Security

How to Remove Trojan Horse Virus from Mac

By Ruslana Lishchuk
Updated: November 28, 2023 Published: October 02, 2019

In this article you will find the following:

Trojan horses are a common way for malware to infect Macs and other computers. If you get a Trojan virus on your Mac, it can wreak all kinds of havoc. Depending on what kind of payload they come with, Trojans can slow down your computer, steal files, take control of your machine to send out spam emails, install ransomware, and more.

 

Naturally, the sooner you remove Trojans from your Mac, the better. The less time you’re infected, the less damage this malware can do. In this guide, we’ll look at how to tell if you’re carrying a Trojan, how to get rid of it, and how to prevent future infections.

 

Before we start

 

Think you might have a Trojan horse on your Mac. Find and remove and remove it fast with MacKeeper’s Antivirus. Here’s how to do it:

  1. Open MacKeeper, and select Antivirus.
  2. Click Start Scan.
  3. If MacKeeper finds anything, select it from the list and click Delete.
  4. Click Delete again to confirm.

That’s just one of many ways MacKeeper can protect your Mac. Check it out today, and see what else it can do for you.

What is a Trojan virus?

A Trojan or Trojan horse is a type of malware that hides its true intent in some way. As you can probably guess, they get their name from Greek mythology. But instead of an army of Greek soldiers hiding inside a giant wooden horse to gain entry to the city of Troy, these Trojans contain malware. This will be hidden in something that looks innocuous like an app or an email attachment. Often, it’ll only activate when you try to open the infected file.

 

In the past, Macs simply didn’t get viruses, but those days are well behind us. As Apple computers grow more popular, they become an increasingly popular target for hackers—which means Macs get Trojan viruses just like other systems. In February 2022, Microsoft’s security team discovered malware that was being hidden in seemingly legitimate apps like video tools, as well in pop-up ads. This Mac Trojan has the power to get around macOS’s security features and can even delete evidence of its own existence.

How do you know if your Mac is infected with a Trojan?

By definition, a Trojan tries to remain hidden—at the very least, until it’s time to drop its payload. When that happens, you may notice some of the classic signs of malware infection.

 

Signs your Mac might have a Trojan virus:

  • Extremely slow performance
  • Crashes and freeze-ups
  • Files deleting themselves
  • Your antivirus is disabled
  • More pop-ups
  • Your web browser gets redirected

How to detect a Trojan virus on Mac

Although performance issues and other suspicious activity can mean you’re potentially carrying malware, they’re just one part of the puzzle. If you know what you’re looking for, you can manually search for malware and then try to delete it. But to truly tell if there’s a Trojan on your Mac, you need to check with a malware scanner, such as MacKeeper’s Antivirus.

 

Here’s how to detect a Trojan with MacKeeper’s Antivirus:

  1. Open MacKeeper, and select Antivirus from the sidebar.
  2. Click Start Scan.
  3. Wait for the scan to finish. If MacKeeper finds Trojans or other malware, it’ll be listed in the scan results.
MacKeeper Antivirus will scan your Mac to find malware, including Trojans. Open MacKeeper and click the Antivirus option in the sidebar.
Step 1. Select Antivirus
In the Antivirus section of MacKeeper, click the start scan button. This will initiate a virus scam which you can use to detect Trojans.
Step 2. Click Start Scan
When the scan is finished in MacKeeper, review the results. If any Trojans or other malware are found on your Mac, you'll see them here.
Step 3. Review the scan results

This tool will search your entire Mac or selected locations, comparing files against a checklist of known viruses, spyware, Trojans, and other malware.

How to get rid of a Trojan virus on Mac

If you think you suspect or detect a Trojan virus on your Mac, finding a way to remove it is your next task. Here are a few proven ways to clean this malware from your system:

1. Delete the infected file

When a Trojan virus infects a Mac, it can leave malicious files in all kinds of places. If you can find these unwanted files, you can manually delete them, which may be enough to prevent the malware from doing any more damage—if you’re lucky.

 

There are a few common places to check for Trojan viruses:

  1. In Finder, select Go > Go to Folder. Type in ~/Library, and press Enter.
  2. Among folders to check, start with Application Support. If you spot any malware, drag it to trash, and empty your trash.
  3. Next, check your Login Items. You’ll find these in the Launch Agents. Delete anything suspicious.
  4. Now, use Go to Folder to navigate to your system Library folder at /Library/. Search the Application Support, Launch Agents, and Launch Daemons folders. Again, delete anything related to the Trojan.
In the macOS menu bar, select Go, then Go to Folder. Use this to navigate to your Library folder. From there, you'll be able to delete any suspicious files.
Step 1. Navigate to your user Libary folder
In the Library folder, open the Application Support folder. Often, malware including Trojans will install viruses into this folder.
Step 2. Check Application Support
Next check the LaunchAgents folder. Look for anything that seems suspicious and drag it to your trash. Empty your trash completely.
Step 3. Check LaunchAgents
You should also look in the system library folder as this may also contain malware installed by a Trojan. Check the Application Support, LaunchAgents, and LaunchDaemons folders.
Step 4. Look in the system Library folders too

2. Remove malicious apps

If you’ve recently installed an app from an untrusted location, it could be the source of your Trojan. Deleting it may be enough to prevent a Trojan horse virus from causing any more issues, although it’s a long shot. Simply dragging the app to your trash may work, but it’s much better to use a tool like MacKeeper’s Smart Uninstaller, which will also remove all the leftovers.

 

To remove apps and their leftovers with MacKeeper’s Smart Uninstaller:

  1. In MacKeeper, select Smart Uninstaller, and click Start Scan.
  2. Click Applications. Select what you want to uninstall, and click Remove Selected.
  3. Click Remove.
MacKeeper's Smart Uninstall feature can remove all kinds of data from your Mac, including apps that may be hiding malware.
Step 1. Start a scan with MacKeeper's Smart Uninstaller
Once you've done a scan in MacKeeper, you'll be able to see all the apps installed on your Mac. Select what you want to remove and then click Remove Selected.
Step 2. Select an app to remove
Finally, confirm that you want to remove the selected apps to permanently delete them from your Mac. In the case of Trojans, this may be enough to avoid further damage.
Step 3. Confirm removal

3. Reset browser settings

Web browsers are one of the main ways Trojans find their way onto Macs. By resetting your browser, you may be able to prevent pop-ups, unwanted redirects, and other dangerous browser behavior. Here, we’ll show you how to reset Chrome and Safari, by far the two most popular browsers for macOS.

 

Follow these steps to reset Safari:

  1. Select Safari > Settings from the menu bar.
  2. Open the Privacy tab, and click the Manage Website Data button.
  3. Click Remove All, then Remove Now.
  4. Now go to the Advanced tab of Settings and activate Show features for web developers.
  5. In the menu bar, select Develop > Empty Caches.
To reset Safari browser, first thing you need to do is visit the Safari settings. Access is from the Safari menu.
Step 1. Open Safari settings
Once you're in Safari settings, open up the Privacy section, then click the Manage Website Data button next to Website Data.
Step 2. Open Privacy settings
As you visit websites in Safari, they'll store all kinds of information on your Mac. Browse through the results then click the Remove All button.
Step 3. Click Remove All
Next go to the Advanced tap of settings, and select Show features for web developers at the bottom of the window.
Step 4. Enable developer features
With the web developer options enabled, you can now select Develop from the menu bar, then select Empty Caches.
Step 5. Empty Safari caches

In contrast, reset Chrome for Mac like this:

  1. Select Chrome > Settings from the menu bar.
  2. In Reset settings, click Restore settings to their original defaults.
  3. Click Reset Settings.
In Chrome, select Google Chrome from the menu, bar, followed by Settings to open up the browser's settings menu.
Step 1. Open Chrome settings
In Google Chrome settings, go to the Reset Settings tab, then select Reset settings to the original defaults. This will completely reset Chrome.
Step 2. Enter the Reset Settings area
To complete the reset. You just need to click the Reset settings button to confirm that you want to return Google Chrome to its default state.
Step 3. Confirm Chrome reset

4. Remove malicious extensions

When removing Trojans from a Mac, you may need to remove potentially dangerous browser extensions too. These may spy on your online activity, download more malware, or cause many other issues.

 

For Safari, you have to manually delete extensions from the Applications folder:

  1. In Safari’s settings, go to the Extensions tab, select an extension, and click Uninstall.
  2. Click Show in Finder.
  3. Send the extension to your trash, then empty your trash.
To remove extensions from Safari you need to manually delete them just like you would other apps. Start by going to Safari settings.
Step 1. Click Uninstall in Extensions
When you click the uninstall button, Safari will ask you to show the extension in a Finder window. Click Show In Finder.
Step 2. View the extension in Finder
Now you just need to manually delete the extension in the Applications folder, just as you would with any other app.
Step 3. Delete the extension

For other browsers, you can automatically remove extensions using MacKeeper’s Smart Uninstaller:

  1. Open Smart Uninstaller in MacKeeper, and click Start Scan. When it’s done, click Browser Extensions.
  2. Expand the browser lists to see what’s installed. Select any extensions to remove and click Remove Selected.
  3. Click Accept and Uninstall.
In MacKeeper's Smart Uninstaller feature, click Browser Extensions to see extensions from third-party web browsers.
Step 1. Click Browser Extensions in Smart Uninstaller
Browse through the list of installed browser extensions and select what you want to remove. Click the Remove Selected button.
Step 2. Select extensions to remove
Finally, review the results, and click Accept and Uninstall to remove the troublesome browser extensions from your Mac.
Step 3. Confirm removal of extensions

5. Use antivirus software

Whenever you suspect there might be malware on your Mac, you should run a virus scan. Good antivirus software will look inside files to see if they’re hiding anything malicious—making it a great way to get rid of a Trojan virus.

 

Here’s how you can run a virus scan with MacKeeper’s Antivirus:

  1. Start MacKeeper, and select Antivirus. Click Start Scan.
  2. Wait for the scan to finish.
  3. If any malware is found, select it, and click Delete, then Delete again.
The easiest way to remove malware like Trojans from your Mac is to use an antivirus tool like one in MacKeeper. Select it from the MacKeeper menu.
Step 1. Open the Antivirus tool
Have to click Start Scan, wait for MacKeeper to complete the antivirus scan. It will update as it goes along if it finds anything.
Step 2. Wait for the scan to finish
When the scanner is done, select any malware that it's found then click the Delete button. Click the next Delete button to confirm removal.
Step 3. Confirm malware removal

6. Load a Time Machine backup

Trying to work out if your Mac has a Trojan and then trying to remove it manually is likely to be tricky. It might be simpler to just load a Time Machine backup, one that was made before you installed the infected file.  

 

To restore your Mac from a Time Machine backup:  

  1. Click the Time Machine icon in your menu bar. Select Browse Time Machine Backups.
  2. You’ll see a stack of Finder windows, each of which is a different backup.
  3. Select what you want to restore, and click the Restore button.
You can access your Time Machine backups from the menu bar of your Mac. Restoring from a back up will help you if you have a virus.
Step 1. Access Time Machine from the menu bar
Browse through the available Time Machine backups. Find one that was made before you installed the suspected Trojan on your Mac.
Step 2. View the backups
When you find a backup you want to restore, click the Restore button underneath the desired window in Time Machine.
Step 3. Click Restore

7. Factory reset your Mac

This is the nuclear option, but if nothing else gets a Trojan off your Mac, you might be best off simply doing a factory reset. That will return your Mac to all its original settings, wiping everything off it, including all your data, so make sure to back up what you need first. To get started, you’ll need to get into Recovery mode.

 

Here’s how to enter Recovery mode on an M1 Mac:

  1. Turn off your Mac. Now, press and hold the power button until you see Loading startup options.
  2. Click Options > Continue. Enter your admin password if you’re asked for it.
  3. In the Recovery app, select Reinstall for your macOS release, click Continue, then follow the instructions on screen.
Loading startup options window in the Recovery Mode to start the factory reset of your Mac.

Check out our full guide to factory resetting a Mac for more information.  

How to protect Mac against Trojan horses

When it comes to malware, prevention is better than cure. To prevent Trojan horses getting on your Mac or limit the damage they cause if your Mac is infected, follow our checklist:

  • Never open email attachments from people you don’t know.
  • Avoid unsavory websites that are likely to host malware.
  • Never download or install pirated software.
  • Don’t click on pop-up windows unless you know for sure they’re safe.
  • Install all required and recommended system and app updates.
  • Only download apps from trusted sources, like the App Store and official websites.
  • Make sure you have an antivirus tool with real-time protection, such as MacKeeper.
  • Install a firewall to prevent malware from dialing out to steal your data.
  • Don’t ignore warning signs—if your Mac is so slow, it’s painful, think about why.

Choosing the right procedure to remove Trojans

With good security practices and MacKeeper’s Antivirus, removing Trojans from your Mac is easy. You can do a lot of the detection and removal work manually, but it’s a long-winded and complex way to do things. Yes, a lot of Trojans will install files in your Library folders, for example, but they could also be in other places on your Mac—plus you have to know what you’re looking for.

 

If you find a Trojan on your Mac, you should remove suspicious apps, extensions, and so on, if you can. You can do that manually or save time with MacKeeper’s Smart Uninstaller

 

Resetting your Mac will work too, but it’s a drastic option. Before you do that, give MacKeeper’s Antivirus a try and get ready to remove all kinds of malware, including Trojans, in just a few clicks. Check out our viruses list to see other types of malware our tool can deal with.

 

Read more:  

Written By

Ruslana Lishchuk

With over 5 years of supporting Mac users, Ruslana lives and breathes everything Mac. Tech expert, Apple lover, and well, a cutie. Say hi on LinkedIn!

With over 5 years of supporting Mac users, Ruslana lives and breathes everything Mac. Tech expert, Apple lover, and well, a cutie. Say hi on LinkedIn!

Sources
  1. [1] https://securityintelligence.com/news/mac-malware-masquerades-as-trading-app-to-steal-and-upload-users-data/
  2. [2] https://www.enigmasoftware.com/trojanmacosgmera-removal/
  3. [3] https://www.av-test.org/en/statistics/malware/
Use your Mac to the fullest! Sign up and get:
Effective tips on how to fix Mac issues
Reliable advice on how to stay safe online
Mac-world news and updates

Thank you!

You’ll love exploring your Mac with us.

Oops, something went wrong.

Try again or reload a page.

Here’s another sign you need to upgrade your macOS ASAP:

30% off your MacKeeper subscription

Сopy the code now and use it in the MacKeeper checkout after the upgrade.

Copy Code

Please be aware that this code cannot be combined with any other discounts, offers, or promotions.

PC

MacKeeper - your all-in-one solution for more space and maximum security.

Try Now

Contents

bg
Don’t go! Enjoy our Black Friday deal

Add MacKeeper to your shopping list to live the event to the fullest.

Try 1 Week for $1

Download MacKeeper when you're back at your Mac

or

Please enter your email so we can send you a download link

Check your email on your Mac

Install MacKeeper on your Mac computer to rediscover its true power.

arrow

Run Application

step_1

Click Continue

step_2

Click Install

step_1

Your macOS version is lower than OS 10.11. We’d like to offer you MacKeeper 4 to solve the cleaning, privacy, and security issues of your macOS.