Scan is showing two Threats: OSX.Genieo.1.r and PUA.OSX.TuneUpMyMac.1.r. These threats only show up on the time machine backup drive, not the system hard drive.
Having read these forums, it seems as though these are false positives. However, a Webroot response of a long time ago stated
"The reason that we are detecting these apps is because Apple did not encrypt their software properly and they both have malicous strings in them. We have pushed an update to our system with will ignore those two files..."
That would suggest that the software should properly account for these files if they are no threat. Can anyone shed light on this?
If it helps, the details show:
/Macintosh HD/System/Library/CoreServices/MRT.app/Contents/MacOS/MRT and
/Macintosh HD/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
Thanks,
John
PS: My Mac is 4 years old and this is the first time running scanning software such as this.
Solved
Genieo False Positive?
Best answer by Ssherjj
Hello RangerVA,
Welcome to the Webroot Community,
Webroot recommends changing your settings so that you do not scan mounted drives with WSA. In some cases, Webroot will detect a threat that is located on your backup, such as Time Machine. If the file are in the backup, then they cannot hurt your system. You would have to restore the files from the backup to get them on the system, and at that point the Real Time Shield in Webroot would find and remove them. Even though Webroot cannot remove these files, as space for newer backups is needed the older backups will be deleted. This will delete the threats from the backup as well. Another option available to Time Machine users is to exclude the files and folders from being backed up by the Time Machine. You can add them to the exclusion list which will permanently block the files/folders from being backed up in the future. By doing this, the infected file will eventually be deleted from the backup over time and prevent it from ever getting re-introduced to the drive should it be installed on the computer again.
Please have a look at the Mac PC User Guide http://live.webrootanywhere.com/content/553/Changing-Scan-Settings
If you have concerns about these files then you can always Submit a Support Ticket and they can confirm if these files are indeed False Positives or not. This is a free service with an active Webroot subscription.
Hope this helps?
Welcome to the Webroot Community,
Webroot recommends changing your settings so that you do not scan mounted drives with WSA. In some cases, Webroot will detect a threat that is located on your backup, such as Time Machine. If the file are in the backup, then they cannot hurt your system. You would have to restore the files from the backup to get them on the system, and at that point the Real Time Shield in Webroot would find and remove them. Even though Webroot cannot remove these files, as space for newer backups is needed the older backups will be deleted. This will delete the threats from the backup as well. Another option available to Time Machine users is to exclude the files and folders from being backed up by the Time Machine. You can add them to the exclusion list which will permanently block the files/folders from being backed up in the future. By doing this, the infected file will eventually be deleted from the backup over time and prevent it from ever getting re-introduced to the drive should it be installed on the computer again.
Please have a look at the Mac PC User Guide http://live.webrootanywhere.com/content/553/Changing-Scan-Settings
If you have concerns about these files then you can always Submit a Support Ticket and they can confirm if these files are indeed False Positives or not. This is a free service with an active Webroot subscription.
Hope this helps?
+56Hello John and Welcome to the Webroot Community!
The detections look like PUA's to me so see if you can remove them yourself and here is instructions for Windows and I will ping@ our Mac expert for more information! https://community.webroot.com/t5/Techie-KB/How-to-Remove-Potentially-Unwanted-Applications/ta-p/40744
Also you can Submit a Support Ticket and they will help you remove them as well!
Thanks,
Daniel 😉
The detections look like PUA's to me so see if you can remove them yourself and here is instructions for Windows and I will ping
Also you can Submit a Support Ticket and they will help you remove them as well!
Thanks,
Daniel 😉
+62Hello RangerVA,
Welcome to the Webroot Community,
Webroot recommends changing your settings so that you do not scan mounted drives with WSA. In some cases, Webroot will detect a threat that is located on your backup, such as Time Machine. If the file are in the backup, then they cannot hurt your system. You would have to restore the files from the backup to get them on the system, and at that point the Real Time Shield in Webroot would find and remove them. Even though Webroot cannot remove these files, as space for newer backups is needed the older backups will be deleted. This will delete the threats from the backup as well. Another option available to Time Machine users is to exclude the files and folders from being backed up by the Time Machine. You can add them to the exclusion list which will permanently block the files/folders from being backed up in the future. By doing this, the infected file will eventually be deleted from the backup over time and prevent it from ever getting re-introduced to the drive should it be installed on the computer again.
Please have a look at the Mac PC User Guide http://live.webrootanywhere.com/content/553/Changing-Scan-Settings
If you have concerns about these files then you can always Submit a Support Ticket and they can confirm if these files are indeed False Positives or not. This is a free service with an active Webroot subscription.
Hope this helps?
Welcome to the Webroot Community,
Webroot recommends changing your settings so that you do not scan mounted drives with WSA. In some cases, Webroot will detect a threat that is located on your backup, such as Time Machine. If the file are in the backup, then they cannot hurt your system. You would have to restore the files from the backup to get them on the system, and at that point the Real Time Shield in Webroot would find and remove them. Even though Webroot cannot remove these files, as space for newer backups is needed the older backups will be deleted. This will delete the threats from the backup as well. Another option available to Time Machine users is to exclude the files and folders from being backed up by the Time Machine. You can add them to the exclusion list which will permanently block the files/folders from being backed up in the future. By doing this, the infected file will eventually be deleted from the backup over time and prevent it from ever getting re-introduced to the drive should it be installed on the computer again.
Please have a look at the Mac PC User Guide http://live.webrootanywhere.com/content/553/Changing-Scan-Settings
If you have concerns about these files then you can always Submit a Support Ticket and they can confirm if these files are indeed False Positives or not. This is a free service with an active Webroot subscription.
Hope this helps?
IMac 2021 27 in i5 Retina 5, iMac OS Sequoia (15.7.3), Security: iPads, ALIENWARE 15 R6, W11 Microsoft Windows Workstation, x64, Webroot® SecureAnywhere™ Internet Security Complete, Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester
+62Hi RangerVA,
You are most welcome!:D
You are most welcome!:D
IMac 2021 27 in i5 Retina 5, iMac OS Sequoia (15.7.3), Security: iPads, ALIENWARE 15 R6, W11 Microsoft Windows Workstation, x64, Webroot® SecureAnywhere™ Internet Security Complete, Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester
Hello, apologies for writing on an older thread. I just activated WebRoot, through Luma. I look forward to using the application; it seems to have a lot of positive reviews!
I also have MacOS/MRT showing up as a threat, named "OSX.Genieo.1.r". WebRoot can't remove it. I am not scanning any external backup drives, so I am pretty sure it's on the main iMac hard drive.
Can someone explain to me if this is really a threat? And if so, how do I get it off my machine, since WebRoot cannot? Or is the fact it is currently set to "Block" on the "Block / Allow Files" list good enough?
Much thanks for any assistance.
I also have MacOS/MRT showing up as a threat, named "OSX.Genieo.1.r". WebRoot can't remove it. I am not scanning any external backup drives, so I am pretty sure it's on the main iMac hard drive.
Can someone explain to me if this is really a threat? And if so, how do I get it off my machine, since WebRoot cannot? Or is the fact it is currently set to "Block" on the "Block / Allow Files" list good enough?
Much thanks for any assistance.
+62Hello kalimotxo,
Welcome to the Webroot Community,
My best advice is to Submit a Support Ticket and they can check this out for you free of charge withan active Webroot subscription. The Support Team can verify if this is a False Positive or not.
You can also Contact by calling Support here during business hours.
Mon - Fri 7:00 AM to 7:00 PM (MST)
Tel: https://tel:+18666124268
Hope this helps?
Welcome to the Webroot Community,
My best advice is to Submit a Support Ticket and they can check this out for you free of charge withan active Webroot subscription. The Support Team can verify if this is a False Positive or not.
You can also Contact by calling Support here during business hours.
Mon - Fri 7:00 AM to 7:00 PM (MST)
Tel: https://tel:+18666124268
Hope this helps?
IMac 2021 27 in i5 Retina 5, iMac OS Sequoia (15.7.3), Security: iPads, ALIENWARE 15 R6, W11 Microsoft Windows Workstation, x64, Webroot® SecureAnywhere™ Internet Security Complete, Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.