Genieo Virus

Helpful Links Regarding Malware Protection

An excellent link to read is Tom Reed's Mac Malware Guide.

Also, visit The XLab FAQs and read Detecting and avoiding malware and spyware.

See these Apple articles:

Mac OS X Snow Leopard and malware detection

OS X Lion- Protect your Mac from malware

OS X Mountain Lion- Protect your Mac from malware

About file quarantine in OS X

If you require anti-virus protection I recommend using VirusBarrier Express 1.1.6 or Dr.Web Light both from the App Store. They're both free, and since they're from the App Store, they won't destabilize the system. (Thank you to Thomas Reed for these recommendations.)

Back up all data, then disable the "Genieo" spyware as follows.

Triple-click anywhere in the line below on this page to select it:

/Library/Frameworks/GenieoExtra.framework

Right-click or control-click the line and select

Services ▹ Reveal

from the contextual menu.* A folder should open with an item selected. Move the selected item to the Trash. You may be prompted for your administrator password.

Repeat with each of these lines:

/Library/LaunchAgents/com.genieo.engine.plist

/Library/LaunchAgents/com.genieoinnovation.macextension.plist

/Library/LaunchDaemons/com.genieoinnovation.macextension.client.plist

/Library/PrivilegedHelperTools/com.genieoinnovation.macextension.client

Then reboot. Note: Some of these items may be absent, in which case you'll get a message that the file doesn't exist.

From the Safari menu bar, select

Safari ▹ Preferences ▹ Extensions

Uninstall any extension you don't recognize. If in doubt, uninstall all extensions. Do the equivalent for the Firefox and Chrome browsers, if you use either of those.

*If you don't see the contextual menu item, copy the selected text to the Clipboard by pressing the key combination command-C. In the Finder, select

Go ▹ Go to Folder...

from the menu bar, paste into the box that opens (command-V). You won't see what you pasted because a line break is included. Press return.

This procedure may leave a few files behind, but it should render Genieo permanently non-functional, as long as you never reinstall it.

Here are three items I found that should help:

Remove The Genieo Virus - Search.genieo.com Redirect Malware (Uninstall Genieo) | Malware Removal - …

Remove Genieo on Mac | Fix-KB

The Safe Mac » Malicious Genieo installers persist

I see that the others have already got you covered with removal instructions. Regarding a couple other issues:

(1) to document that genio is

sending out virus (look up who to complain)

The security community is already well aware of Genieo. Unfortunately, Genieo manages to skate the line, and most anti-virus software will not identify it as malware.

(2) to ask the community for guidance in protecting

my Mac from further Genio (and other similar) intrusions.

I know you're probably wondering if you need to install anti-virus software in order to protect yourself from Genieo. The answer is no, for a couple reasons.

First, as I said earlier, Genieo is not detected as malware by most anti-virus software. Neither are a number of other similar adware programs. Even the worst of the lot doesn't rank detection by even 50% of the anti-virus software out there. So anti-virus software really won't help with this.

Second, the reason that programs like Genieo aren't identified as malware by anti-virus software depends in part on the fact that they're not deceptive enough. You may find a Genieo download posing as something else, but in every case I've ever seen or heard of, what gets downloaded is a file named "Install Genieo". If you went to download Adobe Flash Player, for example, and what you got was a file named Install Genieo, then you shouldn't have installed it.

So, to protect yourself against such things, be careful about what you're downloading and where you're downloading it from. Always download directly from the developer's site. (For example, Adobe Flash Player should never be downloaded from anywhere other than Adobe's web site.) Never download software from a download site, like Download.com or Softonic, both of which have been known to insert adware into downloaded installers. (Download.com is, in fact, still doing that, with no shame whatsoever.) And, if what is downloaded looks suspicious (for example, it doesn't have the same name as what you were trying to download), don't install it until you verify whether it is legit.

We are sorry to hear that you want to uninstall Genieo.

Genieo is a personalized newspaper - style home page. It has the power of bringing you the news you want, from your favorite sources and offers many unique features that can enrich your browsing experience and keep you up to date with interesting articles and item in your topics of interest.

Genieo is 100% free, it’s totally private and requires zero managements.

Should you decide to remove, please visit our FAQ page http://www.genieo.com/faq#uninstall

And simply follow the instructions.

Once you are done, you can go to your browser settings and change the default homepage and search to match your decision.

Chrome:

Home page:

http://support.google.com/chrome/bin/answer.py?hl=en&answer=95421&topic=1735105&ctx=topic

Search provider:

https://support.google.com/chrome/answer/95426?hl=en&ref_topic=14676

IE: http://support.microsoft.com/kb/252464

FF:

Home page:

https://support.mozilla.org/en-US/kb/How%20to%20set%20the%20home%20page

Search provider

https://support.mozilla.org/en-US/kb/search-bar-easily-choose-your-search-engine

Safari: http://browsers.about.com/od/safar1/ss/safarihomepage_3.htm

For further assistance please contact support@genieo.com

The uninstaller you recommend STILL leaves behind actively-running processes, such as a process deceptively named "Application." This has been the case for months. What do you plan to do about this?

It is a bug in the uninstaller that this process is left behind.

We don't need it nor we use it.

As I told you before, we plan on fixing this sometime in the near future.

Look at this page which has link used by Genieo posing as a free download of Mac OS Maverick:

http://alvinalexander.com/mac-os-x/mac-schedule-mac-tasks-reminders-events-ical

And the people at Genieo are calling themselves legitimate. Not only does this malware hijack my browser, Safari, it also caused older applications requiring Rosetta to crash. I ended up having to do a complete reinstall which I'm still working on as files and application other than system have to be installed/transferred manually without the assist of migration program. Their uninstaller did not fix the problem.

The uninstaller still does not work. The installmac uninstaller (another genieo product) actually adds software even where none existed beforehand.

Don't use the installmac uninstaller

InstallMac uninstaller antics

If anyone has the genieo adware, they should try to carefully follow one of these removal procedures : don't trust the uninstaller.

You installed the "Genieo" scam product.

or Adware Removal Guide : Genieo

Playing around with trying to unistall Genieo over an hour finally found this and best advice out of all. Finally stopped the genieo browser. DO NOT USE GENIEO instructions they do not help. Thanks Linc. 🙂

ladewigk wrote:

Playing around with trying to unistall Genieo over an hour finally found this and best advice out of all.

Linc's instructions are four months old now and he has updated instructions posted elsewhere in the forum. thomas_r.'s instructions @ Adware Removal Guide : Genieo are similarly updated as new variants of this and related adware are uncovered.

.

Thanks.. I tried so many things to get rid of Genieo in my Safari and this was the only thing I found worked. The Geneio uninstaller didn't work nor removing it from my Extensions or homepage safari preferences.

Thanks again

Thanks to all for the useful info here. Somehow Genieo was installed on my iMac. I am following the directions @ thomas_r.'s instructions @ Adware Removal Guide : Genieo and I am stuck. I can only find one of the .dylib files and I get this message: The folder “libgenkit.dylib” can’t be opened because you don’t have permission to see its contents. I am the administrator and am logged in as myself. Any suggestions please??

You can try booting up in safe mode (Hold shift during startup).

Or you can try holding Control + Clicking the file > Get info > Sharing and permissions > Unlock the lock at the bottom right.

Press + sign > Add your user to list of permissions > Give your self read and write privilege.

-Try removing it again.