It Finally Happened, We Received a MacBook with a Virus! 
How did this happen? What did you use to clean up the system? Well there are a few things you have to consider......
Are Macs Virus Free?
Apple computers and viruses tend not to be in the same conversation. That said no computer system is completely immune from a possible attack, but Apple’s OS X (being Unix-based) is less vulnerable than most, particularly the latest versions - Lion, Mountain Lion and Mavericks.
Since the introduction of Snow Leopard, Apple OS X has an anti-malware system built-in known as XProtect but officially called File Quarantine which may alert you to, and prevent installation of, certain forms of malware. Later versions of OS X include further features to protect you, but Mac computers can get viruses and malware.
Do not install Norton Anti-Virus on a Mac as it can seriously damage your operating system. Norton Anti-Virus is not compatible with Apple OS X. Don't install MacKeeper or iAnti-Virus either.
In this case however a customer had their browsers hijacked with Conduit on one and Trovi on the other after originally visiting a streaming media site and clicking on a false banner saying that an update was needed to play the file. This then lead to the deployment of a Trojan which instigated a browser redirect and a bunch of pop up adverts on cue.
To Rid Them!
Now there are removal tools available. We tried BitDefender, Avast! and ended up also making sure all were deleted manually by searching for the files. BitDefender it seems wasn't catching much or even quarantining any files! Avast picked up multiple files and successfully deleted them. We still wouldn't install Avast! fyi, it has stuff in there I'm not sure about.
Just to be sure, and this is where you should take notice (because there aren't any decent removal tools around for Macs).
>Step 1: Examine your browser extensions
Look through the list and delete/disable those extensions or add-ons.
This is done by clicking Preferences > Extensions within the application.
>Step 2: Examine Libraries
Some adware installs LaunchAgents, which are used to keep a component running in the background at all times. You will need to look in two different LaunchAgents folders. If you see a file matching the description, you have adware installed.
Go to your hard drive select > Library > Launch Agents
Inside this folder if you see anything with the words: conduit,genieo,vsearch delete them.
Go to your hard drive select > Library > Launch Daemons
Inside this folder delete anything you see with the words: vsearch.
This should have now cleaned your system. Also, trojans are still called trojans in the file name sometimes so use the search tool in OS X to hunt them down and delete them.
So Which Would Be a Safe Removal Tool?
If you want a removal tool that doesn't install anything else on your system, we would go with Safe Mac removal tool. Alternatively Sophos is aother good choice.
If you have any questions about Mac viruses or browser hijacking give us a call at Northampton Computer Repair 413-341-3571
Don't forget to download our Virus/Malware Protection Guide below:
