AVG Deleted StartUp Files - Need Help!

Mac products
3

Hello Fred,
we analyzed your situation and successfully induce it in our lab. By the words of our developers, the lib file that was detected is not a system file, but serves for malware's purposes to hook running process and code injection. This is just to point out that the detection made by AVG was correct.

As for the solution of your problem. Please follow these steps to fix your Macbook:

  1. Boot up to single-user mode, here (http://support.apple.com/en-us/HT201573) is an Apple KB with more information.
  2. This will start your system into command-line environment.
  3. Type in the "mount -uw / " command (without quotation marks) and press Enter. This will enable read-write hdd mode - by default read-only is set.
  4. Type in "rm -rf /etc/launchd.conf" (without quotation marks) and press Enter.This will remove a configuration file associated with the malicious file that caused this situation.
  5. Type in "reboot" (without quotation marks) and press Enter. This will reboot your PC.
  6. Now your Mac should boot normally.
 This workaround worked for us. Please make sure to type in commands correctly, especially the one from point 4. We believe this will fix your issue. If not, feel free to contact us again. We will be glad to assist you.

Regards,
Vladimir
1

Upon installing AVG Ultimate 2015 on my Macbook Air the AVG software idenitifed libgenkit.dylib, blocked it and asked me to delete it. Upon deletion, the laptop shutdown and will no longer boot properly. It stalls at the startup Apple screen. I've read some blogs about this, but thought I'd come here since AVG caused my problem. I'm sure when I deleted as suggested, it delted a boot file attached. What should I do next, how do I recover from the "brick" created? 

2

Hello Fred,
we analyzed your situation and successfully induce it in our lab. By the words of our developers, the lib file that was detected is not a system file, but serves for malware's purposes to hook running process and code injection. This is just to point out that the detection made by AVG was correct.

As for the solution of your problem. Please follow these steps to fix your Macbook:

  1. Boot up to single-user mode, here (http://support.apple.com/en-us/HT201573) is an Apple KB with more information.
  2. This will start your system into command-line environment.
  3. Type in the "mount -uw / " command (without quotation marks) and press Enter. This will enable read-write hdd mode - by default read-only is set.
  4. Type in "rm -rf /etc/launchd.conf" (without quotation marks) and press Enter.This will remove a configuration file associated with the malicious file that caused this situation.
  5. Type in "reboot" (without quotation marks) and press Enter. This will reboot your PC.
  6. Now your Mac should boot normally.
 This workaround worked for us. Please make sure to type in commands correctly, especially the one from point 4. We believe this will fix your issue. If not, feel free to contact us again. We will be glad to assist you.

Regards,
Vladimir