How to get rid of the Conduit virus on a Mac

Disguised as a browser plugin, Conduit — also known as Conduit Search — is believed to have been created by ClientConnect Ltd. It claims to improve the internet browsing experience by generating improved search engine results.

However, what it really wants to do is collect user data and send it to cybercriminals. Conduit can collect keystrokes and passwords, IP addresses, and geolocation data as well as monitor browser activity.

What is conduit virus

What is Conduit malware on Mac?

Conduit — which is also said to go by the names Trovi and VSearch — is another form of malicious malware known as a browser hijacker. It takes over your browser, changing the default search engine to It installs itself as a browser plugin, then can be used to steal data and cause other cyber infections to take hold in your Mac.

conduit search malware

It is not picky about which browser it takes over, as Conduit has been around for several years and can hijack Safari, Chrome, and Firefox. It will send you unwanted adverts and pop-ups and redirect you to unexpected web pages when you click on websites you often visit, especially those in your Bookmarks. Conduit can modify browser security settings, make your Mac run more slowly, and will continue to collect and transmit data back to its control servers until you’ve managed to eliminate the infection.

The longer your Mac is infected with this virus, the greater chance you have of accidentally downloading other viruses and more dangerous types of malware. Removing this virus is worth doing as soon as you realize your browser is behaving oddly.

Remove Conduit from Chrome Mac MacBook

How to remove Conduit malware?

Browser hijackers, although annoying, are one of the easier types of malware to remove. They are also easier to spot, as everyone soon knows when their browser has been taken over, the default search engine changed, and other settings have been altered without your consent. Unfortunately, it isn’t as easy to know what else the malware has let into your computer.

Adware is a gateway virus opening a backdoor for other computer viruses, including spyware, malware, and other threats. Malicious software is bundled into links, adverts, and other downloadable payloads, making this minor irritation more of a risk to your Mac than most people would assume.

To make your Mac safe, here is how you can remove it manually:

#1: Uninstall from Safari

  1. Go to Safari > Preferences.
  2. Click on Extensions.
  3. Pick the extension that you don’t recognize to delete.
  4. Click Uninstall.
  5. Confirm that you want to Uninstall the extension.

#2: Remove from Chrome

  1. Open Chrome.
  2. Go to the menu in your browser.
  3. Click on More Tools > Extensions.
  4. Pick the extension that you don’t recognize to delete.
  5. Click Remove.
  6. Confirm that you want to remove the extension.

#3: Remove from Firefox

  1. Open Firefox.
  2. Go to the menu in your browser.
  3. Click on the Add-ons and themes. 
  4. Select the extension you want to remove.
  5. Click Remove.
  6. Confirm that you want to delete.

Some Mac articles recommend using CleanMyMac X to delete extensions. The app interface is very clear to its advantage, and you can remove all the browser add-ons in one go. Here is a screenshot from my Mac:

Safari Extensions in Extensions module of CMMX

Conduit virus how to delete

Deleting Conduit leftovers from the system

Now that you’ve removed the extension from your browser, you need to search through your Mac for other traces of this virus. Click on Finder and then press Go > Go to Folder... in the upper menu. 

Here are a handful of the folders that need to be checked:


/Library/Application Support/SIMBL/Plugins/ 

/Library/Internet Plug-Ins/ 

/Library/Application Support/SIMBL/ 



Once these are free from infection, it is worth resetting your browser and making sure the settings have restored your default search engine.

If all of that sounds like too much work, there is a quicker way. It is a smart move to scan for other potential risks and viruses, as it is difficult to know what else might have been set loose in your Mac thanks to the Conduit malware infection.

Remove Conduit Trovi, VSearch

Easier way: Delete Conduit with a dedicated tool

The app mentioned above, CleanMyMac X, is a powerful Mac cleaning device. It scans and removes many known types of malware and hidden agents that are specific to the macOS. Its virus database is regularly updated, so if a new disguise of the Conduit virus arrives, the app will likely include a remedy.

To remove Conduit Search quickly and easily, take the following steps:

  1. Download CleanMyMac X (free edition of the application).
  2. Click on the Malware Removal tab.
  3. It will scan for Conduit and any other infections, spyware, adware, and malware.
  4. CleanMyMac X will show you what your Mac is infected with.
  5. Click Remove, and they will vanish for good.
Removing malware files

Conduit can hide and illegally gain control of any web browser on a Mac. It can record everything you type and everywhere you go. Removing it means you can reclaim your browser and default search engine. There are, thankfully, a few quick and easy ways to do that, whether you want to remove it manually or use a tool to speed the process up.

Laptop with CleanMyMac
CleanMyMac X

Your Mac. As good as new.