Since Mac's are now in the bad guys crosshairs , adopting good security strategies (adopted from years of malware infestations in tens of millions of PC users) must now be employed by Mac's: and that means concentrating efforts on PREVENTION. Not removal.
Poisoned JavaScript is delivered to the browser, (none are immune), and this powerful language then manipulates a computer and installs these "rogue" items.
Firefox, with "NoScript" controls what automatically deploys from the browser, and is the #1 defense against several vectors of malware.
https://addons.mozilla.org/en-US/firefox/collections/dunbar-pappy/dunbarpappy/
Also, the default configuration for Safari has "Open "safe" files after downloading" checked (by default). This setting is under "Preferences" in Safari and is at the bottom of the "General" tab (the first tab).
It must now be disabled (unchecked) at all times.
And, do not rely on "signature" based antivirus. Criminals update their rubbish daily (just like the good guys) and change names and other aspects (like a fingerprint) in order to get around detection.
Prevention: not removal.