Forum: Author Hangout

After upgrading to Word for Mac 2019

I'm on Word 16.16.24 on my Mac. What's the Mac 2019 version?

I don't use the Recovery feature (I simply back up individual files periodically), but I remember seeing some options about Word automatically saving for recovery. But I can't find it. I thought it would be in Preferences but I don't see it. I remember not checking that box.

I'm on Word 16.16.24 on my Mac. What's the Mac 2019 version?

It's version 16,29, but like you, I generally avoid the recovery (as again, I've NEVER gotten it to work), but today, I was working for quite some time, and then Word crashed, and when it came back, it never recovered anything.

Even worse, after running the Recovery Routine (not easily accessed, like on Windows), it also deleted all the accumulated recovery files (those I hadn't deleted manually), even the backup copy I made. So, while I'm assuming it NEVER backed up anything, there is NO way to recover now, even if they did.

Some things are better under Word for Mac, but some things are utter crap!

But, the default is for WfM to back up everything as you work on it, so you'll often notice a file in the form "~filename.ext" in your Finder directory which goes away once you exit Word. I always assumed that was your recovery file, as I used to always recover from that under Word for Windows 2010 (the last time I was ever able to use the recovery feature).

It's version 16,29,

That's odd. I just ran an update. I wonder why I'm not on 16.29.

That's odd. I just ran an update. I wonder why I'm not on 16.29.

I'm not sure. Do you have a monthly subscription, or did you purchase the program. The monthly subscription should always give you the latest version, while the purchase only gives you the version you purchased. Otherwise, maybe it only lists the version that you're licensed for, rather than the latest updated version you're currently working with.

Companies do odd things with licensing nowadays.

Do you have a monthly subscription, or did you purchase the program. The monthly subscription should always give you the latest version, while the purchase only gives you the version you purchased.

No license. I purchased it.

However, although they said no updates with purchase, I get updates all the time. It installed Microsoft AutoUpdater which notifies me when there are updates (I don't have auto update on) or I can go to Help and Check for Updates.

When Apple reinstalled the OS on my MacBook, they downloaded and installed Office again. It recognized my computer's serial number as the one that purchased it. The first thing I did was to do updates, and then I've been updating since then.

No license. I purchased it.

However, although they said no updates with purchase, I get updates all the time. It installed Microsoft AutoUpdater which notifies me when there are updates (I don't have auto update on) or I can go to Help and Check for Updates.

In that case, all the updater is updating is your version of the software, which at this point is exclusively security patches (as that version is still maintained, but no longer the current version.

That's standard practice with most software, though with standalone, non-subscription software, you license the app itself, rather than a particular version of the program.

In that case, all the updater is updating is your version of the software,

Aha. That makes sense.

Try using another program to open files there are many programs out there that are even free.

openoffice

Is a go to program I use on old saved documents

Alas, the .docx file was never saved/nor deleted. The only thing I had to work with, with the temporary file that Word creates, which contains no text, just the internal Word coding so they can potentially duplicate the updates the the existing file. I'm doubting that OO would understand it, as OO and OL both have their own internal coding, rather than duplicating Words. I'll try it, the next time I'm hip deep in an open file, but I'm not going to bet on it working. But, simply opening Word's Recovery option permanently erased every temporary Word file across my entire machine.

But, I really only have myself to blame. I was having my Mac read the text aloud to me, and modifying anything that didn't 'flow' naturally. And since I'd already saved the epub file with the latest chapter in it, I was planning to use the modified file to update the epub. Thus, I chose not to update it as I worked on it. So, I really got exactly what I deserved.

I was just disappointed because, so far, I haven't heard anyone say that they've ever gotten WFM's Recovery option to work as advertised. So, since I've never used it anyway, I'm going to save all that extra background processing and turn the 'save temporary files' option off and be done with it.

I don't know about Word but with LibreOffice you can set several options among which "Always create backup copy" and "Save AutoRecovery information every xx minutes". I doubt you couldn't set the same for Word so just check the backup copy setting and the autorecovery setting and set the number of minutes for the autorecovery to execute. Just remember to save the document immediately after starting it otherwise the program doesn't know what to save where.

Alas, I make too many minor changes to keep track of multiple versions of each chapter, in a variety of different formats. But ...

It turns out that Word for Mac saves the files to a different location than a "Help for Word or Mac 2019" shows. However, despite the option clearly being turned on, nothing has ever been saved there, where I still retain multiple files from my old version of Word, dating from 2016 to 2018 (for some odd reason, Macs never purge old installs, despite asking if you want to, and they store their recovery files (and temp files) somewhere different too). In fact, I also have Clean My Mac doesn't regular maintenance, even purging old installations, yet it has never successfully purged any of my duplicate files, only those I've uninstalled.

So, for whatever reason, Word 2019 does not actually execute a single feature, despite it being set up to. :(

I guess, when I have time, I'll reinstall it, just to see whether I can get the feature to properly activate.

In that case you are better of using a versioning system like GIT or Apple's MacOS versioning system.

I'd seen the Mac versioning system, but never paid much attention to it. As far as I can tell, Word for Mac has never supported versioning (none of the options appear in the "File" menu), what's more, there's no evidence that there are any versions of any file I've ever saved multiple copies of. So, unless there's some hidden 'activate' feature, I don't know how to access it.

But, more than that, the file in question was physically deleted when Word for Mac crashed, and the autosave didn't save anything. The temporary "~filename.ext" file was, but it contained nothing but my name, repeated three times and the supposed folder for the Word for Mac recovery files (which has always been empty, other than on my older Mac systems (pre 32-bit app restrictions?).

Also, versioning simply appears to be another way of accessing Time Machine, but I've never had a problem firing it up from my browser, any time I need to restore a file.

So, unless I'm missing something vital, I'm not sure what I'm losing by ignoring Mac Versioning. (Though the person I probably should ask is Lazeez, as he knows more about the Mac's functioning than most of us authors.

Not that it will help you now, but I keep a thumb drive plugged in and periodically save to that. I save to my hard drive often, and copy to the thumb drive less often. I wonder if whatever deleted your files would have done that on a thumb drive.

I also have an external hard drive that's not powered on until I want to do a real backup. I believe that if it's not powered on and not connected to the Mac, nothing can get at it.

If you're using Time Machine, wouldn't the files be on it?

Not that it will help you now, but I keep a thumb drive plugged in and periodically save to that. I save to my hard drive often, and copy to the thumb drive less often. I wonder if whatever deleted your files would have done that on a thumb drive.

I have several USB-C external drives (both 5 and 7 tb), where I keep the current/most-recent versions of each chapter, which I manually back up fairly regularly.

However, since you can only back up files that you've successfully saved, it wouldn't have made any difference in this instance.

Unfortunately, my Mac Mini desktop was compromised by hackers (who planted a key-tracker in the root folder, despite the vaulted Mac security), so that machine is effectively dead now. And you have to plug an external drive (5TB) into your access ports to run Time Machine on a MacBook Pro, which also draws a Huge amount of power, draining my battery quickly, so I only manage Time Machine backups on my laptop every few days.

P.S. I've also set each of my external drives (other than the slower Time Machine drive), so they will not auto-mount, meaning that anyone breaking into my system is unable to access and mount the external drives, even if they're attached.

I have always been a windows fan even before windows was just MSDos was because I would go to computer fairs where there was so many more programs for windows then mac.

I was too, especially the large amount of 'hacks' you could install to the OS and various programs, but after one too many reinstalls, and finally a ransonware I couldn't recover from, I gave it up (first just using a laptop, then moving over to ALL Apple equipment), where I'm still being attacked by Russian hackers.

I'm still being attacked by Russian hackers

I didn't know you were running for president.

There isn't a system exempt from being attacked. It's how much it's used that usually makes the difference.

Actually, I've found the (latest) Mac hardware & OS to be better at sheltering the core root & program files, unfortunately, since most current routers aren't worth a shit (in terms of security), it's relatively simple to grab ALL a computer's login passwords.

Unfortunately, it doesn't take long (only a couple years) for that security to erode. However, I've found the best security (so far), is simply to shut down my network (i.e. not leave my desktop running 24/7, even in sleep mode), because that's when the Russian hackers (Fancy Bear and Cozy Bear) are active. So, simply limiting their access seems to be the best option, even for older devices.

The thing with the Russian hacking groups, is that their 'day job' is working for Putin, but in exchange, he gives them carte blanche to hack into any computers they can, to generate whatever wealth they can steal for themselves (with Russian's guaranteed individual immunity from foreign prosecution). It's a lucrative proposition, as they trade the same 'hacks' and try to break into as many computers (both multi-national corporations and utilities and personal or family computers). Their randsomware works equally well on either.

If one in 10,000 pays up, they make a profit.

Which is why, I'd rather pay thousands for a new machine than pay a cent in ransomware. It's like paying actual ransoms. As long as you pay, they'll continue to thrive. As soon as people (collectively) start saying 'Up Yours!' it'll no longer be profitable.

Note: Sorry for the Post Deluge, but I hadn't visited in some time, and there was a lot to respond to!

I don't think it would be pointless. My point in telling them that would be they were morons for wasting their time and energy going after me.

Yeah, I did that. That's how you get added to the dark web's 'hit lists'! So, it's better to simply take the infected machine offline, move to a separate secure machine, and not antagonize the 'morons'. There's nothing to be gained by issuing a chaleange, because while it may frustrate one hacker, there are literally thousands who are capable of getting around your safeguards!

Your choices would be either pay the ransom or replace your system. Responding to ransomware with "To bad, I'm broke" seems entirely pointless.

That's why it always pays to back your system (executables and system files) to a secure hard drive, and keep a spare backup computer (like a cheaper laptop), so you have a fallback in these circumstances.

I also have Internet Blockers (Little Snitch on the Mac) where you can prevent the OS from connecting with specific sites, but since they do that with the Mac addresses (not related to which computer you're on), there's no way of knowing which transmissions need to be blocked.

Unfortunately, the latest version of Little Snitch's default setting is to either allow or block everything, rather than their old behavior, where you could allow each new site to connect before deciding whether to block it or not. At that point, once you've already allowed every single site access, an internet blocker is rendered worthless. :(

I guess I am lucky. In the 24 years I have been on a computer I have only had one virus and that was in 2005. To my knowledge I have never been hacked and as for randsomeware I'll just tell them the same thing I tell anyone who says they'll sue me "Good luck since I am broke anyway."

I will NEVER surrender to ransomware demands, as I'd rather pay several thousand for an all-new computer than to give a dime for some nameless hacker to blackmail me for the rest of my life (talk about lifetime subscription models). However, after surviving one such attack (taking the computer in question permanently off-line, since there was no way to remove the link in the root to the hacker with a fresh install), the hacker notified me that he was placing the information he could steal from me (from a keyboard tracing program) on the dark-web, and ever since, I've had repeated attempts to compromise my systems.

Luckily, my machines are new enough (and updated enough) that they haven't been able to compromise any others, but at this point, it's only a matter of time, especially since there appears to be not a single wireless router than can't be compromised to release the password of every machine that's connected to it!

My biggest worry now, though, is my iPhone X, already more than 3 years old. I've been waiting patiently for the new iPhone 12 Pro model (rather than the default, low-end device, since I use my devices so heavily), but there is currently NO release date for it. So, there's no telling when I'll be able to upgrade it.

In the worst case, I'll have to dumb it and replace it with another second-hand phone until I can get another to last me a while, but I no longer trust most devices beyond a year (since my less than a year-old Mac Mini was compromised (again, it was set to 'always on', which isn't a wise option nowadays).

Just boot with a Linux live CD

Who has a CD drive on their computer nowadays?

As for USB drives had to many of them fail from being cooked when left in vehicles.

Also, ALL electronic media (CDs, hard drives, USB and external drives), and especially SSD have notoriously short lifespans (especially if left exposed to bright sunlight), so you have to continually keep re-backing everything up to newer devices and the older ones begin to lose data, thousands of individual 'blocks' (i.e. generally half a byte) at a time.

The Mac's Time Machine is great for this, as it keeps backing up any new data, and can reinstall the files (or backups) to another drive, but alas, Time Machines has an especially high failure rate itself (20%), so you can never guarantee than any single restore will succeed. :(

Who has a CD drive on their computer nowadays?

I assume he meant 'installation image', which you can then load onto a separate bootable drive (like an external SSD) to do a fresh install. In that case, CD drive wouldn't be required.

Yes, the average user will have to take into a shop, but you can use an Ubuntu or Linux Mint live CD to boot, partition, and format the drive, and then to download Windows. Fairly simple but a lot of work and indeed not for the average user.
{/quote>
External CDs are also useful for running diagnosis on problematic computers (where your regular computer suddenly starts acting funky), so you'll know how to fix it.

The average user would have to take their machine into a shop that does custom builds and have them do it. That will cost money.

I've been doing custom installs (and system recoveries) for years, as I used to build my own high-end Windows systems (you can't do that under Apple), where I'd purchase the components and build the whole system myself, or more often, have someone else custom build my desired system, yet get a STEEP discount on one purchased through a computer seller.

Apple I don't know but Windows you can download and install. Don't know if you still need a key these days, I haven't touched Windows in a very long time.

You can boot recent Macs into 'internet recovery' which requires little more than working firmware and a network connection by pressing Option-Command-R.


Mac OS Recovery [Link to Apple]

No license code required.

I don't have anything from Apple but how would you go about formatting the disk before that? I assume that you can't get to the recovery as long as ransomeware has a hold on the computer.

The computer actually boots over the internet with the entire recovery system held in RAM. At that point, you would run Disk Utility (again, in RAM) and be able to erase/partition/format the drive.

Also, given the way the most current version of Mac OS works, it would be nearly impossible for the OS itself to be corrupted, and even more unlikely for the recovery partition to be corrupted. But, if they were, then the above will resolve the problem.

Looks like a good system to me but be aware that there's a new ransomware system found specifically targeted to MacOS systems: https://thehackernews.com/2020/07/macos-ransomware-attack.html (EvilQuest, also named ThiefQuest).

Well, when I start loading pirated apps (never have in 45 years of computer usage), I'll worry about that one. I have a CISSP, and I'm one of the more paranoid users of computers.

Not saying that Macs can't get viruses or malware, but, generally speaking, you have to pretty much go out of your way to get them.

Well, when I start loading pirated apps (never have in 45 years of computer usage), I'll worry about that one. I have a CISSP, and I'm one of the more paranoid users of computers.

I've long used 'hacking software' to 'augment' my OS software, in addition to testing out and learning expensive new software before purchasing it, but in all my years, aside from a few bad installs or corrupted drives/backups, I've never been compromised by a torrenting site.

The key, is that you learn which sites are secure, and which (cough, cough, Pirate Bay) allows virus-laden adds to proliferate, or which don't allow users to flag modified or infected installations.

But once you've hung around the communities for long, it's pretty easy keeping yourself safe.

Granted, though, that most of the pirated software (never movies or music, which will always get you into deep legal troubles, was for bootlegged and modified Windows installs. Now that I'm on a Mac full time, there's no pressing need since there's very little bootleg software available, anyway.

Also, given the way the most current version of Mac OS works, it would be nearly impossible for the OS itself to be corrupted, and even more unlikely for the recovery partition to be corrupted.

It's much more difficult, but with an all new class of 'warrior hackers' (permanently employed by foreign governments and shielded from foreign prosecutions, it's becoming increasingly common, with the necessary code freely shared online across a wide variety of sites.

Thus, all the vaulted Apple system integrity only buys you about a year or two of safety, which is why it's important to stay off the internet as much as possible, especially during the hours that most Russian, Chinese and Ukrainian operatives are likely to access it.

Local hackers can typically access the same software, but don't have the brute-force attacks the government-sponsored hackers do.

Thus, all the vaulted Apple system integrity only buys you about a year or two of safety, which is why it's important to stay off the internet as much as possible, especially during the hours that most Russian, Chinese and Ukrainian operatives are likely to access it.

There is no such thing as 'standard work hours' for hackers. They adapt to their target.

That said, it isn't necessary to stay off the internet. A NAT router with a firewall, proper system updates, and a modicum of care and you can be safe. A good setup is to have a firewall device (like this: SG1100) inline between your router and your WiFi device. Breaching that kind of network security, as well as the local security on the Mac, is tough even for state-level actors. Add in using a VPN and running your own mail server with appropriate anti-spam and anti-virus software, makes it such that those state-level actors would be better served buying a plane ticket.

It's more likely someone will break into my house and use the thunderbolt port to suck out the contents of my hard disk than for a remote hacker to access my machine. There are some mitigations for that attack, but not many. The only defense is a powered-off machine with an encrypted drive and firmware password.

This presumes you actually have install media for the OS. Most people don't with Windows or Apple systems bought as complete units.

You can download the installation as a separate file (using system specific commands). These allow you to install the software on external drives to 'test out' Beta Software, yet still retain the ability to reinstall your old OS in case you encounter significant issues with the newest version.

This is common practice, and operates on ALL machines, you just have to know how to authorize it to download rather than perform a direct install.

I admit I do not know how the mechanics of ransomware works but couldn't you just replace the hard drive with a new one and while off-line hook your old drive up as a external HD and move most your information to the new one.

If Ransomware was that easy to bypass, then it would be easily solved. Instead, they only inform you that you've been targeted, once your computers have been compromised. So, rather than simply locking a single directory, or drive, they load something into the computer's root (the protected portion that no one can access), so that even after a complete reinstall, you are still infected by the mysterious key logger (which you can't view), which downloads the ransomware code and reinfects your system all over again.

If this happens, there are a couple trusted sites (companies who create legitimate keyloggers for employers to track employees), which offer key-logger sniffers. But, if they turn up nothing, than there's no hope to recover your machine, as the code is buried too deeply to be detected or replaced by a reinstall. At that point, you're toast!

But, to answer your question, after my recovery software couldn't determine where the keylogger was hiding, I took my computer offline (where the hackers can no longer 'activate' the ransomware), and then backed everything up to an external drive to transfer to another machine. But again, you pretty much have to assume that most of the executable and installation software has also been infected (to allow them to capture the new machine), so you begin can ONLY access the codes/programs you'd previously transferred to the 'safe' machine.

As you can see, it get really complicated, quickly.

As you can see, it get really complicated, quickly.

For the scenario you described to happen, it would require that the system firmware be compromised. That's orders of magnitude more difficult than compromising the operating system.

Generally speaking, if you replace the internal storage (HD or SSD) nothing can survive. Recent Macs (which I know best, my MCSE expired twenty years ago) have signed firmware and it's nigh-on-impossible for it to be compromised by anything the user does (including 'hackers'). Hell, I've configured my Mac so that you can't even downgrade the firmware or operating system.

Is is perfect? No software is. Can it be exploited? Any software can. What are the odds of the firmware being modified to include a keylogger? Infinitesimal, and I know of no cases of this happening on any Mac which has the T2 chip.

Windows machines have similar secure boot features, but I don't know enough about them to speak with any kind of authority.

Sure, you can swap out for a clean drive. But you lose all your data. You can't hook up your old drive even as a secondary drive without risking the new drive getting infected.

No, you can't restore the compromised OS, but if you have a dedicated (and secure) backup facility, like Time Machine, you can select your last-secure backup, and then only transfer data files (i.e. no executables) from the compromised system. But again, that presupposes you already have a backup system and that you regularly transfer your latest software downloads and updates, which very few of us do. In an emergency, a little paranoia tends to pay off!

@Keet:

"Great" and "high failure rate", that's contradictory. A failure rate of 20% is huge and would make it useless in my opinion.

They're often 'intermittent' failures, where rather than compromising ANY restores, they prevent you from accessing particular files, so you often have to make several attempts, restoring larger and larger swatths of individual files, until one succeeds. So far, I haven't had any system restores (even across machines) fail on me, but again, you've got to fairly regularly replace the drives as they lose a host of individuals blocks, which ultimately compromise the quality of the data. But, in most cases, the latest safe backup is still stable enough to work, while the older backups may not be.

Thus, they're more 'regular usage' errors than systematic failures.

For the scenario you described to happen, it would require that the system firmware be compromised. That's orders of magnitude more difficult than compromising the operating system.

Exactly, so today's hackers are orders of magnitude more advanced than the neighborhood kid seeing what he can get away with in his basement.

Again, my recent hack was a less than one-year old 2018 Mac Mini, which was regularly updated to keep the clearly identified vulnerabilities patched. So again, there is no longer any such thing as a 'secure' system, only more secure than most computers.

I've currently had three 'secure' Apple devices compromised, an older iPhone I no longer used and a newer iPad I'd already replaced, and the more recent less than 1-year-old Mac Mini T2 chip (which couldn't keep the hackers out of the root firmware code. If the code in the root firmware was at least detectable, I'd know how to respond and at least prevent it from operating/communicating, but some infections are simply too friggin' advanced, even for us supposed experts.

That most recent infection is the one that's really put me into 'high-alert' mode against any more system compromises, since these guys have been targeting me for some time, but they rarely succeeded, until now (and no, the infection was not the very public EvilQuest or ThiefQuest Mac hacks, as those were the first things I checked for.

A good setup is to have a firewall device (like this: SG1100) inline between your router and your WiFi device. Breaching that kind of network security, as well as the local security on the Mac, is tough even for state-level actors.

Yeah, that's the one thing I haven't installed that I really need too, but the VPN options for Macs are generally pretty limited, given the OS's restrictions on what they can control. And the vast majority of anti-malware apps only flag the particularly notorious websites, but won't perform any 'deep dive' security sweeps (I use CleanMyMac X, which regularly updates and performs thorough checks, but it didn't register either the key logger nor the compromised firmware).

Again, the way they initially gained access was through my NetGear router, which are fairly easily hacked to reveal ALL the connecting devices passwords, so yeah, and hardware middleman would be an important protection. Thanks for the suggestion!

I would love to have the technical explanation of how what you claim has happened, as without it, I can't evaluate it. But forget that, I absolutely have to address this:

Yeah, that's the one thing I haven't installed that I really need too, but the VPN options for Macs are generally pretty limited, given the OS's restrictions on what they can control.

Absolutely not true in any way, shape or form. I use Mullvad (from Sweden) and it has full and complete control of ALL network access, without any special setup, special settings, or disabling any security features.

You can use a service like Mullvad and use their client, or use your own OpenVPN client or Wireguard client.

Now, if you're talking IOS, that's a different story. But MacOS has full VPN support (including full IPv6 support). Period.

I didn't understand most of what was said, but I have a question.

My wife and I have a MacBook Pro. It's connected to the internet through a Netgear router. Mine is ethernet; my wife's is wifi.

Do I have to shut down every night to be safe?

And if I shut down, do I have to disconnect from the internet every night? I can't just unplug my router because my landline (phone) wouldn't work.

Do I have to shut down every night to be safe?

Assuming your router is doing NAT properly (i.e. your IP address is 192.168.x.x or 10.x.x.x), no, you don't. My point about shutting down was only to prevent a local attack against thunderbolt ports.

Just make sure a) you have a good backup; b) you don't click on unknown links or open unknown documents; c) use Firefox with uBlock Origin enabled; d) use a password manager so you can use long (> 12 character) passwords; e) never reuse a password.

Using a VPN will make you even safer. I recommend Mullvad (no logging, completely anonymous if you use cash, which they accept). Full IPv6 support, not blocked anywhere I need to go.

Unless Mossad, SVR, CIA, or some other security service is after you, you're safe. If they are after you, you're f-cked no matter what.

c) use Firefox with uBlock Origin enabled; d) use a password manager so you can use long (> 12 character) passwords; e) never reuse a password.

I use Safari and occasionally Chrome.

I don't use a password manager.

Unfortunately I reuse passwords.

But I thought this thread was about ransomeware hackers highjacking your computer, not getting at your personal data by getting your password.

ETA: The only software I downloaded not from the Apple Store is GIMP, Calibre, and Malwarebytes. I guess MS Office (Word, Excel), but I bought that through Apple and when they reinstalled my OS they downloaded it again.

I use Safari and occasionally Chrome.

Safari is fine, but unfortunately you can't use uBlock Origin with it. Just get a good ad blockr from the App Store.

I don't use a password manager.

Unfortunately I reuse passwords.

You need to start using a password manager and stop reusing passwords. A hacker could easily hijack an account and in doing so, create all kinds of possible avenues for attacking your system.

I use Remembear, which works great, but there are many options (lastpass, 1Password). A good free, open source option is KeePassX.

But I thought this thread was about ransomeware hackers highjacking your computer, not getting at your personal data by getting your password.

There are plenty of attack vectors and you need to close all of them to the best of your ability. For a ransomware attack, you just need to click on the wrong link, or access the wrong site. Protecting your passwords is key. Ditto having good backups (encrypted, online+offline). I use both TimeMachine (locally) and Backblaze (remote).

ETA: The only software I downloaded not from the Apple Store is GIMP, Calibre, and Malwarebytes. I guess MS Office (Word, Excel), but I bought that through Apple and when they reinstalled my OS they downloaded it again.

Malwarebytes isn't all that good, but it's a start. CleanMyMacX is a great choice, along with ClamXAV.

IMHO, all of this is necessary to ensure you don't get caught!

Umm. If no one can access the root, then the hacker can't either...

Exactly, though bugs do exist (cf the iPhone firmware problem that can't be patched and allows jailbreaking on iPhone 10 and earlier).