Have I been hacked?

tekkruppen

macrumors newbie
Original poster
Oct 2, 2018
4
0
I belive someone is hosting a webhost server or something to change website content. Also, if i google certain words the first meaning of the word is often wrong. I had someone over who did an badusb attack on me. i think someone is hosting a mirror server to mirror my whole computer..

here is my etrecheck log:

Code:
EtreCheck version: 5.0.2 (5A012)
Report generated: 2018-10-02 22:19:46
Download EtreCheck from https://etrecheck.com
Runtime: 4:51
Performance: Good

Problem: Other problem

Major Issues:
  Anything that appears on this list needs immediate attention.
  No Time Machine backup - Time Machine backup not found.
  Unsigned files - There are unsigned software files installed that could be adware and should be reviewed.
  System Integrity Protection disabled - System Integrity Protection is disabled. This computer is at risk of malware infection.
  More than one antivirus app - This machine has multiple antivirus apps installed.

Minor Issues:
  These issues do not need immediate attention but they may indicate future problems.
  Heavy RAM usage - This machine is using a large amount of RAM.
  Small backup drive - Time Machine backup drive is too small.
  Apps crashing - There have been numerous app crashes.
  Apps hanging - There have been numerous app hangs.
  System modifications - There are a large number of system modifications running in the background.
  Corrupt hosts file - Hosts file is corrupt.
  32-bit Apps - This machine has 32-bits apps that may have problems in the future.

Hardware Information:
  iMac (21.5-inch, Late 2013)
  iMac Model: iMac14,1
  1 3,49 GHz Intel Core i7 (i7-3770K) CPU: 4-core
  16 RAM - Upgradeable
    BANK0/DIMM0 - 4 GB DDR3 1600  ok
    BANK1/DIMM0 - 4 GB DDR3 1600  ok
    BANK0/DIMM1 - 4 GB DDR3 1600  ok
    BANK1/DIMM1 - 4 GB DDR3 1600  ok
Video Information:
  NVIDIA GeForce GTX 660 - VRAM: 1535 MB
    M2550D 1920 x 1080

Drives:
  disk0 - Hitachi HDS722020ALA330 2.00 TB (Mechanical - 7200 RPM)
  Internal SATA 3 Gigabit Serial ATA
    disk0s1 - EFI (MS-DOS FAT32) [EFI] 210 MB
    disk0s2 - H*********a (Journaled HFS+) 594.50 GB
    disk0s3 - Recovery HD (Journaled HFS+) [Recovery] 650 MB
    disk0s4 - T**********e (Journaled HFS+) 716.05 GB
    disk0s5 - S****a (Journaled HFS+) 688.20 GB (473.38 GB used)

Mounted Volumes:
  disk0s5 - S****a 688.20 GB (214.56 GB free)
    Journaled HFS+
    Mount point: /

Network:
  Interface en0: Ethernet
  Interface en1: Xperia E3
  Interface en3: Xperia Z3C
  iCloud Status: one pending file

System Software:
  macOS Sierra 10.12.6 (16G29)
  Time since boot: About 4 hours

Configuration Files:
  /etc/hosts - Count: 14 - Corrupt!

Security:
  System                       Status
  Gatekeeper                   Enabled
  System Integrity Protection  enabled (Custom Configuration)

Unsigned Files:
  Launchd: /Library/LaunchDaemons/com.eltima.eveusb.daemon.plist
    Executable: /Library/Frameworks/EveUSB.framework/Support/eveusbd
    Details: Exact match found in the whitelist - probably OK
  Launchd: /Library/LaunchDaemons/com.bresink.system.privilegedhelper-ts5.plist
    Executable: /Library/PrivilegedHelperTools/com.bresink.system.privilegedhelper-ts5
    Details: Exact match found in the whitelist - probably OK
  Launchd: /Library/LaunchDaemons/com.maintain.CocktailScheduler.plist
    Executable: /usr/bin/osascript -e try -e 'set schedulerOwner to do shell script "defaults read /Library/'Application Support'/Cocktail/Scheduler.plist SchedulerOwner"' -e 'do shell script "users"' -e 'if the result contains schedulerOwner then' -e 'do shell script "/bin/sh /Library/'Application Support'/Cocktail/Scheduler.sh"' -e 'end if' -e 'end try'
    Details: Exact match found in the whitelist - probably OK
  Launchd: /Library/LaunchDaemons/com.eset.esets_daemon.plist.old
    Executable: /Applications/ESET Cyber Security Pro.app/Contents/MacOS/esets_ctl
  Launchd: /Library/LaunchDaemons/com.oracle.java.Helper-Tool.plist
    Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool
    Details: Exact match found in the whitelist - probably OK
  Launchd: /Library/LaunchAgents/com.oracle.java.Java-Updater.plist
    Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater -bgcheck
    Details: Exact match found in the whitelist - probably OK
  Launchd: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Helper-Tool.plist
    Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool
    Details: Exact match found in the whitelist - probably OK
  Launchd: /Library/LaunchDaemons/org.pqrs.Karabiner.load.plist
    Executable: /Library/Application Support/org.pqrs/Karabiner/startup.sh start
    Details: Exact match found in the whitelist - probably OK
  Launchd: /Library/LaunchDaemons/com.adobe.fpsaud.plist
    Executable: /Library/Application Support/Adobe/Flash Player Install Manager/fpsaud
    Details: Exact match found in the whitelist - probably OK
  Launchd: /Library/LaunchDaemons/at.obdev.littlesnitchd.plist
    Executable: /Library/Little Snitch/Little Snitch Daemon.bundle/Contents/_MASReceipt/Hooker
    Details: Exact match found in the whitelist - probably OK


32-bit Applications:
  29 32-bit apps

Kernel Extensions:
  /Applications/Hands Off!.app
    HandsOff.kext (3.2.3 - SDK 10.9)

  /Applications/Parallels Desktop.app
    prl_hypervisor.kext (13.1.1 43120 - SDK 10.9)
    prl_netbridge.kext (13.1.1 43120 - SDK 10.9)
    prl_usb_connect.kext (13.1.1 43120 - SDK 10.9)
    prl_vnic.kext (13.1.1 43120 - SDK 10.9)

  /Applications/Tunnelblick.app
    tap.kext (20141104 (Tunnelblick build 5120))
    tun.kext (20141104 (Tunnelblick build 5120))

  /Applications/VMware Fusion.app
    VMwareVMCI.kext (8.5.7)
    vmioplug.kext (8.5.7)
    vmnet.kext (8.5.7)
    vmmon.kext (8.5.7)

  /Library/Application Support/ESET/esets/PlugIns/kext
    esets_kac_64_106.kext (6.5.432 - SDK 10.6)
    esets_mac_64_106.kext (6.5.432 - SDK 10.6)
    esets_pfw_64_106.kext (6.5.432 - SDK 10.6)

  /Library/Application Support/IPNetMonitorX/HelperTools
    IPNetMonitor_NKE1.kext (v1.0.3 - SDK 10.9)
    IPNetMonitor_TNKE.kext (v1.0.3 - SDK 10.9)

  /Library/Application Support/Paragon Software/Snapshot
    ParagonSnapshot.kext (2.1.3 - SDK 10.7)

  /Library/Application Support/org.pqrs/Karabiner
    Karabiner.signed.kext (10.22.0 - SDK 10.12)

  /Library/Extensions
    AppleALC.kext (1.0.19 - SDK 10.12)
    LittleSnitch.kext (3.7.4 - SDK 10.11)
    Niresh's Extra.kext (1.0 - SDK 10.8)
    NIUSBAudio2DJ.kext (2.8.0 (R36) - SDK 10.9)
    NIUSBAudio4DJ.kext (2.8.0 (R36) - SDK 10.9)
    NIUSBAudioDriver.kext (2.8.0 (R36) - SDK 10.9)
    NIUSBMaschineController.kext (2.6.0 (R82) - SDK 10.8)
    NIUSBTraktorAudio2.kext (2.8.0 (R36) - SDK 10.9)
    NIUSBTraktorKontrolS4.kext (2.8.0 (R36) - SDK 10.9)
    NIUSBTraktorKontrolX1.kext (2.8.0 (R36) - SDK 10.9)
    HoRNDIS.kext (9.2 - SDK 10.11)
    com.malwarebytes.mbam.rtprotection.kext (3.0 - SDK 10.12)
    ControllerMate.kext (4.6.0 - SDK 10.6)
    ufsd_ExtFS.kext (11.0.278 - SDK 10.10)
    ufsd_NTFS.kext (15.0.729 - SDK 10.10)
    VDMounter.kext (111.2 - SDK 10.8)
    USBInjectAll.kext (0.5.17 - SDK 10.11)
    USBOverdrive.kext (3.3 - SDK 10.9)
    GenericUSBXHCI.kext (1.2.11 - SDK 10.8)
    DirectHW.kext (1.4 - SDK 10.11)
    FakeSMC.kext (6.24-316-g197d663.1737 - SDK 10.8)
    FakePCIID.kext (1.3.6 - SDK 10.6)
    FakePCIID_XHCIMux.kext (1.3.6 - SDK 10.6)
    VoodooPS2Controller.kext (1.8.25 - SDK 10.8)
    NullCPUPowerManagement.kext (1.0.0d2 - SDK 10.12)
    VoodooTSCSync.kext (1.1 - SDK 10.6)

  /Library/Extensions/AppleALC.kext/Contents/PlugIns
    PinConfigs.kext (1.0.0)

  /Library/Extensions/ControllerMate.kext/Contents/PlugIns
    CMUSBDevices.kext (4.6.0 - SDK 10.6)
    CMUSBKeyboard.kext (1.0 - SDK 10.6)
    CMUSBPointer.kext (1.0 - SDK 10.6)

  /Library/Extensions/Niresh's Extra.kext/Contents/PlugIns
    AHCIPortInjector.kext (1.0.1)
    ATAPortInjector.kext (1.0.0)
    IOAHCIBlockStorageInjector.kext (1.1.1)
    SuperVIAATA.kext (1.0.3 - SDK 10.8)
    ApplePCIIDE.kext (1.0.1)
    AppleNForceATA.kext (1.0.4)

  /Library/Extensions/USBOverdrive.kext/Contents/PlugIns
    USBOverdriveBT.kext (3.3 - SDK 10.9)
    USBOverdriveHID.kext (3.3)

  /Library/Extensions/VoodooPS2Controller.kext/Contents/PlugIns
    VoodooPS2Keyboard.kext (1.8.25 - SDK 10.8)
    VoodooPS2Mouse.kext (1.8.25 - SDK 10.8)
    VoodooPS2Trackpad.kext (1.8.25 - SDK 10.8)

  /System/Library/Extensions
    EyeTVAfaTechHidBlock.kext (1.1)
    EyeTVCinergy450AudioBlock.kext (1.1)
    EyeTVCinergyXSAudioBlock.kext (1.1)
    EyeTVEmpiaAudioBlock.kext (1.1)
    EyeTVVoyagerAudioBlock.kext (1.1)
    RealtekRTL8111.kext (2.2.1 - SDK 10.11)
    NVDAStartupWeb.kext (10.18.5 - OS X 10.7)
    GeForceTeslaWeb.kext (10.18.5)
    GeForceWeb.kext (10.18.5)
    NVDAGF100HalWeb.kext (10.18.5)
    NVDAGK100HalWeb.kext (10.18.5)
    NVDAGM100HalWeb.kext (10.18.5)
    NVDAGP100HalWeb.kext (10.18.5)
    NVDANV50HalTeslaWeb.kext (10.18.5)
    NVDAResmanTeslaWeb.kext (10.18.5)
    NVDAResmanWeb.kext (10.18.5)
    AppleHDADisabler.kext (1.0.1)
    VoodooHDA.kext (2.8.8 - SDK 10.8)

System Launch Agents:
  [Not Loaded]  10 Apple tasks
  [Loaded]      180 Apple tasks
  [Running]     96 Apple tasks

System Launch Daemons:
  [Not Loaded]  54 Apple tasks
  [Loaded]      169 Apple tasks
  [Running]     93 Apple tasks
  [Other]       2 Apple tasks

Launch Agents:
  [Not Loaded] com.paragon-software.ntfs.notification-agent.plist (Paragon Software GmbH - installed 2017-05-24)
  [Loaded]     com.nvidia.nvagent.plist (NVIDIA Corporation - installed 2018-09-09)
  [Not Loaded] com.oracle.java.Java-Updater.plist (? 57a58793  - installed 2017-07-29)
  [Running]    com.staticz.soundcontrol.agent.plist (Dominic Feira - installed 2018-01-18)
  [Running]    com.bjango.istatmenusagent.plist (Bjango Pty Ltd - installed 2017-08-06)
  [Not Loaded] com.orderedbytes.ControllerMateHelper.plist (Ken Heglund - installed 2017-10-23)
  [Not Loaded] com.microsoft.update.agent.plist (Microsoft Corporation - installed 2018-09-09)
  [Not Loaded] com.paragon-software.extfs.notification-agent.plist (Paragon Software GmbH - installed 2017-06-02)
  [Running]    com.bjango.istatmenusstatus.plist (Bjango Pty Ltd - installed 2017-08-06)
  [Not Loaded] com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist (Adobe Systems, Inc. - installed 2018-09-09)
  [Not Loaded] com.adobe.AAM.Updater-1.0.plist (? ffb65062  - installed 2018-09-09)
  [Running]    com.bjango.istatmenusnotifications.plist (Bjango Pty Ltd - installed 2017-08-06)
  [Not Loaded] com.malwarebytes.mbam.frontend.agent.plist (Malwarebytes Corporation - installed 2017-09-19)
  [Running]    at.obdev.LittleSnitchUIAgent.plist (Objective Development Software GmbH - installed 2017-10-22)

Launch Daemons:
  [Loaded]     com.adobe.fpsaud.plist (? 2afb3af7  - installed 2017-06-23)
  [Loaded]     com.bresink.system.privilegedhelper-ts5.plist (? 2ab87c3a  - installed 2017-08-06)
  [Not Loaded] org.pqrs.Karabiner.load.plist (? 44439558  - installed 2016-10-31)
  [Loaded]     com.malwarebytes.mbam.settings.daemon.plist (Malwarebytes Corporation - installed 2017-09-19)
  [Loaded]     com.adobe.ARMDC.Communicator.plist (Adobe Systems, Inc. - installed 2018-09-09)
  [Loaded]     com.adobe.acc.installer.plist (Adobe Systems, Inc. - installed 2017-10-22)
  [Not Loaded] com.maintain.CocktailScheduler.plist (? 300b8a41  - installed 2017-08-06)
  [Not Loaded] org.virtualbox.startup.plist (? 0  - installed )
  [Running]    at.obdev.littlesnitchd.plist (? d0208090  - installed 2017-10-22)
  [Not Loaded] com.maintain.HideSpotlightMenuBarIcon.plist (Apple - installed 2017-08-06)
  [Running]    com.bjango.istatmenusdaemon.plist (Bjango Pty Ltd - installed 2017-08-06)
  [Loaded]     com.macpaw.CleanMyMac4.Agent.plist (MacPaw Inc. - installed 2018-09-14)
  [Running]    com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2017-09-30)
  [Loaded]     com.microsoft.OneDriveUpdaterDaemon.plist (Microsoft Corporation - installed 2018-09-09)
  [Not Loaded] com.eset.esets_daemon.plist.old (? 885d3557  - installed 2017-09-20)
  [Loaded]     com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2018-09-09)
  [Loaded]     com.nvidia.nvroothelper.plist (NVIDIA Corporation - installed 2018-09-09)
  [Loaded]     com.iobit.MBHelpToolerDaemon.plist (Apperience Corporation - installed 2017-11-16)
  [Loaded]     com.cocoatech.pathfinder.SMFHelper7.plist (Dragan Milic - installed 2017-10-13)
  [Loaded]     net.tunnelblick.tunnelblick.tunnelblickd.plist (Jonathan Bullard - installed 2018-09-14)
  [Running]    com.eltima.eveusb.daemon.plist (? 41386aaf  - installed 2017-10-21)
  [Loaded]     com.oracle.java.Helper-Tool.plist (? e3fefdd2  - installed 2017-07-22)
  [Loaded]     com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2018-08-13)
  [Other]      com.spotflux.Spotflux.tun.plist (Apple - installed 2017-07-15)
  [Loaded]     com.adobe.ARMDC.SMJobBlessHelper.plist (Adobe Systems, Inc. - installed 2018-09-09)
  [Other]      hackintosh.zone.voodooloader.plist (Apple - installed 2017-07-15)

User Launch Agents:
  [Not Loaded] com.iobit.MacBoosterMini6.plist (Apperience Corporation - installed 2017-11-15)
  [Loaded]     com.macpaw.CleanMyMac4.HealthMonitor.plist (MacPaw Inc. - installed 2018-09-14)
  [Loaded]     net.tunnelblick.tunnelblick.LaunchAtLogin.plist (? 0  - installed 2018-08-01)
  [Not Loaded] com.google.keystone.agent.plist (Google, Inc. - installed 2018-09-03)

User Login Items:
  CrossOver CD Helper.app (? - installed 2018-05-07)
     (/Applications/CrossOver.app/Contents/Resources/CrossOver CD Helper.app)

Internet Plug-ins:
  AdobeAAMDetect: 3.0.0.0 (installed 2017-10-22)
  FlashPlayer-10.6: 26.0.0.131 (installed 2017-07-21)
  QuickTime Plugin: 7.7.3 (installed 2017-08-06)
  AdobePDFViewerNPAPI: 17.012.20098 (installed 2018-09-14)
  AdobePDFViewer: 18.011.20058 (installed 2018-09-14)
  DivX Web Player: 3.8.5.2 (installed 2017-08-07)
  Flash Player: 26.0.0.131 (installed 2017-07-21)
  PepperFlashPlayer: 26.0.0.131 (installed 2017-06-21)
  Silverlight: 5.1.50901.0 (installed 2017-06-01)
  JavaAppletPlugin: Java 8 Update 144 build 01 (installed 2017-10-15)

Safari Extensions:
  OpenIE.safariextz - Parallels - http://www.parallels.com (installed 2017-10-27)

3rd Party Preference Panes:
  Flash Player (installed 2017-06-23)
  Java (installed 2017-08-01)
  Native Instruments USB Audio (installed 2017-03-20)
  NTFS (installed 2017-06-02)
  NVIDIA Driver Manager (installed 2018-09-09)
  USB Overdrive (installed 2017-10-14)
  VoodooHDA (installed 2015-09-09)

Time Machine:
  Time Machine Not Configured!

Performance:
  System Load: 0.68 (1 min ago) 0.71 (5 min ago) 0.58 (15 min ago)
  Nominal I/O speed: 0.96 MB/s
  File system: 20.99 seconds
  Write speed: 59 MB/s
  Read speed: 60 MB/s

Top Processes by CPU:
  Process (count)       Source                   CPU  Location
  plugin-container (5)  Mozilla Corporation  50.34 % 
  firefox               Mozilla Corporation  30.44 % 
  EtreCheckPro          Etresoft, Inc.        9.22 % 
  kernel_task           Apple                 7.13 % 
  WindowServer          Apple                 6.60 % 

Top Processes by Memory:
  Process (count)       Source                 RAM usage  Location
  plugin-container (5)  Mozilla Corporation      2.29 GB 
  kernel_task           Apple                    1019 MB 
  firefox               Mozilla Corporation       828 MB 
  EtreCheckPro          Etresoft, Inc.            585 MB 
  Path Finder           ?                         335 MB  /Applications/Path Finder.app

Top Processes by Network Use:
  Process        Source                 Input  Output  Location
  firefox        Mozilla Corporation     3 MB  153 KB 
  mDNSResponder  Apple                  471 B   235 B 
  ntpd           Apple                    0 B   144 B 
  kernel_task    Apple                    0 B     0 B 
  cdpd           Apple                    0 B     0 B 

Virtual Memory Information:
  Available RAM    8.23 GB
  Free RAM          914 MB
  Used RAM         7.77 GB
  Cached files     7.34 GB
  Swap Used            0 B

Diagnostics Information (past 7 days):
  2018-10-02 22:16:12 photoanalysisd Crash
    /System/Library/PrivateFrameworks/PhotoAnalysis.framework/Versions/A/Support/photoanalysisd
    dyld: launch, loading dependent libraries

  2018-10-02 22:16:12 cloudphotosd.app Crash
    /System/Library/CoreServices/cloudphotosd.app
    dyld: launch, loading dependent libraries

  2018-10-02 22:14:22 VTDecoderXPCService Crash
    /System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService

  2018-10-02 17:23:19 com.apple.CloudPhotosConfiguration Crash
    /System/Library/PrivateFrameworks/CloudPhotoServices.framework/Versions/A/Frameworks/CloudPhotosConfigurationXPC.framework/Versions/A/XPCServices/com.apple.CloudPhotosConfiguration.xpc/Contents/MacOS/com.apple.CloudPhotosConfiguration
    dyld: launch, loading dependent libraries

  2018-10-02 15:33:43 mediaanalysisd Crash
    /System/Library/PrivateFrameworks/VideoProcessing.framework/Versions/A/mediaanalysisd
    dyld: launch, loading dependent libraries

  2018-10-02 13:08:47 Kodi 2.app CPU
    /Applications/Kodi 2.app

  2018-10-02 12:16:54 UniversalAccessPref.prefPane Crash
    /System/Library/PreferencePanes/UniversalAccessPref.prefPane
    Crashing on exception: <NSViewServiceMarshal: 0x7ffdc6c03bd0> was unable to obtain a view; did the -loadView method of <UniversalAccessPrefRemoteViewService: 0x6100000f8d80> call -setView:? Did it pass a non-nil value?

  2018-09-30 15:53:49 spindump Crash
    /usr/sbin/spindump

  2018-09-29 15:55:33 iStat Menus Status.app Crash
    /Library/Application Support/iStat Menus 5/iStat Menus Status.app

  2018-09-29 14:18:17 Opera.app Hang
    /Applications/Opera.app

  2018-09-29 13:30:13 Little Snitch Network Monitor.app Crash
    /Library/Little Snitch/Little Snitch Network Monitor.app
    objc_msgSend() selector name: removeToken:

  2018-09-29 11:25:27 sudo Crash
    /usr/bin/sudo
    Detected over-release of a CFTypeRef

  2018-09-29 09:43:30 Preview.app Hang
    /Applications/Preview.app

  2018-09-27 13:26:26 ESET Cyber Security Pro.app Hang
    /Applications/ESET Cyber Security Pro.app


End of report
 

tekkruppen

macrumors newbie
Original poster
Oct 2, 2018
4
0
wait i didnt flag it as resolved.. i think it was hacked too... dammn
 
Last edited:

boodle

macrumors regular
Jun 12, 2004
145
112
Well, you've got both HandsOff and Little Snitch installed, plus multiple antivirus packages, and SIP is off. Fix those first.

The hosts file is the most glaring issue which could allow MIM attacks.

Hard to say from this whether or not you've been compromised but your system is pretty screwed up.
 
Last edited:

tekkruppen

macrumors newbie
Original poster
Oct 2, 2018
4
0
Well, you've got HandOff and Little Snitch installed, plus multiple antivirus packages, and SIP is off. Fix those first.

The hosts file is the most glaring issue which could allow MIM attacks.

Hard to say from this whether or not you've been compromised but your system is pretty screwed up.
how to resolve the host file if it is corroupt?
 

chrfr

macrumors G3
Jul 11, 2009
9,532
3,423
I belive someone is hosting a webhost server or something to change website content. Also, if i google certain words the first meaning of the word is often wrong. I had someone over who did an badusb attack on me. i think someone is hosting a mirror server to mirror my whole computer.
There's no indication that you've been hacked but in addition to the other problems mentioned, you're missing several Apple security updates so install those using the App Store app.
 

hobowankenobi

macrumors 65816
Aug 27, 2015
1,312
395
on the land line mr. smith.
You might also consider running the Combination Updater. Besides updating...it should restore any missing or corrupt OS components. No harm in running it.

A Safe Boot will disable any third party kexts if you want to test.

Why do you think it is mirroring your entire computer?

Strange/incorrect search and web results are most often the work of malware/adware/hijacked search prefs or defaults.
 

boodle

macrumors regular
Jun 12, 2004
145
112
I know it's a drag, especially with a hackintosh, but I'd recommend a clean install.
There's so much stuff partially un/installed it's a wonder that it works at all.
 

MacGizmo

macrumors 68000
Apr 27, 2003
1,625
957
Arizona
What kind of computer is this? I see that EtreCheck is saying it's an iMac, but it doesn't look like it's an iMac. If it's a non-Apple computer, you're pretty much going to have these problems all the time and there is little-to-nothing anyone can do to help you here. If it is an Apple iMac, then I agree with Boodle, back-up the documents on your computer, erase the storage drive and re-install the OS.

When you get the OS reinstalled, DO NOT install virus protection and DO NOT install CleanMyMac. You need to choose between HandOff and LittleSnitch - but don't use both (they do the same thing anyway, so no reason to use both). I think I can guess why you're using them both those apps, so I can only say that you probably shouldn't do that - but that's your choice.
 

Fishrrman

macrumors Core
Feb 20, 2009
19,363
6,682
I would not bother with "anti-virus" software.

THERE IS ONE EXCEPTION:
Download MalwareBytes and use it occasionally to check for malware/adware.
It's FREE.
IGNORE the prompts to "upgrade to the paid version".
It will continue to run "in free mode" forever.

There have been no (that means, "zero") Mac viruses found "in the wild", but there ARE bits of malware and adware that are "out there" from time to time.

I got hit with one myself -- first time in 30 years of Mac'ing.
MalwareBytes found it and got rid of it in one pass.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.