Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: wketch22
wketch22 Author
User level: Level 1
0 points

Factory Reset Questions

Hi everybody, I have just a few quick questions about factory resetting my MacBook Pro 15" circa 2010

Maybe I am just being paranoid, but I feel like my computer my have some sort of virus or rootkit. My personal admin account has been running really slow compared to my Guest account, about a month ago it said my Facebook was accessed from a foreign location immediately after I changed my password, and now it is being strange and saying I am blocked from Omegle for allegedly "possible bad behavior" despite the fact that I have never been to that site before. There really hasn't been any other weird things, no redirects, no loss of control of my computer, etc. The only reason I found out I was banned from Omegle was because when I was researching rootkits I stumbled upon someone talking about a rootkit that prevented Omegle useage.

I have run an Avast scan, and nothing was found, but unless someone can assuage my fears, I want to do a factory reset. So I have a few quick questions

1. If I factory resetted my Laptop, would the virus or rootkit that I potentially have survive the reset?

2. My computer's disc drive acts very strangely, sometimes it works, sometimes it doesn't. Usually it works for a little, and then stops. Sometimes when I reset the PRAM it will start working again. If I factory reboot it, and the disc drive doesn't work, what will happen? Lets say its half way through the proccess and the drive stops working, will my computer be permanently damaged and stuck in purgatory? Or, what if I put the disc in and it won't start at all, but after I have committed to the process? For example, what if I start the process but the drive doesn't work, can I just cancel it?

3. If the disc drive doesn't work, could I use an external CD drive?

4. If my computer does have a virus, what are the odds that it could be on Time Machine too?

If anyone can answer any of these questions, I would really appreciate the help. Or if anyone has any insight about what may be the problem with my computer, I would appreciate it. I trust Avast, but from what I have read rootkits can hide from virus scanners.

Thanks in advance to anyone that can help at all!

MacBook Pro, OS X Mountain Lion (10.8.2)

Posted on Mar 13, 2013 6:02 PM

Reply
Question marked as Best reply
User profile for user: thomas_r.
thomas_r.
User level: Level 7
31,989 points

Posted on Mar 13, 2013 7:13 PM

First, your problems are almost certainly not caused by any kind of malware. For the performance issues, see my Mac Performance Guide. Also, regarding the malware issue, see my Mac Malware Guide.


Regarding the Facebook issues, it's hard to say without more information, but most likely that hacking did not involve any kind of malware. For example, if you changed the password while on an open wireless network (ie, one with no password), someone may have intercepted the data passing between you and the Facebook servers and made use of it to get access to your account.


Thus, resetting to factory conditions is unnecessary. However, if you do wish to go ahead with it, since you are running Mountain Lion, you simply need to hold command-R at startup to enter recovery mode. From there, use Disk Utility to erase the hard drive, which will destroy any malware if it does happen to be present. (There is no Mac malware that can survive this.) Then quit Disk Utility and proceed with reinstalling the system. You will need to be able to download about 4+ GB from Apple's servers to do the install, so be sure you're on a network capable of doing that in a reasonable amount of time. Next, reinstall all applications from scratch.


I would not recommend restoring anything from your Time Machine backup. Copy any important documents to another drive as a secondary backup, and copy them back to the new, clean system by hand. If you let the system help copy stuff from a backup, it can easily copy too much and end up reinfecting the new system, if the old system was infected with anything and then was backed up.


This is a pretty extreme solution, and is almost certainly unnecessary in your case. But it's not going to hurt anything to do it, either, as long as your data is all backed up properly. Just be sure you have a minimum of two good (and separate) backups, one made with Time Machine and one with something else, before proceeding.

View in context
4 replies
Question marked as Best reply
User profile for user: thomas_r.
thomas_r.
User level: Level 7
31,989 points

Mar 13, 2013 7:13 PM in response to wketch22

First, your problems are almost certainly not caused by any kind of malware. For the performance issues, see my Mac Performance Guide. Also, regarding the malware issue, see my Mac Malware Guide.


Regarding the Facebook issues, it's hard to say without more information, but most likely that hacking did not involve any kind of malware. For example, if you changed the password while on an open wireless network (ie, one with no password), someone may have intercepted the data passing between you and the Facebook servers and made use of it to get access to your account.


Thus, resetting to factory conditions is unnecessary. However, if you do wish to go ahead with it, since you are running Mountain Lion, you simply need to hold command-R at startup to enter recovery mode. From there, use Disk Utility to erase the hard drive, which will destroy any malware if it does happen to be present. (There is no Mac malware that can survive this.) Then quit Disk Utility and proceed with reinstalling the system. You will need to be able to download about 4+ GB from Apple's servers to do the install, so be sure you're on a network capable of doing that in a reasonable amount of time. Next, reinstall all applications from scratch.


I would not recommend restoring anything from your Time Machine backup. Copy any important documents to another drive as a secondary backup, and copy them back to the new, clean system by hand. If you let the system help copy stuff from a backup, it can easily copy too much and end up reinfecting the new system, if the old system was infected with anything and then was backed up.


This is a pretty extreme solution, and is almost certainly unnecessary in your case. But it's not going to hurt anything to do it, either, as long as your data is all backed up properly. Just be sure you have a minimum of two good (and separate) backups, one made with Time Machine and one with something else, before proceeding.

Reply
User profile for user: wketch22
wketch22 Author
User level: Level 1
0 points

Mar 13, 2013 7:38 PM in response to thomas_r.

Wow thanks, this was a great help.


So you are saying that even though this Laptop was originally Snow Leopard, but is now running it on Mountain Lion, that I won't need any Snow Leopard discs? I'm just not really sure how this really works.


I downloaded ML from the App Store about half a year ago, so if I do a factory reset, I can reset it using the Mountain Lion? If you could clarify this a little for me it would mean a lot


Thanks again, you have made me feel a little better

Reply
User profile for user: thomas_r.
thomas_r.
User level: Level 7
31,989 points

Mar 14, 2013 3:41 AM in response to wketch22

So you are saying that even though this Laptop was originally Snow Leopard, but is now running it on Mountain Lion, that I won't need any Snow Leopard discs?


That's correct. Mountain Lion should have installed a hidden recovery partition that can be used to boot the machine and do things like reinstall the system. Apple is trying very hard to pretend that optical discs don't exist anymore. 🙂


Further, there was a firmware update a while back that I believe should have enabled your machine to boot from Apple's servers (internet recovery mode) if that recovery partition gets damaged somehow. That would work transparently, if regular recovery mode fails, but can be forced by holding down command-option-R at startup.

Reply

Factory Reset Questions

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up