This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Deleting a Genieo Virus on a Mac that runs El Capitan

Hi there,

My computer is a MAC, it runs OS X 10.11 (El Capitan). My computer got infected with a Genieo Virus, I'm having a hard time removing. I currently have an updated Sophos Anti-Virus program. I have my quarintine manager open right now. However, there's no lock on the lefthand side of the screen of the quarintine manager. The two options I have are authorize and clear from list. The cleanup option is blocked. The option quarantine requires me to do is manually clean it up. I am utterly confused and I don't know what to do. If anybody can help me out with this blunder I've been trying to solve for two days straight now, i'd highly apprieciate it.



This thread was automatically locked due to age.
  • Hi Erica,

    Can you provide a screenshot of your quarantine manager or details of the exact detection you have listed in there please.

    As you mentioned you have the option to authorize it I suspect it is not a virus (we don't let you authorize those) it sounds more like a PUA (Potentially Unwanted Application) which is a legitimate bit of software, that does something annoying, like pop up adverts on your screen, so we help you by blocking it. As these aren't malicious they aren't trying to hide like a virus would, so normally you can just uninstall them like any other application on your Mac.

    It could also be that we have already removed it and the alert has not been removed, to test this you can select to clear the alert from the list. if you then see the detection come back after a scan of the machine then it is still on the machine, if it doesn't that means we have already removed it.

  • Here. I took a picture for you with my IPad.

  • Thanks for the screenshot, it is a bit of adware/PUA as suspected so not a virus which means you aren't at risk having it on the machine, but we still want to get rid of it.

    In the top right of your screen you should have an icon similar to this:

    If you double click on that it should open a new window, in there go into the 'Applications' folder and look for one called 'InstallMe'. If you find this drag it into your recycle bin and it should remove it from your machine.

    If you can't find this please go to the quarantine manager and clear the item from the list and then start a scan of your machine to see if it comes back or not.

  • From the screen shot it looks like the InstallMe is actually a mounted DMG, so just ejecting it may be enough?

    Regards,
    Bohdan