You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

General Question about Undetected Malware and Trojan Horses

I'm curious about malware and Trojan Horses that can remain undetected. Are they installed in the System, User Folder or both.


Between scam emails, downloaded apps, files, kids using the machine over the years on my Late 2009 iMac(Sierra), I was wondering if it would be worth wiping the drive clean. Wiping the drive clean would also probably improve performance after 13 years of upgrades. The 2009 iMac is not my main machine so nothing here is necessarily mission critical.


So to be sure the new install is completely clean, how would the old User Folder be treated. Is it best to have both a new System and User Folder.





Posted on Mar 31, 2022 6:19 AM

Reply
9 replies

Mar 31, 2022 6:14 PM in response to BDAqua

Just took a quick look at spam cop. Looks interesting, I'll check it more. Forgive me, but one minor neither here nor there correction, it's spamcop.net.


I use to send spam to reportphishing@apple.com, but I get very little spam via my Apple account.


So yes, it's good Malwarebytes says my system is clean. When reading about how to monitor suspicious activity on a Mac, Applications/Utilities/Activity Monitor always comes up in reference to checking the CPU%.. If there was scrip, app, etc, that made its way to Activity Monitor, is that something that would be caught with an App like Malewarebytes.

Mar 31, 2022 7:54 PM in response to Joe Gramm

Indeed, it is spamcop.net :O Thanks. :)


It's tough to tell what is what in Activity Monitor these days.


And the answer to whether it'd be caught, mostly but hackers are getting smarter every day.


Another thing I use is BlockBlock...


Objective-See


Apple does a pretty good job on this themselves, but I like having more control... this app catches thing trying to install hidden.

Apr 6, 2022 3:17 PM in response to Joe Gramm

I have the same file in v5.18., doubt seriously its any problem...


# !!!!!!! DO NOT EDIT THIS FILE !!!!!!!

# This file is machine-generated by lib/unicore/mktables from the Unicode

# database, Version 6.2.0. Any changes made here will be lost!


# !!!!!!! INTERNAL PERL USE ONLY !!!!!!!

# This file is for internal use by core Perl only. The format and even the

# name or existence of this file are subject to change without notice. Don't

# use it directly.



return <<'END';

E000 F8FF

END


/System/Library/Perl/5.18/unicore/lib/Blk/PUA.pl

Apr 6, 2022 3:42 PM in response to BDAqua

I was hoping you'd say you have the same file. Thank you for that. I have the file on two Macs, one running Sierra, the other Monterey.


The Mac running Sierra (2009 iMac) inherited many years of upgrades from previous Macs. The Mac running Monterey inherited many years of upgrades from the 2009 iMac. I'm not kidding when I say my late 2017 iMac has inherited every upgrade from the very first OS X version.


It reminds me of the days on the Apple Discussion Boards about clean install vs upgrade. I think going forward I will consider a clean install on any new Mac. The problem would be though, I would still want my old User Account. So nothing is perfect.

General Question about Undetected Malware and Trojan Horses

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.