I have been running into several endpoints with the search hijacker / toolbar searchprotect. I've found several write-ups for manual removal but would like to include this as an unwanted program and set it up for removal through policy. What is the best approach for setting this up for VSE through ePO policy? Here is a symantec writeup on it: http://www.symantec.com/security_response/writeup.jsp?docid=2014-063009-1324-99&tabid=3
SInce that is a 3rd party application that is not a virus, McAfee will not detect as a virus. You could send the files to Labs but I think they will tell you the same. You could create AP rules to prevent 3rd party software to be installed.
I think to to the same with PUP is a bit more difficult as you need to know the files that are installed and then create a user detection for each file that it is a bit of work. Alternative, you can get the uninstall key from add/remove programs and send the unistallation via GPO.
There's an excellent removal guide here: http://malwaretips.com/blogs/remove-conduit-search-virus/ but not sure if it will help too much in the Enterprise environment.
It involves applying one 3rd party tool.