Malware has setup a hidden partition

Malware has setup a hidden 70 gig partition. The only way I found it was to save a web page as a pdf and it asked where. Under possible locations a "k" drive was an option. I then reset the computer to see hidden devices and hidden files. I found a 70 gig drive hidden. It seems to have been activated on May 14th. I can't unmount or eject from the sidebar.It's not allowing me to do anything with it because I don't have permission. I downloaded the flashback security file from Apple and it says that my drive doesn't meet the requirements for this update.

How do I get the permission to get this off and how do I get it off?

Mac mini, OS X Mountain Lion (10.8.3)

Posted on May 27, 2013 9:55 AM

55 replies

May 27, 2013 11:35 AM in response to Royal Cascadian

This one shows that HD on the "k" to be 70 gigs
http://www.flickr.com/photos/renegademag/8857018681/

Csound1

Level 9

60,063 points

May 27, 2013 12:22 PM in response to Royal Cascadian

Royal Cascadian wrote:

I should also mention the flashback removal update went to the k device.

Just an FYI, OSX does not use drive letters. No c drive, or k.

MadMacs0

Level 5

5,233 points

May 27, 2013 12:25 PM in response to Royal Cascadian

Royal Cascadian wrote:

No, I'm not using this as a server and don't know how.

I don't think you have a choice. Don't all mini's come with OS X Server installed?

MadMacs0

Level 5

5,233 points

May 27, 2013 12:26 PM in response to Csound1

Csound1 wrote:

Just an FYI, OSX does not use drive letters. No c drive, or k.

And it looks to me as if it is "I K" not just K.

Barney-15E

Level 10

122,072 points

May 27, 2013 12:28 PM in response to MadMacs0

MadMacs0 wrote:

Royal Cascadian wrote:

No, I'm not using this as a server and don't know how.

I don't think you have a choice. Don't all mini's come with OS X Server installed?

No.

MadMacs0

Level 5

5,233 points

May 27, 2013 12:31 PM in response to Barney-15E

You are correct. I just checked MacTracker and see there is a choice.

May 27, 2013 1:24 PM in response to Royal Cascadian

I know how to screen capture, my iphoto is updating. I've been using mac before G3's.

Barney-15E

Level 10

122,072 points

May 27, 2013 4:50 PM in response to Royal Cascadian

Ok. Your drive is Encrypted with FileVault. That is likely why it looks like it does.

Barney-15E

Level 10

122,072 points

May 27, 2013 5:49 PM in response to Barney-15E

FileVault will always ask for your password on restart in order to decrypt the drive.

There is no point in encrypting the disk if you're just going to automatically decrypt it.

May 27, 2013 5:58 PM in response to Barney-15E

This thread has become quite difficult to navigate...

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Malware has setup a hidden partition