What is Genieo and why did it appeared misteriosouly on my MacBook Pro?

James Smutek wrote:

I asked her if she thought that maybe she had mistakenly downlaoded Genieo at some other time - she said anything is possible, but she really doesn't think so.

To me that is the most reasonable explanation. If the Java update was still on it's way into her download folder, then the previous download would still be showing in the dock, so if she double-clicked that, it could easily have been the Genieo installer image file that was mounted. We have many instances of users finding that file in their Download folder, without any idea what they clicked to have it show up there or having noticed that a download was taken place. Ever since they moved the Safari download indicator to the upper right corner of the address bar, it's been easy to overlook it.

Java.com should be safe (well, as safe as any Oracle-run site possibly can be), and I cannot find anywhere on that site that has a Genieo download available. I would guess that the Genieo installer must have come from somewhere else, and your wife is mistaken that it came from there. As curtispsf points out, it can be downloaded automatically by certain sites, and if she then found it lurking in the Downloads folder when she was expecting to find a .dmg file with a Java installer, and opened it mistakenly, that would explain the behavior you saw.

curtispsf wrote:

found a site that pointed out the files one would find installed in the /usr folder of the home folder. Sorry, I can't out my finger on the site at this moment, but if I found it anyone can.

As I recall Thomas worked with Intego to develop these instrucitions "Adware Removal Guide : Genieo". We will undoubtedly be visited again by "Genieo Support" who will tell you to use their uninstaller, but that has proven to be incomplete in the past.

MadMacs0 wrote:

James Smutek wrote:

I asked her if she thought that maybe she had mistakenly downlaoded Genieo at some other time - she said anything is possible, but she really doesn't think so.

To me that is the most reasonable explanation. If the Java update was still on it's way into her download folder, then the previous download would still be showing in the dock, so if she double-clicked that, it could easily have been the Genieo installer image file that was mounted. We have many instances of users finding that file in their Download folder, without any idea what they clicked to have it show up there or having noticed that a download was taken place. Ever since they moved the Safari download indicator to the upper right corner of the address bar, it's been easy to overlook it.

YES the new download indicator is the top right is to easy OVERLOOKED!!! Esplisley as it's not there all the time. I'm leaving feedback on apples feedback site for safari to bring but the download list as a default. Is there a way of displaying the old downloding list? What with this and other changes for changes sack like the removing of CoverFlow in iTunes I am starting to loos fath in Apple.

TopSteve wrote:

Is there a way of displaying the old downloding list?

Clicking on the download indicator will give you the list, but I don't think there's any way to have it come up automatically or stay up when you click elsewhere, as it used to.

The Genieo app in the Mac Applications folder "cannot be deleted because the program is in use"...I got rid of it by going to Applications > Utilities > Activity Monitor ... select Genio and under View select Quit Process. Now you can drag the Genieo app to Trash.

Now you can drag the Genieo app to Trash.

...and you won't have removed any of it except for the app.

Proper removal instructions have been posted numerous times on this lengthy topic. For one such set of instructions, see:

http://www.thesafemac.com/arg-genieo

There are problems with the info about removing Genieo...e.g. the link recomended by thomas_r, which I'm sure is quite good otherwise, calls for you to first quit Genieo...which you cannot do in the normal fashion because it boots at startup and it won't let you "quit" (nice job, Genieo!), and you can't trash an in-use application without first quiting it... Going into Activity Monitor and stopping it from running solves that. Another recomendation suggested going to the Genieo www site and downloading their Uninstaller...which first asks for your password! (Fool me once....) I think killing the app is a good first step.

Csound1 wrote:

Quitting an App prior to deletion is normal, not a secret. And activity monitor is the usual place to quit an App that has no UI itself.

Csound your right (of cause) but I will bet that a lote of people who are having problem removing programs like this don't know about Activity Monitor or how to use it to quit programs that don't have a UI (User Interface). It's one of thous things/programs some may see and reacts with "arrrrr!!!! wheres the sys admin? when you need one). :-)

Wiki - http://en.wikipedia.org/wiki/Genieo

Malware issues[edit]

In May 2013, a malicious installer distributed by Genieo partner Softonic^[7] was found by security software company Intego. The installer masquerades as a necessary update to Adobe Flash Player and attempts to install Genieo.app without user interaction. Dynamic libraries are added to the Safari browser which intercept searches intended for Bing and Google.^[8]

Other versions of Genieo for Mac have also been offered as 'codecs' required for video playback.^[9] Testing carried out on Genieo for Mac in June 2013 found that it left active software behind, after using the supplied uninstaller, which required detailed manual removal.^[9][10][11]

In November 2013, another fake application installer was reported to include Genieo adware. ^[12]

In January 2014, Sophos added Genieo for Mac to their threat list; in the category Viruses and Spyware : Trojan : Adware

~~~

My copy rode in on an Adobe Flash Player update recently. Now to get rid of it.

I am normally VERY careful about staying away from malware installations etc. But this Genieo caught me. I went to a legitimate website www.gadm.org that supplies a database of all the administrative boundaries for all countries in the world. A huge database for every region of the globe. There was a nice big DOWNLOAD button on the right side of the website page. So I hit it. Turns out what I thought was the download page for their database was an inserted ad with no markings except the DOWNLOAD button.

I clicked the installed that resulted and it said "Now installing Genieo.. this may take up to 10 minutes". I immediately killed the installer. Killed the app running. And killed the Genieo App and Uninstall Genieo App.

I rebooted my mac. Then did a search for every file created within a minute of that download and found 8 or 10 files in Daemon Launchers, Config files etc etc with the name genieo in it.

Also found my browswer had been hijacked to a genieo.com url.

I think I have gotten rid of it. The LAST thing I would do is run their Unistaller! Sheesh.

I HATE people that totally try to deceive. If they can't make a legitimate application that people want, it is unethical to entrap people to load your app.

Disgusting.

Jim

Gamers Beware!

Genieo currently also appears to piggyback off the genuine voice chat software, Mumble v1.2.4.. via a prompt to install v1.2.5 ..and force quitting the installer does not prevent the install.

That link kinda sounds like the problem.. looks like I hit the wrong big download button.. I only recently started using Mumble rather than Ventrilo.. and Mumble v1.2.4 had given me issues with a greyed out 'Quit 'button, requiring force quitting the app every time.. so I was keen to get the update to v1.2.5 when Mumble prompted me.. but I had problems with the update link.

Frst couple of attempts the link just died.. then it appeared to do the install but left me with v1.2.4 still installed not v1.2.5.. so I manually went to Sourceforge and I must have hit the wrong download button.. but hey, that Genieo link is on the Sourceforge page with a big old download button, strategically placed!

As soon as it started running and flagged the name Genieo, I was suspicious.. but sometimes these Apps are made by companies with a different name to the software (this includes many WoW add-ons) however as soon as it mentioned 'alterations that might take 10 mins', I realised it was not Mumble being installed and immediately pulled the plug with a Force Quit on the installer.. made no difference, it quietly continued the install anyway, only annoucing the fact when it had finished (lesson learned, next time I will force power down the Mac).

Fairly sure I have now exterminated Genieo from the system, though.. thanks to advice on this site.

This Macworld page has a Genieo advertisement with prominent Download button

http://www.macworld.com/product/802661/x-lossless-decoder-xld-.html

It also has no button to download the software that it features. Note the tiny print saying that the button is an advertisement and that it will download Genieo.

Heyya,

I came across this because I have just upgraded to O S X Mavericks. It told me that something was in the "Incompatable Software" folder, so I found Geneio lurking there. It can't work because there is no recent update for it. My opinion is that if you upgrade (for free) to OSX Mavericks, then it can't affect you!

Hope this helps!

Isaac x