Removing (and Identifying) Trojan/Malware


macrumors 603
Original poster
Feb 6, 2006
I made the mistake of authorizing an installation this morning on my 10.14.2 2017 MBP. I had thought it was for a Wine-based backgammon program (from a source I trust) but there was a security notice about a program called Ward***-*** AG (*** represent parts of the name I don't remember) or something like that. Anyway, I Googled it and it was something about a driver for a security key, which I figured was for my homeopathy program, which uses a USB-HASP. What's really curious is that I can't find the search in my history now.

Anuway, I gave approval to install and it said system had to be rebooted, which is making me think that it wrote to the kernel. During the reboot, I shut down the machine, and when it booted, it didn't appear to be making any alteration but just went into its normal bootup screen.

In console, how can I filter out the noise to see what was installed? I'm a newb to Console. Or is there another way? An easy way in Terminal? Please if you have an answer, be quite specific.

Second, I am running a backup now under Time Machine and I am downloading a full version of Mojave 10.14.3 (as opposed to the .2 version currently on my machine). If I instally Mojave as a clean install, should I then run a time-machine restore? Or will that bring back any malware/trojan that I may have allowed past the gate? Hopefully 10.14.3 wouldn't take updates from a system that is .2? I could also copy my Home folder and copy all that back. I know I'd have to reinstall apps, but that isn't a big deal.

Anybody able to help with any of these issues? If so, much appreciated.
Last edited:
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.