Malware has setup a hidden partition

You say Chrome is opening on its own at startup... is it also open when you shut down or restart? If so, that's normal behavior.

As for what else might be going wrong with your machine, again, it's not malware. My bet is that it is simple lack of full understanding of the way the system works. However, I agree with Csound... at this point, you should simply wipe the slate clean and ease your mind. For instructions on how that should be done, see:

How to reinstall Mac OS X from scratch

Royal Cascadian wrote:

I expected more from Apple than from Microsft.

Nobody commenting here is an Apple Employee, and if they were they would not be able to admit to it.

I reinstalled OSX but the downloaded flash player is still there

Where? It's been so long I you may have told us, but I can't seem to locate where you did so.

Chrome opens on start up. Which I didn't do since I don't know how or why I would.

I'm working with a couple of other users that have this complaint. In one case, it's because it keeps being added to his Login Items in System Preferences->Accounts. The way to stop that is to right-click / command-click on the Chrome Icon in the dock when it is running and select "Options" and make sure that "Open at Login" is not checked.

The other possibility is that starting with Lion, I believe, any applications that are running when you log out, shut down or restart is automatically re-opened when you log in. Some users have reported that they see this behavior even when they quit the application first, so there must be a way the previous state records become correupted.

I reinstalled Firefox but when I did and it told me to quit Firefox, I did. And it still asked to shut down Firefox even though it wasn't open or on. I did this twice and both times it kept telling to quit Firefox even though it wasn't on. Which leads me to believe the malware has infected my browsers and has started to rewrite code on my machine.

I see this happen all the time with Safari since the WebKit framework "WebProcess" is still running after quiting Safari. I can't say that I've ever observed the same thing with Firefox, but that's one possibility. I do see an mdworker process start right after Firefox, but it stops as soon as I quit Firefox. The two suggestions I have there are to restart and do the install before starting Firefox again and if that doesn't work restart into "Safe Mode".

I know I'm a broken record, but there is no currently known malware that could impact OS X or Firefox in this manner. It's a bit hard to believe after this length of time that you are the only one infected by it.

Royal Cascadian wrote:

Thanks for the suggestion of installing over an earased drive. The problem is there isn't an option to erase the drive.

Yes there is, look under Disk Utility in Recovery.

This is not malware, you just need t do it correctly.

I know this is malware.

Congratulations. You are the first an only recipient of this malware. It was explicitly targeted at you and only you so we could see how long it would take someone to detect its existence. Expect to be contacted by the Nigerian Embassy for explicit instructions on how to claim your prize.

Thanks for the suggestion of installing over an earased drive. The problem is there isn't an option to erase the drive.

You don't erase the drive from the installer, you have to use Disk Utility. What you did will not do the trick, it simply reinstalls over the old system, leaving everything else you have installed in place. See the link in my last post on this topic for explicit instructions.

Thomas Reed, please don't respond to this thread. You only add to the frustration and the "it's me" not malware issue. If you don't want to believe me, then just stay off this. If you want to take me seriously, then add something that isn't directed to the dumb user being dumb.

I never said anything about you being a "dumb user," and it's not that I don't believe what you're saying, I'm just trying to get you to understand why you are misinterpreting what you're seeing. It's not malware. However, at this point, the attitude you're showing means that I will grant your wish. This will be my last reponse to you on this topic.

did you ever solve this? I have macbook pro with a 500 gig SSD that only shows I have a total of 179 gigs of drive space after a maleware attack that occurred around 10-19 that also infected by 8 tb NAS and my 2 window machines on the network. I was able to get rid of the maleware on the pc with the help of some fine folks over at bleeping computer dot com but no help on getting rid of it on the mac. yeah I know that mac's don't get attacked but that is BS

some of my of other symptoms are all emails from 2013 have been deleted, large amounts of pictures are missing, like over 130 gigs. plus there is a hidden account set up with my first name only that I can't access. notes have been scrambled or deleted. my NAS is loaded with empty folders and apple double files, even in window's folders. its a mess and the apple community seems to stand on the idea that macs will not get attacked and not work to find a solution

I would advise you to start a new topic, rather than tacking onto this one. It's not fair to the originator of this topic to divert it with your own concerns that don't sound related to his.

It's very unlikely that the problems you describe are due to malware on the Mac, but we'll need further details before we can say anything for sure. Provide all the details on your new topic, without interpretation of how you think those problems were caused. Be sure to be specific - for example, where were these pictures stored that are now missing, what e-mail service are you dealing with, etc. It could be that one or more of your online accounts have been hacked, but again, nothing can be said definitively without additional information.

Please give us a link to your new topic so we can follow along in case it is something new, but it sound a lot like someone was able to hack into your computer either from having used the PC malware to find the Mac on your network or by physically accessing it while you were away. Another possibility is hard drive failure, but with all the issues with the NAS and windows machine it seems less likely.