How to Remove a Trojan Virus

Removing a Trojan virus is easier than you think

Image of a security lock over abstract shapes

 Pete Linforth\Pixabay

If you need to know how to remove a Trojan virus from your computer or smartphone, it's important to learn what a Trojan virus is and how it infects a system.

The Trojan virus removal process requires understanding of what a Trojan virus is, how Trojan viruses affect your computer, and which specific Trojan virus you've been infected with.

What Is a Trojan Virus?

If your computer is running more slowly or pop-up windows are appearing with weird DLL (or .dll) errors, the chances are you may be infected with a Trojan virus.

This kind of malware infection requires an action on the part of the user to get infected. Usually this involves downloading free software off the internet, or downloading an attachment from an email and running the file.

The name Trojan comes from the Greek story about a giant wooden horse that the Greeks built to get inside the city of Troy and win the war.

Image of the original trojan horse
 Dimitris Vetsikas\Pixabay

As the story goes, the Greeks filled the wooden horse with soldiers, and then left the horse at the gates of Troy as a gift. Once inside the gates, the soldiers waited until nightfall to exit the horse and attack the city.

Likewise, a Trojan virus is usually attached to software that you may want to download and run on your computer. Trojan viruses can come attached to Windows utilities, free games, and many other types of software.

Am I Infected With a Trojan Virus?

Before you can start your Trojan virus removal, you need to determine if that's the kind of virus your computer is infected with.

  1. You recently installed new software. If you recently installed new software on your computer before the strange behavior started, the odds are good the issue is a Trojan virus.

    1. Select the Start button, type Control Panel, and open the Control Panel app.
    2. Select Programs and Features.
    3. Select the Installed On column to sort programs by the date they were installed.
    Screenshot of Programs and Features
  2. Look for very recently installed applications that you either don't recognize, or that you remember downloading for free from the internet and may be suspect. Select that program and then select the Uninstall button at the top of the list to uninstall that application.

    Screenshot of uninstalling new software in Windows

    Uninstalling the Trojan "carrier" program may not completely uninstall the Trojan virus from your computer, but it's a good start. It'll also ensure that the Trojan doesn't get reinstalled once you remove it.

  3. Check the Registry. Sometimes a Trojan virus will install silently and may not show up in the list of installed programs. You may be able to locate it in the registry. Select the Start menu, type run and select the Run app. In the Run window, type regedit and select OK.

    Screenshot of opening the registry in windows
  4. Navigate through the registry tree to find HKEY_LOCAL_MACHINE\SOFTWARE\. Scroll down the list of applications and look for any unusual software names. Delete the registry entry for that application. Use Google to research any programs you suspect may be a Trojan virus.

    Screenshot of software in the registry
  5. Often, Google results for specific Trojan viruses include websites that provide utilities for removing those viruses. This is especially useful for very new Trojan viruses that the major antivirus providers haven't pushed out a patch for yet. For example, Symantec provides a free removal tool for the Trojan.Kotver virus.

Make sure only to download trojan removal utilities from well known companies like Microsoft, Symantec, or McAfee. Never install utilities from free software download sites, as many of those actually contain additional Trojan viruses!

The Trojan Virus Removal Process

Even if you've uninstalled the carrier program and removed the registry key, there are likely still Trojan virus files throughout your system. Some of those might have even replaced some of your core system files.

Both Microsoft and Antivirus providers frequently update their definitions library with the latest Trojans. The fastest way to remove a Trojan you've just been infected by is to run a full system scan with those.

  1. If you only use Windows Defender for your antivirus, run a full scan using it.

    1. Select the Start menu, type Windows Security, and select the Windows Security app.
    2. Select Virus & threat protection from the left navigation pane. Under Current threats, select Scan options.
    3. Select Full scan, and then select the Scan now button.
  2. If you have any other antivirus software already installed on your computer, Windows Defender scan won't be enabled. Open your antivirus software and make sure the virus definitions are up to date. You can usually find this under Settings.

    Screenshot of updated antivirus virus definitions
  3. If you have any other antivirus software already installed on your computer, Windows Defender scan won't be enabled. Instead you need to open your security software and select Scan Computer.

    Screenshot of running a full antivirus system scan
  4. If you have a Trojan infection, most major antivirus applications should be able to identify it and completely clean your system. The software will alert you to what the name of the Trojan virus is, and what actions were taken to remove it from your system.

Full System Restore May Be Needed

If the antivirus removal failed, or it didn't find a Trojan virus and you believe you're still infected, a system restore can fix the problem.

  1. Select Start and type Recovery. Select Recovery. In the Recovery window, select Open system Restore.

    Screenshot of windows system recovery

    Before performing a system recovery, make sure the back up all of your important files to an offline storage location like an external hard drive.

  2. This will open the system recovery wizard. Select Next to start the process. On the screen displaying system restore points, select Show more restore points. Select the restore point with a date that's older than when you first installed the application that had the Trojan virus and then select Next.

    Screenshot of system restore points
  3. On the confirmation screen, make sure the correct system hard drive is displayed in the Drives list. Select Finish to complete the restore.

    Screenshot of completing a Windows system restore
  4. Once your system is restored back to the restore point before you installed the software with the Trojan virus, your system will be completely clean of the virus.

Trojan Virus Remover for Android

If you're running a Mac or using an iPhone, the odds are good that you'll never have to deal with a Trojan virus, thanks to the security measures that Apple has in place.

However it is possible to get a Trojan virus on your Android. There are a lot of great antivirus apps for Android that work well for removing Trojan viruses from your smartphone.

These include:

Running a full system scan with any of these mobile applications should identify the Trojan virus on your device and remove it.

Screenshot of running an android antivirus scan

If these antivirus apps fail to remove the Trojan from your Android, you may need to wipe and reset your Android phone as a last resort.