RarGenie is an archiver for Mac OS X and can be downloaded from Rar-genie.com without any expenses. Conveniently designed tool claims to serve functions of compression and decompression by dragging the selected files into it. Mac program pledges to offer a collection of compression formats: 7z, Zip,Tar, Gzip, Bzip2, DMG, ISO and equal diversity for extraction.
However, clients of this tool have reported reoccurring pop-ups from this application, usually wishing that a certain third-party program would be downloaded. What is more, RarGenie is also a potential culprit of re-organizing browsers’ settings and making another search engine a preference.
Detailed description of this malware infection
The software belongs to Somoto Ltd. company. During our investigation, we became aware that the service will assign Genieo Search as users’ homepage and default search provider. We have investigated this browser hijacker a long time ago: back in June of 2013. Nevertheless, its creators are not giving up and promoting this bogus search engine. Genieo personalized homepage is described in such a manner, but no one should fall for the pretty-wrapping.
Description & Features:
Top news headlines directly on your homepage.
Auto bookmark management.
Highlights from your Facebook and Twitter contacts.
Dynamic tracking of your interests.
Users that wish to explore this ‘excellent, free, easy and fast” application for their Apple product are welcome to download RarGenie.dmg which will place an installer and requite to double click it. Before you do this, there are certain information that needs to be acknowledged. This application is an ad-based parasite, in other words, an adware.
To extend our analysis, we ran the .dmg file through a quick scanner which provided us with a crystal-clear facts. Respectable malware-fighting tools like Avast, Emsisoft, F-Secure, Kaspersky all agreed that this application is an adware. Such labels like: Trojan.Adware,MAC.OSX.GenieoCA.1, MacOS:GENIEO-BQ (Adw), Mac.Trojan.Genieo.196, Genieo (PUA) confirms the link between the earlier-mentioned browser hijacker and this adware.
Also, fee-based services can also be offered for trial subscriptions. It is explained that most of the time these trials last for 10 days. If they are not rejected during this time, non-refundable charges will be taken out of clients’ banking accounts. Such services very usually interfere with the cancellation of subscriptions and scam money out of people. You should be careful not to be tricked into revealing your banking account details to unreliable services that do not treat their clients with respect and dignity.
Removal of an adware
For your own sake, we propose you to get rid of this malware infection while it has not affected your computer with even more severe infections or forced you to lose hundreds of dollars to a rogue service. Run a scan with any of the tools that we have mentioned before, or you could select Spyhunter or Hitman which will provide premium care.
If you do not wish to become bothered by malware ever again, you should realize that is not an easy objective to follow. First of all, do not install software from unreliable websites and developers. This could easily result in a malware infection, making your browsing and overall utilization of a device a real bother. Stop yourself from visiting unknown domains or responding to promotional content from third-parties.
If your operating system appears to be infected with this variant, we recommend you to repeat these steps:
1. Select “Go” and “Go to Folder” on the Finder toolbar.
2. In the “Go to Folder” section, write /Library/LaunchAgents.
3. In the folder that gets launched, please check whether there are any suspicious files that could be triggering an adware to be active. It could be that entries, related with “Genieo” or “RarGenie” will be noticed.
4. If you find any suspicious files, you should move them to trash.
5. Write /Library/Application Support in the “Go to Folder”.
6. Once again, check the folder for any alarming files or folders.
7. Check ~/Library/LaunchAgents folder for any dangerous entries. Do this by entering the folder name in “Go to Folder”.
8. Finally, repeat the same routine with the /Library/LaunchDaemons folder.
In case this does not work, we strongly-emphasize to try the automatic removal option which we have mentioned above. Run a scan to see the location in which this adware is hiding.
Automatic Malware removal tools