User profile for user: elrohiremre
elrohiremre Author
User level: Level 1
8 points

genieo.completer trojan

I really nead your help. Whenever i open my mac my memory start to decrease. When i open activity monitor i see a process called as "installer" which fullfill my memory. When i look at the files that installer runs i see this one

com.genieoinnovation.installer/Completer.app/Contents/MacOS/Installer

However i can't see any app called as completer.app. I saw a app called IM Uninstaller. I click it and asked me if i want to uninstall software but i don't trust it so i close it and move this app to trash. How can i remove this malware?


Thank you

MacBook Pro with Retina display

Posted on Apr 12, 2014 6:04 AM

Reply
20 replies
User profile for user: thomas_r.
thomas_r.
User level: Level 7
32,031 points

Jan 13, 2015 5:29 PM in response to anthonybuchanan

anthonybuchanan wrote:


posted in wrong area... this was meant for Installer, Completer pop up.


Yes, and it would still be incorrect advice for any discussion involving an Installer or Completer pop-up message. Those messages only appear once Genieo is already installed on the system, and removing the Genieo browser extension (Omnibar) is not sufficient to fix that.

Reply
User profile for user: LSwihart
LSwihart
User level: Level 1
0 points

Nov 14, 2015 8:49 AM in response to thomas_r.

What is the best way to get rid of this malware ?


Can someone post a howto or guide. I have noticed this is a nasty one. I never installed this on my computer, it just showed up and looks like its part of a larger issue where it is getting installed through infected web servers/sites via thread injection in Chrome/Safari/Firefox.


I can't believe what I am seeing on multiple systems using opensnoop to watch what browsers are doing and how many sites are infected.


I don't want to upgrade to 10.11 as this has lots of issues and I don't want SIP. I would like a Yosemite fix for this!!!


I personally think this was one of the big reasons for apple pushing out El Capitan (MacOS 10.11.x) so fast and SIP etc.


If anyone would like to debug this w/ me and find a way to protect our systems against this since Apple is not let me know. I have core dumps, and have gathered quite a bit of information about this. I have actually witnessed via dtrace this thread injection. Our systems are basically rootkitted at this point and there could be all sorts of infected areas in the OS.

Reply
User profile for user: indalay1746
indalay1746
User level: Level 1
4 points

Jan 15, 2016 11:32 AM in response to elrohiremre

hi, I too had genie.com picked up on my Mac my Bitdefender Virus scanner found it, It tried to contain it, but it didn't work, so i frantically started deleting anything I could find on that date.... I know dumb..... well the only problem I have now is...when ever I try to install a download from other than App store it won't let me, saying it is corrupted . i have ran scans on these so far total of 4 , nothing found. I spoke with the people that put the apps on, did everything i could, still nothing. went to systems, privacy. disabled virus, set download from anywhere. etc. still won't

So I think I must have deleted an operating system file that will not let me complete the downloads.


any ideas

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

genieo.completer trojan

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up