Best Way To Migrate To A New Mac?

[Peakoverload]

So I'm about to replace my iMac with a new one. In the past whenever I've replaced earlier iMacs I've just used the Migration Assistant and let it handle everything. The thing is I'm not sure this is the best option now.

Over the years I have installed and uninstalled a LOT of apps as as such my Documents folder, User Library etc is littered with folders relating to software that I no longer use. I also believe that there is some hijack script running on this mac. I used to use Firefox as my browser but found that it was causing lots of problems on this Mac, really long load times, freezes with multiple Tabs and VERY high RAM use. Because of this I switched over to Chrome but I notice that even though I've set it to use Google for searching and not Bing, that every 3rd time or so that I click on a link on Google, it opens up a new tab either taking me to Bing or to a site selling something related to my search term. I've run countless antivirus scans and used Malware Bytes but nothing detects any virus. I've also tried everything about Bing hijacking and nothing makes a blind bit of difference. I'm also not happy with the general performance of the Mac, many of the most basic functions that should be almost instant can take many minutes. Some of this may well be down to the spec of the machine but I can't rule out something else.

What I don't want to do is to essentially copy all the 'fault's from my current Mac onto my new one. Equally the thought of manually having to not only re-install everything but set all my preferences, configurations, licenses, accounts and re-install all my added fonts etc pretty much fills me with dread.

I'm in the process now of trying to clear out my existing Mac of anything I don't need anymore but what would be the best way to set-up the new Mac and get my Apps, data, and settings etc onto it?

 

[Slydude]

1. I'd start by removing whatever antivirus program you're running --especially if you are running more than one of them. Get rid of all of them for the time being. Whatever is causing your web browser to go to Bing periodically the antivirus program hasn't found it so it's useless.
2. Download and run EtreCheck. It should help you identify orphaned files that can be removed. It will also give you some ideas about where the slowdowns are occurring.
3. Clear the browser cache in your web browser and go into its preferences and make sure your home page hasn't been set to something you don't want.
4. Clearing out the Documents folder of unused stuff isn't a bad idea but it's probably low on the list.

How much free space is available on that hard drive?

 

[krs]

In addition to what Slydude posted, if you are concerned about possible malware on your current iMac, run Detect X Swift and Virus Barrier to see if they find anything.
Those two are generally recommended by members here.

Once you clean up your current Mac, I think Migration Assistant is still the best way to transfer your data to the new Mac unless you take the time and effort to do it all manually.

 

[Slydude]

I was just about to edit my post and suggest Detect X Swift when I saw your post. Thanks.

 

[MacInWin]

nothing detects any virus

That's because there are no viruses for the Mac.

As for the best way to sort out your issues, if you are willing to go through the hassle, use Migration Assistant to move ONLY your data files (documents, pictures, etc) and then reinstall all of the software you want from scratch. That process is time-consuming and a PITA, but you should end up with a "clean" machine. The one exception may be Photos, or iPhoto, if you have used it. You can go ahead and migrate the library, but you will then need to point Photos to that database otherwise it will create a new one for you. And Microsoft /Adobe products will require re-registration, at a minimum. Without know what else you have installed, there may be some adventures in getting them reinstalled, but that's how you get to that clean machine.

 

[Lifeisabeach]

That's because there are no viruses for the Mac.

No, but there are plenty of other kinds of malware out there, and you know that full well. Most people use the term "virus" indiscriminately and you know that full well also. Simply telling people "there are no viruses" doesn't help anyone. You are just being pedantic.

 

[chscag]

Definition of a computer virus:

A computer virus is a type of computer program that, when executed, replicates itself by modifying other computer programs and inserting its own code. When this replication succeeds, the affected areas are then said to be "infected" with a computer virus.

Definition of computer malware:

The term malware refers to software that damages devices, steals data, and causes chaos. There are many types of malware — viruses, Trojans, spyware, ransomware, and more.

As you can see there is an overlapping definition. One of the problems that we run into when trying to advise folks who are running AV programs that are not needed is explaining the difference between a computer virus and computer malware.

 

[krs]

Trouble is that most computer users, and even tech companies that should know better, use the term "Virus" and "Malware" interchangeably.
This seems to be a nice recent summary of Mac malware for anyone interested.

All the Mac malware we know about

Wondering how many viruses exist for the Mac? Here is a list recent Mac malware attacks, viruses for Apple computers, and security threats that Mac users have suffered

www.macworld.co.uk

 

[MacInWin]

Oh, they know the difference. But "malware" doesn't have the scare-factor of "virus," particularly for new Mac owners coming from the Windows world. So they fuzz up the language in the ads to be able to use the term "virus" when they know **** well there aren't any. The way the better A/V works in Windows is that the vectors by which a virus can possibly attack the system are mostly known, so the A/V software can look for anything doing anything in that vector, even if it's not already stored in the database of identified viruses. The zero-day exploits, where the attack vector is not known before the first virus uses it are the ones that do the most damage, but the Windows A/V guys are pretty good a shutting the door, once they know where it is.

But for the *nix version that became macOS, there aren't any known vectors for the A/V software to monitor. Even though the first "virus," the Morrise worm, was a Unix virus, the Unix system was inherently designed to be more secure from the very beginning. The victims of Morris were sloppy and left holes open. As I said, we didn't get affected because we had closed all the holes. This was at a major university and we were in the Administrative section, so we had lots of practice at security as the computer science majors in the Engineering school tested us every day, some for fun, some to try to change grades we stored. My sysadmin had worked on the security functions of Unix for AT&T, so he knew the innards of Unix like the back of his hand. Those poor students never stood a chance. But the Engineering school's own Unix boxes all got hit by the worm, every one of them! The sysadmins from the E-school came by to get our patches to close up the holes. Heh! That was a GOOD day!

Exploits of previously unknown weaknesses are called "zero day" exploits because there are zero days advance notice. Given that a zero-day exploit is going to be in some place that nobody knows is there, the A/V software can't watch for what it doesn't know about. In the meantime, the security functions in macOS are made stronger and stronger with every release. The most recent threats to macOS have been through hardware/firmware exploits, not through the OS itself. And Apple has responded well to block the weaknesses in the Intel hardware. I think those weaknesses may have be one of the factors in the push for Apple Silicon. Not the major one, but I bet it's on a briefing slide somewhere in the deck.

As for Apple Silicon, you can bet it will be heavily attacked as soon as the black hats can get their hands on one. But I suspect Apple has already been attacking that silicon pretty heavily internally, just to see what can be done. The ability of some intel companies to hack into an iDevice has certainly set off alarms in Cupertino. The war never ends.

As for how malware gets on a Mac, that is user self-inflicted. When naive users download "free" stuff from dodgy aggregators they can get burned pretty badly. To install what they want, the user has to give permission via an admin password, the bad guys piggy-back on that authority and install what THEY want and then what the user wanted, all under that same authority. That trick is why you should never download and install software from anywhere but the Mac App Store and maybe a trusted developer website. But places like Softonic, Download.com, macupdate.com, etc, have all been purveyors of malware at one time or another, some intentional, some not. So to be safe, stick with the Mac App Store. It's not perfect, but at least they do inspect the installation process before they put it up.

If you want to read a bit more about the battle between security and bad guys, here is a good article on the most recent malware for Macs, called Shlayer: https://eclecticlight.co/2020/09/06/last-week-on-my-mac-has-notarization-burned/ . The article has links to other articles on security if you have the time to follow them and read.

Trust me, the first new virus for Mac is going to be a front-page event!

 

[MacInWin]

For those who may be interested in security, here are a couple of articles for you. Modern computer security uses the Swiss cheese approach, even if they don't know it.

Human error: models and management

www.ncbi.nlm.nih.gov

Dead divers, security exploits, and Swiss cheese

Oxygen rebreather diving sets have been involved in many diving deaths. They and layered security can be analysed using James Reason’s Swiss cheese model of causation.

eclecticlight.co

 

[Randy B. Singer]

...Chrome but I notice that even though I've set it to use Google for searching and not Bing, that every 3rd time or so that I click on a link on Google, it opens up a new tab either taking me to Bing...

Sounds like a recent bit of malware that a number of folks have been bitten by.

This malware (it's a Trojan Horse) is called "CrossRider" by the anti-virus companies:

https://blog.malwarebytes.com/threa...iant-installs-configuration-profiles-on-macs/

To get rid of it, go into System Preferences.
See if there is a preference pane for Profiles.
(It’s normal not to have a Profiles preferences pane. So if it’s not there it’s just not there.)
If there is, open it and delete all profiles.

Next download and run:

DetectX Swift (free)
https://sqwarq.com/detectx/
and delete any malicious files that it flags. (I've been told several times that this product actually works to do successful cleanup after this bit of malware is deleted manually.)

Then all that you have to do is go into your browser and correct the settings for your default search engine and start page.

Just FYI, the way that this Trojan is spread is that you were on the Web and something popped up that told that you had to install or update Adobe Flash, and you clicked on Okay, and it downloaded and you installed it. However, the alert was bogus, and the software that you downloaded wasn't Flash at all, it was a Trojan Horse. You should NEVER download Flash any way other than via the Flash Preferences pane, or by purposely navigating directly to the Adobe Flash Web site and downloading from there.

The fascinating thing is how this malware gets you. One day you find that your browser (it happens in more than one brand of browser) suddenly has a different home page and uses a different search engine. Attempting to switch these setting back to normal doesn't stick. Other than the above changes, users' browsers work just fine. Nothing else untoward seems to be happening.

So what folks tend to do is to Google how to get rid of a virus that changes your search engine. This is where the bad guys did something brilliant. Suddenly, there are a bunch of new Web sites offering instructions on how to remove this "virus". But all of those Web sites come from previously unknown entities...they all look more or less the same, and they all recommend downloading very questionable software (often commercial software, to add insult to injury), to clean the infection. It's that software, that users have downloaded entirely volitionally, that I suspect is the real danger. Brilliant how they get users to download malicious software (and pay for it) volitionally.

As a sidenote, Google makes their money by spying on you and selling your private information. (This isn't a secret, it's their entire business model.) So, as you can imagine, Google includes plenty of spyware with Chrome. So...it might be best to avoid Google's Chrome browser.

The good news is that Chrome is based on open source software (called Chromium) and plenty of companies have used that open source software to create their own browsers, very similar to Chrome, only without Google's spyware included. In fact, some of them are extra secure.

If you are interested in a browser that is based on Chromium, I highly recommend:

Brave (free)
https://www.brave.com

Brave natively blocks ads, trackers, and other spyware. It has a special mode that uses the Tor network for the ultimate in security. It's *fast*, full of features, and it's very user customizable.

I'm also not happy with the general performance of the Mac, many of the most basic functions that should be almost instant can take many minutes.

Chances are excellent that the anti-virus software that you mentioned has brought your Mac to its knees. Especially if your anti-virus software is Sophos.

For more hints on how to regain your Mac's lost performance, see:

Macintosh Slowdown Solutions

Macintosh Slowdown Solutions

Oh...and I *also* have been extremely disappointed that folks on this list continue to say that "there are no viruses for the Macintosh." While this is technically true, all of us know that just about everyone in the general public, and even those in the anti-virus software community, use the term "virus" to mean "malware." There definitely is malware for the Macintosh. There is extremely little of it in the wild, but it does exist.

I also still don't believe that either Malwarebytes or DetectX is a complete anti-virus solution. Both do eliminate some malware, but it defies logic that a product that does a scan in less than half a minute can be doing a thorough scan of your entire hard drive for malware. I can't prove it one way or another until or unless some unimpeachable source does a believable test of these products. But I don't think that recommending one or the other as a complete anti-malware solution (assuming that one needs one at all), is entirely satisfactory. Of course, VirusBarrier, which *is* a complete anti-malware solution, doesn't look for much in the way of adware, so recommending it in addition to, let's say DetectX, to also get rid of adware, is a good idea.

 

[krs]

I also still don't believe that either Malwarebytes or DetectX is a complete anti-virus solution. Both do eliminate some malware, but it defies logic that a product that does a scan in less than half a minute can be doing a thorough scan of your entire hard drive for malware.

On that topic...
If there is a relatively small amount of malware for the Mac as everyone agrees, just over 20 in this list:

All the Mac malware we know about

Wondering how many viruses exist for the Mac? Here is a list recent Mac malware attacks, viruses for Apple computers, and security threats that Mac users have suffered

www.macworld.co.uk

or even if it's really twice as many, each of these items infacts a specific and well known portion of the Mac, would it not be logical that any antivirus software for the Mac would just need to look into those known areas of the software to see if the malware is present?
That's how I thought malwarebytes works and that is why it can complete a scan in just a few minutes.
Sure, it doesn't do any heuristic analysis (I don't think), but with very few new pieces of malware for the Mac each year, that is not necessary.

Having said that, I still run all three, malwarebytes, Detect X Swift and VirusBarrier every few months or so just to be sure.
All I ever found was the odd piece of Windows malware

 

[Randy B. Singer]

On that topic...
If there is a relatively small amount of malware for the Mac as everyone agrees, just over 20 in this list:
...or even if it's really twice as many,

I don't know how Macworld came up with such a small list, but even at twice the size, it isn't close to being correct.

This list, that stopped being updated six years ago lists 51 pieces of malware:

The Safe Mac : Mac Malware Guide

thesafemac.com

There is a repository of samples of all current Mac malware. It has close to 150 samples. (I won't give a link for obvious reasons.)

However, the above numbers are a bit misleading. Each piece of malware for the Mac (or for Windows) has a huge number of variations. Each general type of malware acts as a template for quickly creating new and only slightly different versions of the same malware specifically for the purpose of avoiding detection. So while you would be correct to say that there are about 150 types of malware for the Macintosh, and over a couple million for Windows, in more practical terms there are more like a few thousand examples for the Macintosh, and more like close to 450 MILLION (sic) examples for Windows. Malware detection is a constant cat and mouse game, with malware being more or less a shape-shifter.

So, as you can see, any comprehensive anti-virus (AV) program has a surprising number of Macintosh malware examples to look for. But even that understates the chore....

each of these items infacts a specific and well known portion of the Mac, would it not be logical that any antivirus software for the Mac would just need to look into those known areas of the software to see if the malware is present?
That's how I thought malwarebytes works and that is why it can complete a scan in just a few minutes.

That *is* how MalwareBytes works, and the MalwareBytes folks have said so themselves. However, the chore is not at all that simple. First of all, some malware can infect an almost infinite number of apps. OR, an almost infinate number of apps can be weaponized with an individual type of malware for a user to unknowingly download and install. AV software has to be able to look at any and every app that might possibly be infected and determine if it is indeed infected. On top of that, since there are a huge number of subtle variations of each type of malware for the Macintosh, good AV software has to be able to search through each one of those apps and detect every one of those variations. As you might guess, this process takes a legitimately comprehensive AV program a good amount of time. Sometimes it takes HOURS. (Do you really think that MalwareBytes can do in 20 seconds what it takes VirusBarrier several hours to do?) Whatever something like MalwareBytes is doing (and I'm not saying that it isn't doing some worthwhile checking for viruses, I know for a fact that it does at least some worthwhile checking) in the scan that it does in less than half a minute, there is NO WAY that it is doing a comprehensive scan for all infections, in all forms, in all of the places that malware might be hiding.

 

[krs]

I'm now wondering if any of these three applications actually do what they promise after I ran all three of them.
I first updated each one to the latest version.
Then ran a scan of each one on my 2012 MacMini running 10.14.6 with a Crucial 1TB SSD with 513GB used
Malwarebytes scanned 54272 files in 48 seconds and reported no threads detected
VirusBarrier scanned 4,364,410 files in 1 hr 8 min, then with about 5% of the process bar to go, just stopped.
I waited 30 minutes after that, but VirusBarrier never completed the scan - at least it didn't report that the scan was completed.
Nothing found
Detect X Swift reported: "Search complete, No threads or problems found" in less than 5 seconds.
No message even came up that a scan had started.

I'm not sure what to make of all this - especially Detect X Swift.
I expected that application to spend at least an hour or more scanning the SSD.

 

[Randy B. Singer]

I waited 30 minutes after that, but VirusBarrier never completed the scan - at least it didn't report that the scan was completed.
Nothing found

If you have VB set to scan your entire hard drive, then something interrupted it's scan. You can try again, or you can set VB to only look in certain high risk places for a less thorough, but faster scan.

Detect X Swift reported: "Search complete, No threads or problems found" in less than 5 seconds.
No message even came up that a scan had started.

I'm not sure what to make of all this - especially Detect X Swift.
I expected that application to spend at least an hour or more scanning the SSD.

DetectX is just like MalwareBytes in that it only ever does a scan that takes less than a minute. And, yes, when you launch the app it starts scanning immediately.

DetectX is a great app for getting rid of adware, and it can also handle a few odd examples of malware. It's free, it is very much worth having and using, it does a supreme job with adware, but it isn't a comprehensive solution for dealing with any and all malware.

 

[Lifeisabeach]

DetectX is a great app for getting rid of adware, and it can also handle a few odd examples of malware. It's free, it is very much worth having and using, it does a supreme job with adware, but it isn't a comprehensive solution for dealing with any and all malware.

The value I find in DetectX is its Folder Observer feature to monitor for changes to the Launch folders. Any malware that slips in is going to want to load on startup, and this feature can alert you to something that has been added or modified to the Launch folders so you can review if it looks fishy.