Review this guide to learn what the Trovi adware is, how it compromises computers, and how to completely remove it from an infected Mac machine.
Malware-free Mac OS is unfortunately turning into a delusion at a steady pace. The good news is it’s not as susceptible to viruses as Windows, but potentially unsafe applications such as adware have been capable of compromising Mac machines for quite a while now. The infection which is the subject of this article is called Trovi, and it’s an extreme nuisance and a big time web surfing experience spoiler. This potentially unwanted code is flagged by antivirus utilities as adware, that is, a program taking advantage of hijacked Internet traffic in order to promote certain services.
The Trovi threat is known to be closely affiliated with Conduit, or Conduit Search – one of the prevalent homepage hijackers in the wild. So if you’ve got one on your machine, the other is probably there as well. Just like its Conduit satellite, Trovi is distributed as part of freeware whose spreading pattern in no way presupposes declaring that any sort of bundle is coming along. Scrutinizing the Terms of Service for random free multimedia utilities or browser helper objects might help avoid the contamination but, first off, not necessarily, and secondly, there aren’t a whole lot of users doing that as a rule.
This adware changes the web browsing preferences on the infected workstation, namely the values for homepage and default search engine. The Mac versions of Chrome, Firefox, as well as Safari therefore start to act up, constantly returning www.trovi.com instead of the URLs for the above settings previously configured by the user. There is no actual danger stemming from the landing web page for this adware except for the annoyance aspect. Trovi.com bears a tangible value to its creators, though, because it displays ads to the victims. Whether you click on those banners and sponsored links or not, it’s profitable to Trovi authors.
Removal of this adware should be performed in several stages: resetting the affected web browsers and eliminating the malicious app proper. Below are detailed instructions on what needs to be done.
Trovi manual removal for Mac
To begin with, settings for the web browser that got hit by the Trovi adware should be restored to their default values. The overview of steps for this procedure is as follows:
1. Reset Safari
• Open the browser and go to Safari menu. Select Reset Safari in the drop-down list
• Make sure all the boxes are ticked on the interface and hit Reset
2. Reset Google Chrome (if affected by the Trovi virus)
• Open Chrome and click the Customize and Control Google Chrome menu icon
• Select Options for a new window to appear
• Select Under the Hood tab, then click Reset to defaults button
3. Reset Mozilla Firefox (if affected)
• Open Firefox and select Help – Troubleshooting Information
• On the page that opened, click the Reset Firefox button
4. Further actions
• Go to /Library/InputManagers and send the CTLoader folder to trash
• Proceed to /Library/LaunchAgents/ and trash com.conduit.loader.agent.plist
• Go to System Preferences – Users & Groups. Select Login Items and remove any suspicious-looking item (Trovi, Trovi.com, Conduit, Conduit Search Protect)
• Go to System Preferences – Keyboard. Hit the Keyboard Shortcuts tab and select Servicesin the left-hand section of the interface. Look through the list, find anything related to Trovi, Trovi.com or Conduit, and deselect the bad item(s)
• Quick all apps and press Command-Shift-G. Type ~/Library/Preferences and click Go. Move the file named com.apple.Safari.plist to trash and reboot the machine
Get rid of Trovi virus using Freshmac automatic removal tool
When confronted with malicious code like the Trovi on Mac, you can neutralize its toxic impact by leveraging a specially crafted system utility. The Freshmac application (read review) is a perfect match for this purpose as it delivers essential security features along with must-have modules for Mac optimization.
This tool cleans unneeded applications and persistent malware in one click. It also protects your privacy by eliminating tracking cookies, frees up disk space, and manages startup apps to decrease boot time. On top of that, it boasts 24/7 tech support. The following steps will walk you through automatic removal of the Trovi Search infection.
1. Download Now onto your machine. Double-click the Freshmac.pkg file to trigger the installer window, select the destination disk and click Continue. The system will display a dialog asking for your password to authorize the setup. Type the password and click Install Software.
2. Once the installation has been completed, Freshmac will automatically start a scan consisting of 5 steps. It scans cache, logs, unused languages, trash, and checks the Mac for privacy issues.
3. The scan report will then display your current system health status and the number of issues detected for each of the above categories. Click the Fix Safely button to remove junk files and address privacy issues spotted during the scan.
4. Check whether the Trovi.com has been fixed. If the lock screen is still there, go to the Uninstaller option on Freshmac GUI. Locate an entry that appears suspicious, select it and click Fix Safely button to force-uninstall the unwanted application.
5. Go to Temp and Startup Apps panes on the interface and have all redundant or suspicious items eliminated as well. The Trovi fraud shouldn’t be causing any further trouble.