My antivirus found it on my Mac and cannot erase it.
Since 2 weeks, my computer almost doesn´t work anymore (takes 5 real minutes to open a simple Word document without pictures) although I have a i7, 2,9GhZ, 8Gb Memory, still 300Go available on the drive.
MacBook Pro (13-inch Mid 2012), OS X El Capitan (10.11.4), BitDefender antivirus installed
Adware is installed without your knowledge, removing it will help.
1. Use Malwarebytes Anti-Malware for Mac to remove adware
https://www.malwarebytes.org/antimalware/mac/
Download, install , open, and run it by clicking “Scan for Adware” button to remove adware.
Once done, quit Malwarebytes Anti-Malware.
or
Remove the adware manually by following the “HowTo” from Apple.
http://support.apple.com/en-us/HT203987
2. Disable Extensions and test.
Safari 9
Safari > Preferences > Extensions
Disable all extensions and test.
Enable Extensions one by one and test.
To uninstall any extension, select it and click the “Uninstall” button.
3. Safari > Preferences > Search > Search Engine :
Deselect and select your preferred search engine.
4. Safari > Preferences > General > Homepage:
Set your Homepage.
the fact that bit defender found it is noble, the fact it was apparently useless in removing adware is not surprising.
If in the future your system is slow, unresponsive or just acting stupid this install would be the first thing I'd take off. I won't tell you you can't have AV on your Mac, only that the forums point to a littany of issues with compatibility, performance and even kernel panics when a host of different AV packages (approved by the app store or otherwise) are present on the mac. There is still no evidence from any Securities Lab that a Mac virus exists in the wild at this time and the Mac AV lineup has yet to prove itself detecting any known virus other that the Windows variety which are innocuous on Mac OS X and they do so through definitions, not through activity so basically a data file tells them, otherwise the fact AV (at least the windows variants) is installed on the mac it would never know.
Thanks Jimmy but my computer became slow after I installed El Capitan and really degraded in the last 2 weeks.
I installed BitDefend only 3 days ago, so there is something else wich slows down the computer and if I check the disk
with the Utilitary, it says all is perfect.
Any other idea if it´s not due to a virus ?
Thanks Dominic. I installed the software you advised to me - it erased several other adware - so it seems to be efficient - but it didn´t erase Genieo.
I try your advises further. I´m on Firefoy by the way.
Might be a failing hard disk. When you launch Console (it's in the Utilities folder), and search for I/O, do any errors show up?
Croustang wrote:
Thanks Jimmy but my computer became slow after I installed El Capitan and really degraded in the last 2 weeks.
I installed BitDefend only 3 days ago, so there is something else wich slows down the computer and if I check the diskwith the Utilitary, it says all is perfect.
Any other idea if it´s not due to a virus ?
Many times when installing a new OS X release, the 3rd party additions do not play nice, and then the user's blame Apple for poorly written 3rd party software.
You should remove any Anti-virus software you have, and Mac cleaners, any memory cleaners. Then make sure you up-to-date versions for other 3rd party additions that are running constantly in the background. EtreCheck would show you all of those packages you have installed
<https://discussions.apple.com/docs/DOC-6174>
if you post the EtreCheck output, we will look at it and give our opinions. However, Genieo is one of the most performance sucking adware packages that exist. Getting that off your system should be very helpful.
Disk Utility will tell you if there is a physical issue with the disk but it's not a diagnostic to tell you about 3rd party applications. Your computer could be bogged down where it can barely boot and DU may still give you a clean bill of health.
Most of the time performance issues can be tracked down to (in a very assumed order of most to least common)
3rd party software, especially utilities that claim they work in conjunction with the OS. These are titles with names that imply they "Clean", "Keep", or "Assist" OS X and in many documented cases they "Screw", "Hamper" and "Hose" the OS (but who is going to buy something called "Hose My Mac"?), any network assistant or 3rd party firewall, or sniffing software can cause serious issues, CTD's and Kernel Panics (often mistaken for virus when a user sees them for the first time, but these are triggered from OS X, not a 3rd party.)
A number AV offerings both outside the scope of Apple and some even approved in the App Store have a notorious history on Mac OS X. I can tell you as someone who supports both Mac and PC for a large corporation I personally have found the state of Mac AV is not even close to what it can do in Windows and more importantly how it integrates with Windows. Others might argue, their opinions are as valid as anyone elses.
Not enough RAM (or the presence of bad aftermarket RAM, or memory leaks). Apples assessment that OS 10.11 will run in with 2GB RAM is correct but it's also misleading, Actual use of OS 10.11 with 2GB RAM is fine if you just want to boot up your computer and admire the desktop but when you actually start trying to use it the necessity for disk swapping (using the HD storage as temporary RAM which is painfully slower than actual RAM) and the delay inherent in that is obvious. A minimum of 4 GB RAM is recommended, and far more if you do DTP, 3D, CAD/CAM, or Video Editing.
and last but not least and actual problem with the Hard Drive.
in the event you would like further investigation of your current setup many of us here can provide a analysis of an eterecheck report which is a tool that provides a clearly visible breakdown of your system and what is installed, the software was developed by a frequent contributor to these forums and it is the overwhelming choice of most volunteers when analysis is requested, but not the only method to which this can be accomplished.
Hello Bob,
Thanks for that.
About Genieo, I wanted to put it out but if I search for it in the spotlight, I never find it. So it might be hidden, it doesn´t appear.
I did the EtreCheck test and here are the elements that appear in RED :
La vitesse : Sous la moyenne
Les éléments de démarrage : ⓘ
HWNetMgr : Chemin : /Library/StartupItems/HWNetMgr
HWPortDetect : Chemin : /Library/StartupItems/HWPortDetect
StartOuc : Chemin : /Library/StartupItems/StartOuc
Les éléments de démarrage sont obsolètes avec OS X Yosemite
| [échec] | com.adobe.fpsaud.plist (2016-04-16) [L’aide] |
Taille de la disque de sauvegarde : Trop petit
Taille de sauvegarde 1.00 To > (Disque utilisé 489.19 Go X 3)
ALL THE REPORT BELOW :
EtreCheck version : 2.9.12 (265)
Rapport créé le 2016-05-06 18:14:36
Télécharger EtreCheck chez https://etrecheck.com
Runtime 7:52
La vitesse : Sous la moyenne
Cliquez sur les liens [L’aide] pour l’assistance avec les produits non-Apple.
Cliquez sur les liens [Les détails] pour plus d'informations sur cette ligne.
Problème :L‘ordinateur est trop lent
Les informations matérielles : ⓘ
MacBook Pro (13 pouces, mi-2012)
[Les caractéristiques techniques] - [Le guide de l’utilisateur] - [Garantie & service]
MacBook Pro - modèle : MacBookPro9,2
1 2,9 GHz Intel Core i7 CPU : 2-core
8 GB RAM Extensible - [Instruction]
BANK 0/DIMM0
4 GB DDR3 1600 MHz ok
BANK 1/DIMM0
4 GB DDR3 1600 MHz ok
Bluetooth: Bon - Handoff/Airdrop2 disponible
Wireless: en1: 802.11 a/b/g/n
La batterie : Santé = Normal - Comptage de cycles = 263
Les informations vidéo : ⓘ
Intel HD Graphics 4000
Color LCD 1280 x 800
Les logiciel du système : ⓘ
OS X El Capitan 10.11.4 (15E65) - Temps depuis le démarrage : environ 3 heures
Les informations des disques : ⓘ
APPLE HDD HTS541075A9E682 disk0 : (750,16 GB) (Rotational)
EFI (disk0s1) /Volumes/firmwaresyncd.AWBrmo : 210 Mo (182 Mo libre)
Recovery HD (disk0s3) <non monté> [Restauration] : 650 Mo
Mac HD (disk1) / : 748.93 Go (259.74 Go libre)
Crypté AES-XTS Overt
Core Storage: disk0s2 749.30 Go Online
MATSHITADVD-R UJ-8A8 ()
Les informations USB : ⓘ
Apple Inc. FaceTime HD Camera (Built-in)
Apple Inc. Apple Internal Keyboard / Trackpad
Apple Computer, Inc. IR Receiver
Apple Inc. BRCM20702 Hub
Apple Inc. Bluetooth USB Host Controller
Les informations Thunderbolt : ⓘ
Apple Inc. thunderbolt_bus
Les fichiers de configuration : ⓘ
/etc/hosts - Nombre : 6
Le gatekeeper : ⓘ
Mac App Store et développeurs identifiés
Les extensions du noyau : ⓘ
/Library/Extensions
[désengagé] com.Avid.driver.AvidDX (5.9.1 - SDK 10.11 - 2016-04-30) [L’aide]
[désengagé] com.FTDI.driver.D2XXHelper (1.0 - SDK 10.11 - 2016-04-30) [L’aide]
[désengagé] com.SafeNet.driver.Sentinel (7.5.4 - SDK 10.6 - 2016-04-30) [L’aide]
/System/Library/Extensions
[désengagé] com.joshuawise.kexts.HoRNDIS (8 - SDK 10.6 - 2016-04-30) [L’aide]
[désengagé] com.paceap.kext.pacesupport.master (5.9.1 - SDK 10.6 - 2016-04-30) [L’aide]
[désengagé] com.tomtom.driver.UsbEthernetGadget (1.0.0d1 - 2016-04-30) [L’aide]
[désengagé] com.wacom.kext.wacomtablet (Wacom Tablet 6.3.15-2 - SDK 10.11 - 2016-04-30) [L’aide]
/System/Library/Extensions/PACESupportFamily.kext/Contents/PlugIns
[désengagé] com.paceap.kext.pacesupport.leopard (5.9.1 - SDK 10.4 - 2016-04-16) [L’aide]
[désengagé] com.paceap.kext.pacesupport.panther (5.9.1 - SDK 10.-1 - 2016-04-16) [L’aide]
[engagé] com.paceap.kext.pacesupport.snowleopard (5.9.1 - SDK 10.6 - 2016-04-16) [L’aide]
[désengagé] com.paceap.kext.pacesupport.tiger (5.9.1 - SDK 10.4 - 2016-04-16) [L’aide]
Les éléments de démarrage : ⓘ
HWNetMgr : Chemin : /Library/StartupItems/HWNetMgr
HWPortDetect : Chemin : /Library/StartupItems/HWPortDetect
StartOuc : Chemin : /Library/StartupItems/StartOuc
Les éléments de démarrage sont obsolètes avec OS X Yosemite
Les agents de lancement systèmes : ⓘ
[désengagé] 7 tâches d’Apple
[engagé] 152 tâches d’Apple
[en marche] 79 tâches d’Apple
Les daemons de lancement systèmes : ⓘ
[désengagé] 44 tâches d’Apple
[engagé] 159 tâches d’Apple
[en marche] 85 tâches d’Apple
Les agents de lancement : ⓘ
[désengagé] com.adobe.AAM.Updater-1.0.plist (2015-08-30) [L’aide]
[en marche] com.avid.ApplicationManager.plist (2016-03-07) [L’aide]
[désengagé] com.avid.ApplicationManagerHelper.plist (2016-01-08) [L’aide]
[en marche] com.avid.backgroundservicesmanager.plist (2016-04-05) [L’aide]
[engagé] com.avid.dmfsupportsvc.plist (2016-04-05) [L’aide]
[engagé] com.avid.interplay.dmfservice.plist (2016-04-05) [L’aide]
[engagé] com.avid.interplay.editortranscode.plist (2016-04-16) [L’aide]
[engagé] com.avid.transcodeserviceworker.plist (2016-04-16) [L’aide]
[en marche] com.bitdefender.antivirusformac.plist (2016-05-04) [L’aide]
[désengagé] com.teamviewer.teamviewer.plist (2016-05-06) [L’aide]
[désengagé] com.teamviewer.teamviewer_desktop.plist (2016-05-06) [L’aide]
[en marche] com.wacom.wacomtablet.plist (2015-11-03) [L’aide]
Les daemons de lancements : ⓘ
[engagé] PACESupport.plist (2013-02-01) [L’aide]
[échec] com.adobe.fpsaud.plist (2016-04-16) [L’aide]
[en marche] com.avid.interplay.editorbroker.plist (2016-04-16) [L’aide]
[en marche] com.avid.interplay.editortranscodestatus.plist (2016-04-16) [L’aide]
[engagé] com.bitdefender.AuthHelperTool.plist (2016-05-04) [L’aide]
[en marche] com.bitdefender.agent.plist (2016-05-02) [L’aide]
[engagé] com.bitdefender.upgrade.plist (2016-05-04) [L’aide]
[engagé] com.malwarebytes.MBAMHelperTool.plist (2016-05-06) [L’aide]
[engagé] com.microsoft.autoupdate.helpertool.plist (2016-02-08) [L’aide]
[engagé] com.microsoft.office.licensingV2.helper.plist (2015-07-01) [L’aide]
[en marche] com.paceap.eden.licensed.plist (2015-08-10) [L’aide]
[désengagé] com.safenet.sentinel.kext.plist (2016-04-05) [L’aide]
[engagé] com.teamviewer.Helper.plist (2016-02-01) [L’aide]
[désengagé] com.teamviewer.teamviewer_service.plist (2016-05-06) [L’aide]
[engagé] com.wacom.displayhelper.plist (2015-11-03) [L’aide]
Les agents de lancement pour l’utilisateur : ⓘ
[engagé] com.adobe.AAM.Updater-1.0.plist (2015-08-30) [L’aide]
[engagé] com.google.keystone.agent.plist (2016-03-16) [L’aide]
[en marche] com.spotify.webhelper.plist (2016-01-29) [L’aide]
Les éléments Ouverture : ⓘ
TomTomMyDriveConnectHelper Application (/Applications/TomTom MyDrive Connect.app/Contents/MacOS/TomTomMyDriveConnectHelper.app)
iTunesHelper Application (/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)
Dropbox Application (/Applications/Dropbox.app)
FlowSync Application (/Applications/FlowSync.app)
Spotify Application Caché (/Applications/Spotify.app)
TomTomHOMERunner Application Caché (~/Library/Application Support/TomTom HOME/TomTomHOMERunner.app)
Les autres apps : ⓘ
[en marche] 2BUA8C4S2C.com.agilebits.onepassword4-helper
[en marche] com.avid.ApplicationManagerHelper.199072
[en marche] com.bitdefender.CoreIssues
[en marche] com.bitdefender.Daemon
[en marche] com.bitdefender.UpdDaemon
[en marche] com.etresoft.EtreCheck.232352
[en marche] com.getdropbox.dropbox.198112
[en marche] com.microsoft.Excel.56352
[en marche] com.tomtom.HOMERunnerApp.152352
[en marche] com.wacom.TabletDriver.162272
[en marche] com.wacom.WacomTouchDriver.161952
[engagé] org.mozilla.firefox.232032
[engagé] 431 tâches d’Apple
[en marche] 216 tâches d’Apple
Les plug-ins internets : ⓘ
AdobeAAMDetect : AdobeAAMDetect 1.0.0.0 - SDK 10.6 (2015-08-30) [L’aide]
FlashPlayer-10.6 : 21.0.0.226 - SDK 10.6 (2016-04-28) [L’aide]
QuickTime Plugin : 7.7.3 (2016-04-09)
Flash Player : 21.0.0.226 - SDK 10.6 (2016-04-28) [L’aide]
Default Browser : 601 - SDK 10.11 (2016-04-09)
Silverlight : 5.1.41212.0 - SDK 10.6 (2016-04-09) [L’aide]
WacomTabletPlugin : WacomTabletPlugin 2.1.0.6 - SDK 10.9 (2015-11-03) [L’aide]
Les extensions de Safari : ⓘ
1Password - AgileBits - https://agilebits.com/onepassword (2016-04-12)
TrafficLight - Bitdefender SRL - http://trafficlight.bitdefender.com/ (2016-05-06)
Les panneaux de préférences tiers : ⓘ
Flash Player (2016-04-16) [L’aide]
WacomTablet (2015-11-03) [L’aide]
Le Time Machine : ⓘ
Ignorer les fichiers du système : NON
Sauvegarde automatique : OUI
Disques sauvegardés :
Mac HD : Taille de disque : 748.93 Go Disque utilisé : 489.19 Go
Destinations :
Backup McBookPro CRoustang_20150801 [Local]
Taille totale : 1.00 To
Nombre de sauvegardes total : 1
Sauvegardes la plus agée : 02/02/2016 13:48
Dernière sauvegarde : 02/02/2016 13:48
Taille de la disque de sauvegarde : Trop petit
Taille de sauvegarde 1.00 To > (Disque utilisé 489.19 Go X 3)
L’utilisation du CPU par processus : ⓘ
12% BDLDaemon
12% WindowServer
4% kernel_task
2% AntivirusforMac
1% Finder
L’utilisation de la RAM par processus : ⓘ
833 Mo kernel_task
598 Mo firefox
377 Mo mdworker(18)
311 Mo BDLDaemon
295 Mo com.apple.WebKit.WebContent(2)
Les informations de la mémoire virtuelle : ⓘ
196 Mo RAM Disponible
7.80 Go RAM Utilisée (2.13 Go Cached)
4 Mo Fichier d’échange utilisé
Les informations du diagnostic : ⓘ
May 6, 2016, 05:48:30 PM ~/Library/Logs/DiagnosticReports/ShareMail_2016-05-06-174830_[expurgé].crash
/System/Library/PrivateFrameworks/ShareKit.framework/Versions/A/PlugIns/ShareMa il.appex/Contents/MacOS/ShareMail
May 6, 2016, 02:44:13 PM Examen de soi - succès
May 6, 2016, 02:35:35 PM /Library/Logs/DiagnosticReports/Safari_2016-05-06-143535_[expurgé].hang
/Applications/Safari.app/Contents/MacOS/Safari
May 6, 2016, 11:50:40 AM ~/Library/Logs/DiagnosticReports/Finder_2016-05-06-115040_[expurgé].crash
com.apple.finder - /System/Library/CoreServices/Finder.app/Contents/MacOS/Finder
May 5, 2016, 02:26:09 PM /Library/Logs/DiagnosticReports/Mail_2016-05-05-142609_[expurgé].hang
/Applications/Mail.app/Contents/MacOS/Mail
Croustang wrote:
Thanks Dominic. I installed the software you advised to me - it erased several other adware - so it seems to be efficient - but it didn´t erase Genieo.
You don't actually appear to have any components of Genieo installed, so there's nothing for Malwarebytes Anti-Malware for Mac to find.
What Bitdefender probably found was one of two things:
1) A component of Genieo in a Time Machine backup. Such a component is no longer installed, but could be detected. Anti-virus software should be smart enough not to remove things found in a Time Machine backup, since doing so can corrupt your Time Machine backups. If the file being detected is either on an external hard drive you use with Time Machine or at a path starting with /.MobileBackups/, then this is the case. Leave it alone, and it will eventually be removed from the backups (though, if your Time Machine backup disk isn't full, that could take a while). If possible, set Bitdefender not to scan Time Machine backup drives and the /.MobileBackups/ folder.
2) A component of Genieo on a mounted disk image file. Such a volume would be read-only, thus Bitdefender would not be able to remove it. This would typically be a Genieo installer... find any disk images that are mounted and eject them, and delete any disk image files that you may have downloaded recently from questionable sites (video streaming sites, audio streaming sites, p0rn sites, download aggregation sites like Download.com or Softonic, etc).
Excellent Comments there, Thomas.
Other things Croustang might want to follow up on are:
1. Rapport is on there. Alwlays a problem for Macs. Banks recommend it, thinking everyone uses PC. Uninstall is due.
2. Lots of extraneous stuff. Look through and delete what you don't want or use:
Wishingl you all the best, C.
Thanks Thomas.
How can I erase Image disk exactly ? How can I find them please ?
And could someone tell me what it means those red points from the etrecheck diagnosis ?
La vitesse : Sous la moyenne
Les éléments de démarrage : ⓘ
HWNetMgr : Chemin : /Library/StartupItems/HWNetMgr
HWPortDetect : Chemin : /Library/StartupItems/HWPortDetect
StartOuc : Chemin : /Library/StartupItems/StartOuc
Les éléments de démarrage sont obsolètes avec OS X Yosemite
| [échec] | com.adobe.fpsaud.plist (2016-04-16) [L’aide] |
Taille de la disque de sauvegarde : Trop petit
Taille de sauvegarde 1.00 To > (Disque utilisé 489.19 Go X 3)
It´s in French - I hope you can understand. It was installed directly in French obvisously.
Dear Bee,
Thanks for that.
I don´t understand your point 1 about Rapport : What should I do exactly there ?
And concerning the other Apps, I need Avid but my computer is slow just whie opening Word and nothing else, or Excel.
I tried to search for those applications on my computer :
using the search function but I found nothing except a PDF for PACE in the Licenses folders of Avid. That´s it.
Everybody here suggest that I uninstall BitDefender ? Although I have to say again that the problem with my computer being mega slow
started before and although the Disk Utilitary says that the hard drive is in a perfect condition. That´s I why I thought it could be due to a virus.
Thanks a lot for your tipps.
I have bought a new computer for the Avid but I would still like to use this one for the simple office work. It´s not such a small computer in term
of hardware components.
It's difficult to tell you how to delete this particular disk image file, since I don't know where it is. As a start, where does Bitdefender tell you this malicious file was found? It should be able to give you a full path (something looking like /blah/folder/blah/file) to the file it has identified.
As for the other issues you're seeing in Etrecheck, you've got some startup items installed via a method that has been deprecated, meaning it's not supposed to be used by developers any longer. Those programs should be uninstalled or updated. You've also got an Adobe process that has failed for some reason, which may or may not be normal. Finally, your Time Machine backup drive is smaller than the general rule of thumb that folks here follow (3x larger than the data you're backing up). None of these are enormous problems, nor are they due to anything malicious.
Hi C --
Rapport is a Safari app, extension, or plug-in, recommended by your bank for "safer online banking." It messes with your Safari something awful.
Here are their instructions on Uninstalling it effectively:
http://www.trusteer.com/support/uninstalling-rapport-mac-os-x
PACE is a really old "Anti-Piracy" app. I would get rid of it.
Search for InterLok, or PACE, or paceap.
Here's their site: https://www.paceap.com
First, never use any kind of "anti-virus" or "anti-malware" software on a Mac. That's how you cause problems, not how you solve them.
Please launch the Console application in any one of the following ways:
☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
☞ Open LaunchPad and start typing the name.
The title of the Console window should be All Messages. If it isn't, select
SYSTEM LOG QUERIES ▹ All Messages
from the log list on the left. If you don't see that list, select
View ▹ Show Log List
from the menu bar at the top of the screen.
Click the Clear Display icon in the toolbar. Then take an action that isn't working the way you expect. Select any lines that appear in the Console window. Copy them to the Clipboard by pressing the key combination command-C. Paste into a reply to this message by pressing command-V.
The log contains a vast amount of information, almost all of which is irrelevant to solving any particular problem. When posting a log extract, be selective. A few dozen lines are almost always more than enough.
Please don't indiscriminately dump thousands of lines from the log into this discussion.
Please don't post screenshots of log messages—post the text.
Some private information, such as your name or email address, may appear in the log. Anonymize before posting.
When you post the log extract, you might see an error message on the web page: "You have included content in your post that is not permitted," or "The message contains invalid characters." That's a bug in the forum software. Please post the text on Pastebin, then post a link here to the page you created.
If you have an account on Pastebin, please don't select Private from the Paste Exposure menu on the page, because then no one but you will be able to see it.
Someone knows about this "adware.Mac.genieo.jy" ?
