VersionTrust Mac virus (Free Guide)

VersionTrust Mac virus Removal Guide

What is VersionTrust Mac virus?

VersionTrust – a malicious application that can harm your Mac and compromise your safety


VersionTrust is a type of Mac malware that often gets installed inadvertently, typically when users are deceived into downloading a fraudulent Flash Player update or illicit software from untrustworthy websites. Those impacted by this malware are bombarded with malicious ads, redirects, and other disruptive content while surfing the web. Due to the numerous malicious files it deploys upon infiltration, removing VersionTrust can be quite challenging.

The initial sign of an infection is usually noticeable changes in the browser's behavior – be it Safari, Chrome, or Firefox. The VersionTrust extension may alter the homepage and new tab settings, preventing users from reverting to their preferred configurations. It might also replace the default search engine and result in an influx of issues like third-party data tracking and an increase in annoying advertisements.

Moreover, this malware has the capability to monitor users' personal data and can install additional malicious components without the user’s consent. VersionTrust belongs to the Adload family of malware, specifically designed for Macs and closely related to other significant threats such as the Shlayer Trojan.

Name VersionTrust
Type Mac virus, adware, browser hijacker
Malware family Adload
Distribution Third-party websites distributing pirated software, software bundles, fake Flash Player updates
Symptoms Installs a new extension and application on the system; changes homepage and new tab of the browser; inserts ads and malicious links; tracks sensitive user data via extension
Removal You can employ powerful security software to check your system for infections – SpyHunter 5Combo Cleaner is one of the suggestions. The manual PUA uninstall guide is also available below
Security tips It is important to clean your browsers after removing potentially unwanted programs from your system – use FortectIntego to do it automatically

More about the Adload family

For a long time, Mac users have enjoyed a reputation for being less vulnerable to malware compared to other operating systems. However, as Macs have become more popular, they have increasingly become targets for cybercriminals. While Macs typically face fewer threats from severe malware types like ransomware or rootkits, they are not spared from adware, which tends to be particularly aggressive on Mac systems compared to Windows.

VersionTrust, part of the Adload malware family, is a prime example of this aggressive adware. It is identifiable by its unique icon that features a magnifying glass on backgrounds that are often blue, teal, green, or gray. This malware makes its presence known quickly by altering browser settings in several ways, including changing the homepage to risky websites, redirecting web traffic, modifying default search engines, and bombarding users with intrusive ads.

Historically, although considered less harmful than other malware forms, adware like VersionTrust can still disrupt user experience significantly and prove difficult to remove. With the growing popularity of Macs, the risk of such adware infections continues to rise.

It is crucial for Mac users to remain alert and adopt preventive measures to safeguard their systems. This can involve installing trusted antivirus software, steering clear of dubious downloads, and regularly updating their operating systems and apps to fortify security against such threats.

VersionTrust virus

How to remove the VersionTrust virus effectively?

VersionTrust consists of two main components that support its malicious activities: a browser extension and a system-level application. Both elements need to be thoroughly removed from your device to completely eliminate the malware and prevent its return.

Installation consent by the user often results in the application receiving elevated system permissions. Once installed, it utilizes AppleScript to deploy malicious files, establish new profiles and login items, and skillfully avoids detection by Mac's built-in protection mechanisms.

Given the significant damage this malware can inflict on your system, we advise using security software like SpyHunter 5Combo Cleaner or Malwarebytes for automatic removal. This ensures that no remnants of the malware remain on your device, preventing a resurgence of the malware or its variants. However, we also offer a manual removal guide below, but remember, whether you opt for automatic or manual removal, resetting or thoroughly cleaning your browsers is essential.

Before attempting any removal, it's crucial to terminate all suspicious background processes that could impede the eradication of the malware:

Uninstall the main components of the virus

To carry out its harmful activities, Adload constantly operates background processes that start up as soon as the system boots. To avoid complications during removal, it's important to identify and shut down these processes:

  • Open Applications folder
  • Select Utilities
  • Double-click Activity Monitor
  • Here, look for suspicious processes and use the Force Quit command to shut them down
  • Go back to the Applications folder
  • Find the malicious entry and place it in Trash.Uninstall from Mac 1

When malware infiltrates a system, it often creates new User profiles and Login items to maintain its presence. This could explain why you're having trouble removing the app or extension.

  • Go to Preferences and select Accounts
  • Click Login items and delete everything suspicious
  • Next, pick System Preferences > Users & Groups
  • Find Profiles and remove unwanted profiles from the list.

Next, you should take care of the previously-mentioned Plist files and login items.

  • Select Go > Go to Folder.
  • Enter /Library/Application Support and click Go or press Enter.
  • In the Application Support folder, look for any dubious entries and then delete them.
  • Now enter /Library/LaunchAgents and /Library/LaunchDaemons folders the same way and delete all the related .plist files.Uninstall from Mac 2

Clean your browser

Once the VersionTrust malware is installed on a system, it automatically adds a browser extension to Safari or any other browser in use. This extension alters the homepage and new tab settings, directing users to unwanted sponsored links and advertisements.

To regain control of your browser and restore its original functionality, you need to remove the extension identified by a magnifying glass icon. However, the effectiveness of this removal can vary based on the malware's persistence tactics. If you find that removing the extension alone isn't successful, proceed to the additional steps outlined in the next section.

  • Click Safari > Preferences…
  • In the new window, pick Extensions.
  • Select the unwanted extension and select Uninstall.Remove extensions from Safari

If you were unable to uninstall the extension in a regular way, you can reset Safari instead. It is easy to do:

  • Click Safari > Preferences…
  • Go to the Advanced tab.
  • Tick the Show Develop menu in the menu bar.
  • From the menu bar, click Develop, and then select Empty Caches.Reset Safari

Your final step involves clearing the browser caches in Safari. If you're using the FortectIntego maintenance utility, you don’t need to do this manually. This tool can efficiently remove various junk files and trackers quickly and easily.

  • Click Safari > Clear History…
  • From the drop-down menu under Clear, pick all history.
  • Confirm with Clear History.Clear cookies and website data from Safari

If you are using Google Chrome or Mozilla Firefox as your browser, please follow the instructions provided below.

do it now!
Fortect Happiness
Intego Happiness
Compatible with Microsoft Windows Compatible with macOS
What to do if failed?
If you failed to fix virus damage using Fortect Intego, submit a question to our support team and provide as much details as possible.
Fortect Intego has a free limited scanner. Fortect Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Fortect, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

Getting rid of VersionTrust Mac virus. Follow these steps


Remove from Google Chrome

Delete malicious extensions from Google Chrome:

  1. Open Google Chrome, click on the Menu (three vertical dots at the top-right corner) and select More tools > Extensions.
  2. In the newly opened window, you will see all the installed extensions. Uninstall all the suspicious plugins that might be related to the unwanted program by clicking Remove. Remove extensions from Chrome

Clear cache and web data from Chrome:

  1. Click on Menu and pick Settings.
  2. Under Privacy and security, select Clear browsing data.
  3. Select Browsing history, Cookies and other site data, as well as Cached images and files.
  4. Click Clear data. Clear cache and web data from Chrome

Change your homepage:

  1. Click menu and choose Settings.
  2. Look for a suspicious site in the On startup section.
  3. Click on Open a specific or set of pages and click on three dots to find the Remove option.

Reset Google Chrome:

If the previous methods did not help you, reset Google Chrome to eliminate all the unwanted components:

  1. Click on Menu and select Settings.
  2. In the Settings, scroll down and click Advanced.
  3. Scroll down and locate Reset and clean up section.
  4. Now click Restore settings to their original defaults.
  5. Confirm with Reset settings. Reset Chrome 2

Remove from Mozilla Firefox (FF)

Remove dangerous extensions:

  1. Open Mozilla Firefox browser and click on the Menu (three horizontal lines at the top-right of the window).
  2. Select Add-ons.
  3. In here, select unwanted plugin and click Remove. Remove extensions from Firefox

Reset the homepage:

  1. Click three horizontal lines at the top right corner to open the menu.
  2. Choose Options.
  3. Under Home options, enter your preferred site that will open every time you newly open the Mozilla Firefox.

Clear cookies and site data:

  1. Click Menu and pick Settings.
  2. Go to Privacy & Security section.
  3. Scroll down to locate Cookies and Site Data.
  4. Click on Clear Data…
  5. Select Cookies and Site Data, as well as Cached Web Content and press Clear. Clear cookies and site data from Firefox

Reset Mozilla Firefox

If clearing the browser as explained above did not help, reset Mozilla Firefox:

  1. Open Mozilla Firefox browser and click the Menu.
  2. Go to Help and then choose Troubleshooting Information. Reset Firefox 1
  3. Under Give Firefox a tune up section, click on Refresh Firefox…
  4. Once the pop-up shows up, confirm the action by pressing on Refresh Firefox. Reset Firefox 2

How to prevent from getting mac viruses

Stream videos without limitations, no matter where you are

There are multiple parties that could find out almost anything about you by checking your online activity. While this is highly unlikely, advertisers and tech companies are constantly tracking you online. The first step to privacy should be a secure browser that focuses on tracker reduction to a minimum.

Even if you employ a secure browser, you will not be able to access websites that are restricted due to local government laws or other reasons. In other words, you may not be able to stream Disney+ or US-based Netflix in some countries. To bypass these restrictions, you can employ a powerful Private Internet Access VPN, which provides dedicated servers for torrenting and streaming, not slowing you down in the process.

Data backups are important – recover your lost files

Ransomware is one of the biggest threats to personal data. Once it is executed on a machine, it launches a sophisticated encryption algorithm that locks all your files, although it does not destroy them. The most common misconception is that anti-malware software can return files to their previous states. This is not true, however, and data remains locked after the malicious payload is deleted.

While regular data backups are the only secure method to recover your files after a ransomware attack, tools such as Data Recovery Pro can also be effective and restore at least some of your lost data.

About the author
Julie Splinters
Julie Splinters - Anti-malware specialist

If this free guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Julie Splinters
About the company Esolutions