Javier23gol

Q: What is Genieo and why did it appeared misteriosouly on my MacBook Pro?

Today I was using my MacBook and misteriosouly I saw something on my dock. There was an icon saying install Genieo. I ask my brother if he downloaded something and he told me that he haven't use my computer. Fortunetely I have a passcode so nobody can istall a program without the code.... I feel scared because this morning I saw a message on my Mac saying that somebody on my network was using my computer IP Adress. I deleted that installer but I feel scared for all the Mac users. Somebody please replie.

MacBook Pro (13-inch Late 2011), Mac OS X (10.7.2)

Posted on Nov 10, 2012 6:19 PM

Close

Q: What is Genieo and why did it appeared misteriosouly on my MacBook Pro?

  • All replies
  • Helpful answers

first Previous Page 8 of 18 last Next
  • by Genieo support,

    Genieo support Genieo support May 26, 2013 1:17 AM in response to Dante X
    Level 1 (25 points)
    May 26, 2013 1:17 AM in response to Dante X

    Hi Dante,

     

    Can you please let us know what did you download and from where so that we can trace it from this end?

    We are sorry to hear that you want to uninstall Genieo.

    Genieo is a personalized newspaper - style home page. It has the power of bringing you the news you want, from your favorite sources and offers many unique features that can enrich your browsing experience and keep you up to date with interesting articles and item in your topics of interest.

    Genieo is 100% free, it’s totally private and requires zero managements.

    Should you decide to remove, please visit our FAQ page http://www.genieo.com/faq#uninstall

    And simply follow the instructions.

    Once you are done, you can go to your browser settings and change the default homepage and search to match your decision.

     

     

    Chrome: http://support.google.com/chrome/bin/answer.py?hl=en&answer=95421&topic=1735105& ctx=topic

    IE: http://support.microsoft.com/kb/252464

    FF: http://www.wikihow.com/Change-your-Start-Page-on-Mozilla-Firefox

    Safari: http://browsers.about.com/od/safar1/ss/safarihomepage_3.htm

  • by andyBall_uk,

    andyBall_uk andyBall_uk May 28, 2013 6:06 AM in response to gen_
    Level 7 (20,495 points)
    May 28, 2013 6:06 AM in response to gen_

    They work with seemingly dubious, or at best, highly misleading partners, and don't so much change the default browser search page, as hijack whichever one you choose to their own, even when Genieo app isn't running. Like Zeobit & Mackeeper, the only good thing is that the uninstaller removes it, bar a few inactive files. Given the links to known malware in their installer, & doubtful associations - I'd not trust their claims to protect any personal information.

    http://zomebo.com/play.php?id=w55dMzeKqXg

    2013-05-28 at 13.47.15.jpg

    http://softingo.com/nlp/e/mundomediai/flvplayer?p1=1&p3=bb185f4f84d438f5ef6d27e5da2191c1&utm_source=mundomediai&utm_medium=affiliate&utm_campaign=1&utm_content=flvplayer

    2013-05-28 at 13.47.32.jpg

    http://download.genieo.com/partner/genSomM_16/mac_release/live/InstallGenieo.dmg?download_browser=safari&campaign=som1
  • by Genieo support,

    Genieo support Genieo support May 28, 2013 7:18 AM in response to andyBall_uk
    Level 1 (25 points)
    May 28, 2013 7:18 AM in response to andyBall_uk

    You have provided 2 different web sites.

     

    The top one, zomebo, is downloading a flash player exe file so what ever you get from it will not work on mac.

    Feel free to contact them for explanations.

     

     

    The second one is saying that what you wanted does not work on your OS and suggest that you may be interested in downloading Genieo.

     

    If you do and you download it, than its your prerogative, please do not blame others for your actions (regardless of what the product does or does not do)

     

    If you do not download it, no harm done.

  • by andyBall_uk,

    andyBall_uk andyBall_uk May 28, 2013 7:33 AM in response to Genieo support
    Level 7 (20,495 points)
    May 28, 2013 7:33 AM in response to Genieo support

    you couldn't follow the connection between the two sites... ?

     

    so : site A falsely says Flashplayer isn't working, and links to site B which would have tried to palm off a dodgy 'flv player' but instead suggests  the equally useful Genieo, since the particular flv player is PC only.

     

    Genieo doesn't  so much change the default browser search page, as hijack whichever one you choose to their own, even when Genieo app isn't running. Like Zeobit & Mackeeper, the only good thing is that the uninstaller removes it, bar a few inactive files. Given the links to known malware in their installer, & doubtful associations - I'd not trust any claims to protect  personal information.

     

    and while you're here - Thomas's question about the links to malware... any response ?.

  • by thomas_r.,

    thomas_r. thomas_r. May 28, 2013 8:19 AM in response to andyBall_uk
    Level 7 (30,944 points)
    Mac OS X
    May 28, 2013 8:19 AM in response to andyBall_uk

    I'm not seeing that first site redirect to anything Genieo-related this morning. It redirects through a chain of sites that ends up downloading a .exe file that I would guess is likely to be malicious.

     

    As for the answer to my question, it was posted in a comment on my blog, and was rather unsatisfying:

     

    "I can give you a full explanation on how and why its (disabled) in Genieo code.

    Instead, we have removed it completely from our code and as we release new updates it will be deleted from all Genieo client out there (and will not be in new ones)."

     

    I'm assuming the "can" was supposed to say "can't" as no full explanation was forthcoming. Removing the code to install malware after getting caught in the act is not a substitute for explaining why it was there in the first place.

  • by Genieo support,

    Genieo support Genieo support May 28, 2013 8:19 AM in response to andyBall_uk
    Level 1 (25 points)
    May 28, 2013 8:19 AM in response to andyBall_uk

    Sorry I tryed several times and did not get from site A to site B.

     

    But even if you are correct than the second one is saying very clearly that you are going to download Genieo if you click on the "Install".

     

    There is no misleading information in the 2nd site

  • by andyBall_uk,

    andyBall_uk andyBall_uk May 28, 2013 8:28 AM in response to thomas_r.
    Level 7 (20,495 points)
    May 28, 2013 8:28 AM in response to thomas_r.

    >>Removing the code to install malware after getting caught in the act is not a substitute for explaining why it was there in the first place.

     

    Indeed - like being rumbled with jemmy & fraudulent id, then saying it's not in my bag now. Not necessarily guilty, but very suspicious.

  • by Genieo support,

    Genieo support Genieo support May 28, 2013 8:29 AM in response to thomas_r.
    Level 1 (25 points)
    May 28, 2013 8:29 AM in response to thomas_r.

    Thomas,

     

    I do not think that we need to explain every business decision we make.

     

    If you examined the code you can see that the codec-m option is disabled in the code.

    We did not give it any thought as we did not recognise it as a malwere.

     

    Since there is a claim that this is a malwere and since we do not use it we decided to simply remove it.

     

    The next Genieo update will not include it anymore.

  • by thomas_r.,

    thomas_r. thomas_r. May 28, 2013 9:07 AM in response to Genieo support
    Level 7 (30,944 points)
    Mac OS X
    May 28, 2013 9:07 AM in response to Genieo support

    I do not think that we need to explain every business decision we make.

     

    Indeed, it is your right not to explain. There are consequences to your reputation that will come along with such a refusal, of course, but that's your call to make.

  • by b29eagle,

    b29eagle b29eagle May 28, 2013 5:21 PM in response to thomas_r.
    Level 1 (0 points)
    May 28, 2013 5:21 PM in response to thomas_r.

    Somehow i downloaded this Genieo stuff, was not installed thankfully, don't really remember how i downloaded it, but today as i was running virrubarrier it was detected as a virus, went directly to quarantine and then was deleted from the disk. So as far as i am concerned this is a virus, this is not any kind of software, just a malicious virus

  • by thomas_r.,

    thomas_r. thomas_r. May 28, 2013 5:40 PM in response to b29eagle
    Level 7 (30,944 points)
    Mac OS X
    May 28, 2013 5:40 PM in response to b29eagle

    Yup, both Intego and Dr. Web added this to their definitions after my first blog post on the topic (Genieo adware downloaded through fake Flash updates) alerted them to the issue.

     

    http://www.intego.com/mac-security-blog/another-problematic-softonic-installer-b rings-adware/

     

    Sophos classified it as a PUA (potentially unwanted application) instead.

  • by b29eagle,

    b29eagle b29eagle May 28, 2013 7:47 PM in response to thomas_r.
    Level 1 (0 points)
    May 28, 2013 7:47 PM in response to thomas_r.

    that is the way it should be done

  • by MadMacs0,

    MadMacs0 MadMacs0 May 28, 2013 10:13 PM in response to thomas_r.
    Level 5 (4,801 points)
    May 28, 2013 10:13 PM in response to thomas_r.

    Personally, I think Sophos got it right, based on previous classification actions, which admittedly aren't terribly consistent. I'm sure there are a handful of users who appreciate the service Genieo provides and it's not that much different from what other ISP's have provided for years (AOL, Yahoo, Google, etc.).

     

    The biggest issue is how they go about signing customers up. Users who either aren't very observant or who try it and don't know how to back out, probably think they were taken advantage of here. Their tactics aren't much different from those used by MacKeeper, especially in the early days, but MacKeeper is alive and well with plenty of unhappy uses, yet no formal classification as malware or PUA.

     

    Then there's the matter of including the disabled Codec-M/FkCodec link. We don't know why Genieo chose to include it, but I can't imagine that it was done accidentally. I do feel Codec-M tactics were significantly worse than Genieo's in that they never told you what they were doing, always leading the user to believe this was something they needed to install in order to view certain videos (it was not) instead it hijacked the browser seach engine. About the only thing they had going for them was the un-installer that was included.

     

    So, unless Genieo is somehow able to overcome their current situation, it goes in the books a malware, or PUA at best.

  • by polocanada,

    polocanada polocanada Jun 28, 2013 4:34 AM in response to Javier23gol
    Level 1 (0 points)
    Jun 28, 2013 4:34 AM in response to Javier23gol

    Genieo is a genius crapware for Mac. As somebody else mentioned - it quacks like Duck, it looks like Duck, it walks like Duck.... so it must be a duck.

     

    Installation payload? Why in the world all apps except maybe MS Office for Mac use drag and drop and Genieo has a complex installation package? To invade your machine so that it will take more time to remove it than building a Taj Mahal.

     

    See for yourself - here are copy of the installation instructions... including Set Homepage line and a lot of lines of Java applications which make me run for the exit ..

     

    So don't say you are legit software because legit software doesn't need to do this stuff. If you track browsing habits - that wasn't part of the game.  You said you are tracking searches. But there is no reason to hijack browser if you already are granted access to browser history.

     

    The statements are all false - Genieo is malvare and should be flagged as such.

     

    ------

     

     

    LSUIElement            HKEY_CURRENT_USER\Software\Genieo\Components\Partner\active_partner      genieo      HKEY_CURRENT_USER\Software\Genieo\Components\Partner\default_partner      genieo

     

    HKEY_CURRENT_USER\Software\Genieo\set_homepage      0

     

    HKEY_CURRENT_USER\Software\Genieo\set_searchProvider      0      HKEY_CURRENT_USER\Software\Genieo\state      0      HKEY_CURRENT_USER\Software\Genieo\installed_revision      14619      HKEY_CURRENT_USER\Software\Genieo\genieo_dmg_installer_url      http://download.genieo.com/partner/genieo/mac_release/live/Genieo.dmg      CFBundleName      Genieo      CFBundleIdentifier      com.genieoinnovation.Genieo      CFBundleVersion      1.0      CFBundleAllowMixedLocalizations      true      CFBundleExecutable      Genieo      CFBundleDevelopmentRegion      English      CFBundlePackageType      APPL      CFBundleSignature      ????      CFBundleInfoDictionaryVersion      6.0      CFBundleIconFile      GenericApp.icns      Java                 JVMArchs                           i386                ppc                      jvmarches           i386           VMOptions                           -d32                -Xmx192M                -XX:MinHeapFreeRatio=10                -XX:MaxHeapFreeRatio=10                -XX:NewRatio=3                               -XX:+DisableExplicitGC                                     MainClass           com.anabel.pp.main.JettyPersonalizationServerMain           JVMVersion           1.6+           ClassPath                           $JAVAROOT/Engine/engine.jar                $JAVAROOT/Engine/lib/signpost-core-1.2.1.1.jar                $JAVAROOT/Engine/lib/commons-codec-1.6.jar                $JAVAROOT/Engine/lib/commons-logging-1.1.1.jar                $JAVAROOT/Engine/lib/httpclient-4.2.jar                $JAVAROOT/Engine/lib/httpcore-4.2.jar                $JAVAROOT/Engine/lib/apache-mime4j-0.6.jar                $JAVAROOT/Engine/lib/httpmime-4.2.jar                $JAVAROOT/Engine/lib/sqlite-jdbc-3.7.2-mac.jar                $JAVAROOT/Engine/lib/lib/JDICplus.jar                $JAVAROOT/Engine/lib/JDICplus_native.jar                $JAVAROOT/Engine/lib/jdom.jar                $JAVAROOT/Engine/lib/jericho-html-3.1.jar                $JAVAROOT/Engine/lib/servlet-api-2.5.jar                $JAVAROOT/Engine/lib/jetty-webapp-7.3.0.v20110203.jar                $JAVAROOT/Engine/lib/json.jar                $JAVAROOT/Engine/lib/log4j-1.2.15.jar                $JAVAROOT/Engine/lib/slf4j-api-1.6.0.jar                $JAVAROOT/Engine/lib/slf4j-log4j12-1.6.0.jar                $JAVAROOT/Engine/lib/rome-1.0.jar                $JAVAROOT/Engine/lib/modules-0.3.2.jar                $JAVAROOT/Engine/lib/xstream-1.3.1.jar                $JAVAROOT/Engine/lib/xpp3_min-1.1.4c.jar                $JAVAROOT/Engine/lib/smtp.jar                $JAVAROOT/Engine/lib/lucene-snowball-3.0.0.jar                $JAVAROOT/Engine/lib/cssparser-0.9.5.jar                $JAVAROOT/Engine/lib/sac.jar                $JAVAROOT/Engine/lib/restfb-1.6.12.jar                $JAVAROOT/Engine/lib/webkit2png-0.5.py                $JAVAROOT/Engine/lib/ini4j-0.5.1.jar                $JAVAROOT/Engine/lib/amazon_ad_api.jar                $JAVAROOT/Engine/lib/protostuff-api-1.0.1.jar                $JAVAROOT/Engine/lib/protostuff-core-1.0.1.jar                $JAVAROOT/Engine/lib/protostuff-collectionschema-1.0.1.jar                $JAVAROOT/Engine/lib/protostuff-runtime-1.0.1.jar             $JAVAROOT/Engine/lib/JGoogleAnalyticsTracker-1.2.1-SNAPSHOT.jar

     

     

    ------------

     

     

    about.url      http://www.genieo.com/about      ads.display      false      ads.gad.category.adname      by_category      ads.gad.partner      ca-pub-9495238242790035      ads.notification.partner      genieo      ads.product.page.analyze      false      ads.profile.display      false      ads.providers.disabled      Amazon,PPCBully,NbcSearch      ads.video      0      bootstrap.inprogress.page            bootstrap.target.time.idle      -1      bootstrap.target.time.no.idle      -1      browser.default.override            browser.override.newtab.behavior      true      browser.searchprovider.queryparamname      q      browser.searchprovider.smalliconurl      http://www.genieo.com/search_provider_icon.ico      browser.searchprovider.suggesturltemplate      {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}      browser.searchprovider.suggesturltemplate.ff      http://suggestqueries.google.com/complete/search?output=firefox&client=firefox&h l={moz:locale}&q={searchTerms}      browser.searchprovider.suggesturltemplate.ie      http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencodi ng={outputEncoding}      browser.searchprovider.suggesturltemplate.opera      http://suggestqueries.google.com/complete/search?q={SearchTerm}&client=opera      browser.searchprovider.urlprefix      search.genieo.com/results.html      browser.searchprovider.urltemplate      http://search.genieo.com/results.html?v=genieo&q=      commercial.content.by.category      true      desktop.icon.file.name      desktop.ico      feed.prescore.threshold      60      feeds.preset.config.override.file      $ANABEL_GENIEO_DATA_DIR$/feeds/preset_feeds_override2.json      feeds.preset.config.override.url      http://download.genieo.com/misc/preset_feeds_override2.json      firsttime.registration.popup.enabled      true      freqsites.thumbnail.disable      true      help.badbootstrap.image.height      160      help.badbootstrap.image.url      /img/bigHotItemIcon.png      help.badbootstrap.image.width      250      help.badbootstrap.url      http://www.genieo.com/faq/#empty-page      help.url      http://www.genieo.com/faq?partner=Genieo      homepage.url      http://search.genieo.com/?v=genieo      homepage.url.prefix      http://search.genieo.com/      homepage.verification.hours      -1      homepageguard.enabled      false      hpg.manual      true      ie.commandbar.icon            ie.commandbar.link            itemheader.enabled      false      notification.aggregation.only      false      notification.header.enabled      false      notification.header.url      $homepage.url$/item.html      notification.initialstate.enabled      true      open.homepage.on.install.complete      true      open.homepage.on.install.complete.url.override      http://www.genieo.com/firsttime/?p=genieo&u=http%3A%2F%2Fsearch.genieo.com%2F%3F v%3Dgenieo      partner.birthday      true      partner.blog.feed.url      http://www.genieo.com/category/blog-item/feed/      partner.disable.ui      0      partner.eula.hpcheckbox.display.name.mac      Set as default homepage in Safari, FF and Chrome      partner.eula.hpcheckbox.display.name.pc      Set as default homepage in IE, FF and Chrome      partner.eula.searchcheckbox.display.name.mac      Set as default search provider in Safari, FF and Chrome      partner.eula.searchcheckbox.display.name.pc      Set as default search provider in IE, FF and Chrome      partner.google-analytics.account      UA-10350417-1      partner.install.uninstall.display.name      Genieo      partner.magazine      true      partner.manifest.base.url      http://download.genieo.com/partner/genieo/      partner.manifest.file.name      /live/manifest.xml      partner.output.installer.file      InstallGenieo      partner.output.setup.file      genieo_setup      partner.support.languages.localization      ;      partner.uninstall.add.control.panel.entry      true      partner.version.build      508      partner.version.major      1      partner.version.minor      0      partner.webapp      true      preset.feeds.enabled      true      sensor.hidden.chrome      false      sensor.hidden.firefox      false      sensor.hidden.ie      false      sensor.hidden.opera      false      sensor.install.manual.chrome.disable      true      sensor.install.manual.safari.disable      true      sensor.shortcut.ie      false      settings.url      $homepage.url$#l-s      share.twitter.showpartnername      true      show.tray.icon      true      sidebar.default      []      spg.enabled      true      sponsored.feeds.enabled      false      uninstall.url      http://www.genieo.com/uninstall/local/      updater.components.blacklist            websync.partnername      genieo

  • by russty63,

    russty63 russty63 Jul 1, 2013 11:57 PM in response to Genieo support
    Level 1 (4 points)
    Safari
    Jul 1, 2013 11:57 PM in response to Genieo support

    Hi all I run VirusBarrier X6 10.7.5 and each time I had Genieo on my computer that somebody tried to instal but they dont have my pass code to install, when I scan my computer it tells me that it is bad software so if this say this its true. it puts it in the Quarantine folder then it gets deleted. I tried the uninstall software that ppl say here but VirusBarrier also say thats got maleware in it so I just let VirusBarrier sort it out and remove it. 

     

    VirusBarrier has saved my computer many times as it tells me if any bad software is downloaded or any mailware or crap is in my computer I use this for both sides of my MacBook Pro OX Mountain Lion and Windows 7 and Windows 8 all on the same laptop and this works with all 3 100%.

     

    this software scans my iPhones, iPads, and all hard drive and SD cards every thing thats links to my laptop I give this 100% out of 100%

     

    http://www.intego.com/Intego-mac-premium-bundle

     

    This is the best I run and it works on all 3 my computers iMac 27" 1TB SSD + 4TB   MacBook Pro 17" 1TB SSD and my wife MacBook Air 13" 512 Flash Drive.

first Previous Page 8 of 18 last Next