Don't use any kind of 'anti-virus' or 'anti-malware' product on a Mac. There is never a need for it, and relying on it for protection makes you more vulnerable to attack, not less.
You installed one or more variants of the 'InstallMac' trojan. Please take the steps below to disable it.
This is about documenting getting Linux running on the late 2016 and mid 2017 MPB's; the focus is mostly on the MacBookPro13,3 and MacBookPro14,3 (15inch models), but I try to make it relevant and provide information for MacBookPro13,1, MacBookPro13,2, MacBookPro14,1, and MacBookPro14,2 (13inch models) too. . See the General information section for Apple Mac OS X installation. Registering additional EntraPass Web or EntraPass Go concurrent licenses. Use one of the following options to complete the first part of registration:. At www.kantech.com log in, click the. Kantech Registration.
The criminal behind this attack tries to make the malware hard to remove by varying the names of the files it installs. This procedure works as of now, as far as I know. It may not work in the future. Anyone finding this comment a few days or more after it was posted should look for a more recent discussion, or start a new one.
Back up all data before continuing.
1. Triple-click the line below on this page to select it, then copy the text to the Clipboard by pressing the key combination command-C:
~/Library/LaunchAgents
In the Finder, select
Go ▹ Go to Folder...
from the menu bar and paste into the box that opens by pressing command-V. You may not see what you pasted because a line break is included. Press return. A folder named 'LaunchAgents' will open.
2. Inside the folder you just opened, there may be files with a name of any of these forms:
something.AppRemoval.plist
something.download.plist
something.ltvbit.plist
something.update.plist
Here something is usually a meaningless string, such as any of the following:
Epolife
InstallMac
Javeview
Kuklorest
Manroling
Proc Skater 2016 Mac Os Downloads
Otwexplain
These are examples, not a complete list. The string could be anything. The point is that the same string will usually appear in the name of three or four files.
Lately, the 'InstallMac' attacker has been scrambling the strings 'AppRemoval,' 'download,' 'ltvbit,' and 'update' in the names of his files. For example, you might see file names such as these, instead of the above:
something.AppVemoral.plist
something.dolnwoad.plist
something.btvlit.plist
something.uadpte.plist
You could have more than one copy of the malware, with different values of something.
Move all such items to the Trash. If there are any other files with a name that begins with something, move those to the Trash also. After you've done that, there may not be anything left in the LaunchAgents folder; in that case, you can delete the folder, but otherwise don't delete it. Other files in the folder are not necessarily malicious (though they could be, if you also installed some other kind of malware.)
Log out or restart the computer. The trojan should now be inactive.
3. This step is optional. Open the following folder as in Step 1:
~/Library/Application Support
and move to the Trash any subfolders with the name something that you found in Step 2.
Don't move the Application Support folder or anything else inside it.
4. Open the Applications folder. If there is an item named something, or 'Zip Devil,' or with any of the other names listed in Step 2, drag it to the Trash.
If in doubt, press the key combination option-command-4 to arrange the apps by date added. Look at the apps that have been added since you first noticed the problem. If there is one you don't recognize, drag it to the Trash.
Empty the Trash.
If you get an alert that the application is in use, force it to quit.
5. From the Safari menu bar, select
Safari ▹ Preferences... ▹ Extensions
Uninstall all extensions you don't know you need. If in doubt, remove all of them. None is required for normal operation. Do the equivalent in the Chrome and Firefox browsers, if you use either of those.
6. Reset the home page in each of your browsers, if it was changed. In Safari, first load the home page you want, then select
Safari ▹ Preferences... ▹ General
and click
Set to Current Page
Feb 20, 2016 7:40 AM
Translations of this page:
The Zotero Word plugins will be installed automatically into Word for most users. If you don't see a Zotero toolbar in Word, you should attempt to reinstall the plugin from the Cite → Word Processors pane of the Zotero preferences. If you receive an error or still don't see the plugin after trying to reinstall from the preferences, you can try the manual installation instructions below.
Note that, if you rely on manual installation, you may run into problems later due to the plugin in Word becoming outdated, so it's better to figure out why automatic installation isn't working (e.g., security software blocking the installation or an incorrect Word Startup folder location) and fix the underlying problem.
Word for Windows
- Open the Zotero installation folder (usually C:Program Files (x86)Zotero).
- In the installation folder, open extensionszoteroWinWordIntegration@zotero.orginstall, where you can find a copy of the Zotero.dotm file.
- If the folder is empty, the file was somehow deleted — possibly by security software — and you should reinstall Zotero.
- If the folder is empty immediately after reinstalling Zotero, you can download Zotero.dotm, but your security software may delete the downloaded file as well, and you'll need to configure it not to do so.
- If you see two “Zotero” files without file extensions, your computer is set not to display file extensions, and you can determine which one is Zotero.dotm by right-clicking on each file and selecting Properties. One will say “Microsoft Word 97-2003 Template (.dot)” and one will say “Microsoft Word Template (.dotm)”.
- Find your Word startup folder and copy the path to the clipboard:
- In the Word ribbon, click the File tab, click Options, and then click Advanced.
- Under General, click File Locations. The current Startup folder should be listed.
- In most cases, the Startup folder path should be the default location of
C:Users::username::AppDataRoamingMicrosoftWordSTARTUP(orStartup), where::username::is your computer username. The path should not include “Zotero” in any way, and if it does you previously configured it incorrectly. If that's the case, you should reset the path to the default location.
- Select the Startup folder path and click Modify, click in the whitespace to the right of the path in the location bar at the top of the window, copy the complete path to the clipboard with Ctrl-C, and then click Cancel to close the dialog without making changes.
- Open a new File Explorer window and paste the Startup folder path into the address bar. You should now have two folders open: the “install” folder containing Zotero.dotm and the Word startup folder.
- Copy the Zotero.dotm file from “install” to your Word Startup folder. (Be sure to copy the file rather than moving it. If dragging, hold down Ctrl.)
Word for Mac 2016 and 2019
- In Finder, press Cmd-Shift-G and navigate to
where you can find a copy of the Zotero.dotm file. If the folder is empty, the file was somehow deleted — possibly by security software — and you should reinstall Zotero.
- Find your Word startup folder by following the instructions below. You should now have two folders open: the Word startup folder and the “install” folder containing Zotero.dotm.
- Copy the Zotero.dotm file to your Word Startup folder. (Be sure to copy the file rather than moving it.)
- Start (or restart) Microsoft Word to begin using the plugin.
Word for Mac 2011
- Download Zotero.dot.zip and double-click it to extract the Zotero.dot file. (Note: The file must be extracted in Finder, not via the command line.)
- Find your Word startup folder by following the instructions below.
- Move the Zotero.dot file to your Word Startup folder.
- If you have a non-English version of Office, you may need to move the Zotero.dot file into the “Word” directory within the equivalent of “Startup” in your language. The correct path should be listed in Tools → Templates and Add-ins in Word.
- If you're using a non-admin macOS user account, you will need to install the Word plugin from an administrative account or grant write access for the startup directory to the non-admin account to allow it to install Zotero.dot.
- Start (or restart) Microsoft Word to begin using the plugin.
LibreOffice
- Mac: In Finder, press Cmd-Shift-G and paste in
- Linux: Go to the directory where Zotero is installed and open
- Double-click the Zotero_OpenOffice_Integration.oxt file to install it.
If you get an error, there's a problem with your LibreOffice installation, and you should follow the troubleshooting steps.
Locating your Word Startup folder
Note: On non-English systems or in certain custom setups, these locations may be different.
Word 2007 or later for Windows
The default location of the Startup folder is C:Users::username::AppDataRoamingMicrosoftWordStartup, where ::username:: is your computer username. The AppData folder may be hidden on your system, but you can get there by opening the Windows File Explorer, typing %AppData% in the address bar, and pressing Enter, which will take you into the Roaming directory. From there you can navigate to MicrosoftWordStartup.
If changes you make to the Startup folder aren't taking effect, you can confirm that Word isn't set to a different location. In the Word ribbon, click the File tab, click Options, and click Advanced. Under General, click File Locations. The Startup folder should be listed there. Select it and click Modify. In the window that opens, click the whitespace to the right of the path in the location bar at the top and copy the complete path to the clipboard by pressing Ctrl-C. Click Cancel to close the dialog without making changes. You can then open a new File Explorer dialog and paste the path into the address bar to open the Startup folder.
Proc Skater 2016 Mac Os Download
Note that the path should not include “Zotero” in any way, and if it does you previously configured it incorrectly. If that's the case, you should reset the path to the default location.
Word 2016 and 2019 for Mac
The default location of the Startup folder is ~/Library/Group Containers/UBF8T346G9.Office/User Content/Startup/Word. (~/Library refers to the Library folder within your home directory.) You can open it from the Finder by pressing Cmd-Shift-G and copying in the path. Alternatively, to navigate to it in Finder, hold down Option, click the Go menu, and select Library (which is hidden by default), and then follow the rest of the path.
If changes you make to the Startup folder aren't taking effect, you can confirm that Word isn't set to a different location. In Word, open the “Word” menu in the top-left of the screen and select “Preferences”. Click on “File Locations” under “Personal Settings” and click on “Startup” at the bottom of the list.
Generally, no location should be listed, causing Word to use the default location. If another location is listed (e.g., /Applications/Microsoft Office 2011/Office/Startup/Word, from an earlier version of Word), clearing the setting and letting Word use the default location may fix installation problems and allow Zotero to install the plugin automatically going forward.
Note that the path should not include “Zotero” in any way, and if it does you previously configured it incorrectly. If that's the case, you should reset the path so that it is blank and the default location is used.
Word 2011 for Mac
The default location of the startup folder is /Applications/Microsoft Office 2011/Office/Startup/Word. You can open it from the Finder by pressing Cmd-Shift-G and copying in the path or by navigating to it.
Proc Skater 2016 Mac Os Catalina
If changes you make to the startup folder aren't taking effect, you can confirm that Word isn't set to a different location. In Word, open the “Word” menu in the top-left of the screen and select “Preferences”. Click on “File Locations” under “Personal Settings” and click on “Startup” at the bottom of the list.