iMac infected with virus that creates hidden windows partition, won’t boot from USB or internet recovery
I have an iMac that has got a serious virus on it. The hard drive is 500gb, but when I format it using disk utility, the drive says it is only formatted to 465 gb, then when I load it in OSX Catalina, it says the drive is 500gb and doesn’t show a bunch of hidden partitions the virus has created.
It seems the virus has its own boot loader and it disables booting from USB and internet recovery. I can start internet recovery but then the Apple symbol comes up and it boots from the virus’s recovery disk, which is sometimes a Catalina disk and sometimes it’s a Snow Leopard or El Capitan boot menu.
The virus has created hidden windows partitions and hidden Mac partitions which are ejectable hidden drives that I can only see from using hdutil list in terminal when I boot from the fake internet recovery.
I was able to use GPT fdisk to remove one of the windows partitions, but when I go to delete the other partitions they come right back after I zero the drives in terminal from the fake internet recovery, and I can’t boot from USB. I’m pretty sure the list of partitions I see in terminal is a fake list because it doesn’t propagate the window fully when I open the terminal to a different sized window from the one I originally ran hdutil list in.
Im totally stuck, if I boot in verbose mode I can sometimes get it to work, but I can’t boot from USB or a real internet recovery because the virus’s fake boot loader denies access to a real install disk and has a hidden 40gb partition that I can’t delete and it just puts the virus right back on after I format.
Can anyone please help me figure this out?
