Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Kathsr

macrumors regular
Original poster
Jan 21, 2019
109
61
Maryland
It’s time to put this ol’ gal down for good. It’s an early 2011 MacBook Pro that’s been infected with malware for years. I don’t want to go into a lengthy discussion of how I know that right now. I’ve wiped the hard drive twice, reinstalled 10.13.6, ran a full system scan with Bitdefender that didn’t find anything. The next day every one of my files was corrupted.

The hard drive is split into 4 volumes ( I had to create an APFS volume in order to get the OS to reinstall last time) and I need to wipe all 4 and just archive the computer. How can I make sure I’m erasing the entire hard drive in the Disk Utility? Many, many thanks for any help.
 

chown33

Moderator
Staff member
Aug 9, 2009
10,835
8,601
A sea of green
Maybe the files are corrupted because the disk is failing or failed.

If everything else in the machine is working, you could replace the disk, probably with an SSD to get a significant speed boost, and continue using it.

If you never plan to use the corrupted disk again, for whatever reason (failing or malware), then the best thing to do is physically destroy it. That's as simple as using an electric drill to drill several holes entirely through the drive, hitting the platters and the electronics. Obviously, remove it from the computer first.

The only reason to do a complete disk erase would be if you were planning to sell or give away the computer with that drive still installed. Since that doesn't sound like what your plans are, physical destruction is more reliable, and honestly, more satisfying, too.
 

Kathsr

macrumors regular
Original poster
Jan 21, 2019
109
61
Maryland
That is a great idea! After 11 years kind of sad but this will be fun…. One other question…how can I be sure my network hasn’t been affected? I don’t have any indication of that though. The malware was introduced years ago with a flash drive and USB port, not my network.
 

casperes1996

macrumors 604
Jan 26, 2014
7,556
5,735
Horsens, Denmark
That is a great idea! After 11 years kind of sad but this will be fun…. One other question…how can I be sure my network hasn’t been affected? I don’t have any indication of that though. The malware was introduced years ago with a flash drive and USB port, not my network.
I mean "the network" doesn't hold anything persistently. If you've been infected with anything that tries to spread through the network, other devices on the network could be affected, and regularly try to infect others on the network, but "the network" cannot per se be infected.

The brief answer is that there are no guarantees, but if you're not seeing any indications of anything, one can only assume all is good.

For future reference, to wipe a disk in Disk Utility, and not just a single volume or partition, ensure Disk Utility is set to
"Show All Devices" in the View menu
1624390149387.png

Then you select the root device in the index view - name on newer Macs is typically Apple SSD something, but on the 2011 I believe it was often a name indicating a Hitachi drive or something.

Then just erase.

That'll clear everything. There are options for "Secure Erase" as well; A normal erase only clears the superblock(s) and partition table, which is kinda like saying "I don't know where anything is anymore", which effectively means it's gone and you just write new stuff on top, but data recovery software could in theory retrieve it back. Secure Erase can make that entirely impossible to varying degrees based on specific settings (though also increase wear on the drive and are usually unnecessary).

If the disk you're trying to delete is the one you are booted from, you must first enter Recovery or boot from another disk, since Disk Utility cannot erase the actively booted disk
 

chown33

Moderator
Staff member
Aug 9, 2009
10,835
8,601
A sea of green
A "network" per so, can't be infected. The devices connected to it, such as routers, modems, switches, computers, etc. could be.

What are the exact makes and models of the things on your network?

Most malware that affects routers comes from outside attacks, i.e. from the "internet" side of the router. Any attacker trying to mount an insider attack is probably targeting the network devices used by large operations, such as banks, businesses, and such. Those are completely different devices than what one usually has in a home network.
 

casperes1996

macrumors 604
Jan 26, 2014
7,556
5,735
Horsens, Denmark
A "network" per so, can't be infected. The devices connected to it, such as routers, modems, switches, computers, etc. could be.

What are the exact makes and models of the things on your network?

Most malware that affects routers comes from outside attacks, i.e. from the "internet" side of the router. Any attacker trying to mount an insider attack is probably targeting the network devices used by large operations, such as banks, businesses, and such. Those are completely different devices than what one usually has in a home network.

Did you write that up while I was writing up my post? :p We both even used the phrase "per se" hehe
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.