What is MAC.OSX.Lamzev
MAC.OSX.Lamzev is a nasty virus from the Trojan Horse category. It is capable of severely damaging the infected macOS, as well as stealing private files and other data. The longer it remains undetected on your computer, the worse its effect will be. That’s why it’s incredibly important to be able to recognize the symptoms of a Trojan infection. In this article we will explain how the virus works, how it spreads and how to remove it manually.
How it is distributed
It is important to mention that the MAC.OSX.Lamzev Trojan does not hack its way onto the system because it is not as advanced. The only way for it to gain access to your Mac is if you allow it. That being said, here are the most common MAC.OSX.Lamzev distribution methods: fake update messages, freeware, software bundles, email attachments, torrent files, infected ads and pop-ups, etc. Often, the user will see a random pop-up on their screen that prompts them to install an ‘important’ update (i.e. Flash player). What actually happens when they complete the questionable update is that they unknowingly infect their computer with malicious software. That’s why you should always get your software updates straight from the developer’s official page, instead of blindly trusting a random pop-up.
How it operates
Trojan horses invade stealthily, and at first, they are incredibly difficult to detect. But, as time goes by, some prominent symptoms appear, which give away the virus’s presence. Such symptoms include but are not limited to overheating, lagging, slow internet speed, corrupted/deleted files and processes, unresponsive apps, abnormal amount of browser ads, the appearance of other shady software that you have no memory of ever installing (most commonly add-ons, toolbars and extensions), etc. One of the worst abilities of the Trojan horse is the online and physical monitoring of its victims. Through the virus, cyber criminals can spy on you via your web cam and microphone, as well as see what pages you’re visiting. But that’s not all! Valuable data like passwords, IP addresses, credit card numbers, bank account credentials, and even files in general may get obtained by the creators of the MAC.OSX.Lamzev virus. It is very important to act as soon as possible, and remove this threat from your Mac! The longer it stays on the system, the worse the damages will get!
Staying safe from MAC.OSX.Lamzev Trojan horse
Apart from having a reliable AV software installed on your Mac, there are other things you can do to ensure your device’s safety. We highly recommend you to:
- Pay close attention when you install third-party software, especially torrent files, so you don’t install shady additional applications that you don’t want. In most cases, that’s how malicious parasites are able to infect your computer;
- Read any Terms and Conditions you see, so you know exactly what you agree to. The last thing you want is to unknowingly give permission to a nasty virus to infiltrate your Mac;
- Follow links that lead to trustworthy sites only;
- It is best to visit only reliable and official websites. You never know what dangers might lurk behind an unfamiliar site;
- No matter how attractive an ad is, if you are not familiar with the website it redirects to, it might be best to steer clear of it and not click;
- Always check the sender’s email address before opening a message. If it states that it’s from an official company, compare the email with the one given in their official page. If there is no match, delete the message, since it most likely is fake and has malicious aims;
- Don’t open email attachments from unknown senders. More often than not, such files carry infections that can seriously damage your computer.
How to manually remove MAC.OSX.Lamzev Trojan horse from Mac
If you’ve had the misfortune of getting your Mac infected with the MAC.OSX.Lamzev Trojan Horse, the instructions below can help you to remove it manually. Here’s what you need to do:
1. First, start by finding all registry entries added by MAC.OSX.Lamzev and deleting them. You do this by holding down the Option key while looking at the Go menu in Finder to access the ~/Library folder. Find all related entries and delete them one by one.
2. Go to Utilities. You can do that by using the ⇧+⌘+U key combination, or by going to Finder and choosing Utilities from the Go main menu at the top.
3. Find Activity Monitor and double-click it.
4. A list will be displayed. Find any processes that seem suspicious to you and use the ‘Force Quit‘ option to quit them completely.
5. Open Finder. Click on the Go button from the main menu at the top, and choose Applications. An alternative way is to use the ⇧+⌘+A key combination.
6. Look for any suspicious applications, especially ones with a name similar to MAC.OSX.Lamzev. If any are found, right-click on them and select the ‘Move to Trash‘ option.
7. Remove any related left-over files by going to Finder‘s search bar and typing the name of the app you want to remove. Make sure to modify the two drop down menus above to ‘System Files‘ and ‘Are Included‘, so that any hidden files are visible for you to remove. Once you find the files you want to remove, simply drag them to Trash.
8. All that’s left for you to do is remove any related extensions to MAC.OSX.Lamzev from your Mac browsers.
For Mozilla Firefox extensions:
- Open the Firefox browser and from the ‘burger’ menu in the top right corner of the window select ‘Add-ons’.
- Select any suspicious extensions that may be related to the virus and click ‘Remove’.
For Google Chrome extensions:
- Open the Chrome browser and select Tools > Extensions from the menu (the three dots in the top right corner of the browser window).
- Locate any suspicious extensions that may be related to the virus and remove them.
For Safari extensions:
- Open the Safari browser. From the Safari menu choose Preferences. Select Extensions from the options at the top.
- Find any extensions you think are related to the virus, select them and click ‘Uninstall’. A new window will show up asking for confirmation. Click Uninstall again, for the extension to get deleted permanently from your browser.