home page and if so what you want it to be, but here are instructions for Make Google my homepage.

  • by Elizau ,

    Elizau Elizau Apr 28, 2014 12:05 PM in response to MadMacs0
    Level 1 (0 points)
    Apr 28, 2014 12:05 PM in response to MadMacs0

    Ok just did that, and now the virus is definitely gone? Thanks for your help!

  • by Elizau ,

    Elizau Elizau Apr 28, 2014 12:08 PM in response to MadMacs0
    Level 1 (0 points)
    Apr 28, 2014 12:08 PM in response to MadMacs0

    I just changed the homepage as you said and when I re-open google chrome, genieo still comes up!

first Previous Page 3 of 4 last Next