257      iPhone_iPad_Mac_apple

Has my mac being hacked?

I think my mac got hacked. Help please

Here are my EtreCheck results.

EtreCheck version: 3.4.6 (460)

Report generated 2017-10-21 05:33:24

Download EtreCheck from https://etrecheck.com

Runtime: 6:42

Performance: Below Average

 

Click the [Lookup] links for more information from Apple Support Communities.

Click the [Details] links for more information about that line.

 

Problem: No problem - just checking

 

Hardware Information: ⓘ

    21.5" iMac (Late 2013)

    [Technical Specifications] - [User Guide] - [Warranty & Service]

    iMac - model: iMac14,1

    1 3,49 GHz Intel Core i7 (i7-3770K) CPU: 4-core

    16 GB RAM Upgradeable - [Instructions]

        BANK0/DIMM0

            4 GB DDR3 1600 MHz ok

        BANK1/DIMM0

            4 GB DDR3 1600 MHz ok

        BANK0/DIMM1

            4 GB DDR3 1600 MHz ok

        BANK1/DIMM1

            4 GB DDR3 1600 MHz ok

    Handoff/Airdrop2: supported

 

Video Information: ⓘ

    NVIDIA GeForce GTX 660 - VRAM: 1535 MB

        M2550D 1920 x 1080

 

Disk Information: ⓘ

    Hitachi HDS722020ALA330 disk0: (2 TB) (Rotational)

        (disk0s1) <not mounted>  [EFI]: 210 MB

        High Sierra (disk0s2 - HFS+) <not mounted> : 295.02 GB

        (disk0s3) <not mounted>  [Recovery]: 650 MB

        disk0s4 (disk0s4 - NTFS) <not mounted> : 209.72 GB

        games (disk0s5 - HFS+) <not mounted> : 716.05 GB

        (disk0s6) <not mounted>  [Recovery]: 650 MB

        Sierra (disk0s7 - Journaled HFS+) /  [Startup]: 688.20 GB (89.16 GB free)

 

USB Information: ⓘ

     USB30Bus

     USB20Bus

         hub_device

            Generic USB2.0-CRW

            Yubico Yubikey 4 OTP+U2F+CCID

     USB20Bus

         hub_device

            Burr-Brown from TI               USB Audio CODEC 

            Telink 2.4G Mouse

            ROCCAT ROCCAT Valo

 

Virtual disks: ⓘ

    Franz (disk1s1 - HFS+) /Volumes/Franz : 236 MB (95 MB free)

        Physical disk: Disk Image 236 MB (95 MB free)

 

System Software: ⓘ

    macOS Sierra  10.12.3 (16D32) - Time since boot: about 2 days

 

Configuration files: ⓘ

    /etc/hosts - Count: 13 - Corrupt!

    System Integrity Protection status: enabled (Custom Configuration)

 

Gatekeeper: ⓘ

    Mac App Store and identified developers

 

Kernel Extensions: ⓘ

        /Applications/ESET Cyber Security Pro.app

    [loaded]    com.eset.kext.esets-kac (6.5.432 - SDK 10.6) [Lookup]

    [not loaded]    com.eset.kext.esets-mac (6.5.432 - SDK 10.6) [Lookup]

    [loaded]    com.eset.kext.esets-pfw (6.5.432 - SDK 10.6) [Lookup]

 

        /Applications/Hands Off!.app

    [loaded]    com.metakine.handsoff.driver (3.2.3 - SDK 10.9) [Lookup]

 

        /Applications/Parallels Desktop.app

    [not loaded]    com.parallels.kext.hypervisor (12.2.0 415** - SDK 10.9) [Lookup]

    [not loaded]    com.parallels.kext.netbridge (12.2.0 415** - SDK 10.9) [Lookup]

    [not loaded]    com.parallels.kext.usbconnect (12.2.0 415** - SDK 10.9) [Lookup]

    [not loaded]    com.parallels.kext.vnic (12.2.0 415** - SDK 10.9) [Lookup]

 

        /Applications/VMware Fusion.app

    [not loaded]    com.vmware.kext.vmci (8.5.7) [Lookup]

    [not loaded]    com.vmware.kext.vmioplug.15.2.0 (8.5.7) [Lookup]

    [not loaded]    com.vmware.kext.vmnet (8.5.7) [Lookup]

    [not loaded]    com.vmware.kext.vmx86 (8.5.7) [Lookup]

 

        /Library/Application Support/Paragon Software/Snapshot

    [not loaded]    com.Paragon-software.ParagonSnapshot (2.1.3 - SDK 10.7) [Lookup]

 

        /Library/Application Support/org.pqrs/Karabiner

    [loaded]    org.pqrs.driver.Karabiner (10.22.0 - SDK 10.12) [Lookup]

 

        /Library/Extensions

    [loaded]    as.vit9696.AppleALC (1.0.19 - SDK 10.12) [Lookup]

    [loaded]    at.obdev.nke.LittleSnitch (3.7.4 - SDK 10.11) [Lookup]

    [not loaded]    com.Niresh12495.ExtraExtensions (1.0 - SDK 10.8) [Lookup]

    [not loaded]    com.caiaq.driver.NIUSBAudio2DJDriver (2.8.0 (R36) - SDK 10.9) [Lookup]

    [not loaded]    com.caiaq.driver.NIUSBAudio4DJDriver (2.8.0 (R36) - SDK 10.9) [Lookup]

    [not loaded]    com.caiaq.driver.NIUSBHardwareDriver (2.8.0 (R36) - SDK 10.9) [Lookup]

    [not loaded]    com.caiaq.driver.NIUSBMaschineControllerDriver (2.6.0 (R82) - SDK 10.8) [Lookup]

    [not loaded]    com.caiaq.driver.NIUSBTraktorAudio2Driver (2.8.0 (R36) - SDK 10.9) [Lookup]

    [not loaded]    com.caiaq.driver.NIUSBTraktorKontrolS4Driver (2.8.0 (R36) - SDK 10.9) [Lookup]

    [not loaded]    com.caiaq.driver.NIUSBTraktorKontrolX1Driver (2.8.0 (R36) - SDK 10.9) [Lookup]

    [loaded]    com.malwarebytes.mbam.rtprotection (3.0 - SDK 10.12) [Lookup]

    [loaded]    com.paragon-software.filesystems.extfs (10.0.829 - SDK 10.10) [Lookup]

    [loaded]    com.paragon-software.filesystems.ntfs (15.0.729 - SDK 10.10) [Lookup]

    [loaded]    com.paragon-software.kext.VDMounter (111.2 - SDK 10.8) [Lookup]

    [loaded]    com.rehabman.driver.USBInjectAll (0.5.17 - SDK 10.11) [Lookup]

    [loaded]    com.usboverdrive.driver.hid (3.3 - SDK 10.9) [Lookup]

    [not loaded]    net.osx86.kexts.GenericUSBXHCI (1.2.11 - SDK 10.8) [Lookup]

    [loaded]    org.apple.dont.block.DirectHW (1.4 - SDK 10.11) [Lookup]

    [loaded]    org.netkas.driver.FakeSMC (6.24-316-g197d663.1737 - SDK 10.8) [Lookup]

    [loaded]    org.rehabman.driver.FakePCIID (1.3.6 - SDK 10.6) [Lookup]

    [loaded]    org.rehabman.driver.FakePCIID.XHCIMux (1.3.6 - SDK 10.6) [Lookup]

    [not loaded]    org.rehabman.voodoo.driver.PS2Controller (1.8.25 - SDK 10.8) [Lookup]

    [loaded]    org.tgwbd.driver.NullCPUPowerManagement (1.0.0d2 - SDK 10.12) [Lookup]

    [loaded]    org.voodoo.driver.VoodooTSCSync (1.1 - SDK 10.6) [Lookup]

 

        /Library/Extensions/AppleALC.kext/Contents/PlugIns

    [not loaded]    as.vit9696.PinConfigs (1.0.0) [Lookup]

 

        /Library/Extensions/Niresh's Extra.kext/Contents/PlugIns

    [not loaded]    com.Niresh12495.Hackintosh.AHCIPortInjector (1.0.1) [Lookup]

    [not loaded]    com.Niresh12495.Hackintosh.ATAPortInjector (1.0.0) [Lookup]

    [not loaded]    com.Niresh12495.Hackintosh.IOAHCIBlockStorageInjector (1.1.1) [Lookup]

    [not loaded]    com.c0rk007hck.SuperVIAATA (1.0.3 - SDK 10.8) [Lookup]

    [not loaded]    com.insanelymac.driver.ApplePCIIDE (1.0.1) [Lookup]

    [not loaded]    com.nvidia.driver.AppleNForceATA (1.0.4) [Lookup]

 

        /Library/Extensions/USBOverdrive.kext/Contents/PlugIns

    [not loaded]    com.usboverdrive.driver.bt (3.3 - SDK 10.9) [Lookup]

    [not loaded]    com.usboverdrive.driver.hid.safe (3.3) [Lookup]

 

        /Library/Extensions/VoodooPS2Controller.kext/Contents/PlugIns

    [not loaded]    org.rehabman.voodoo.driver.PS2Keyboard (1.8.25 - SDK 10.8) [Lookup]

    [not loaded]    org.rehabman.voodoo.driver.PS2Mouse (1.8.25 - SDK 10.8) [Lookup]

    [not loaded]    org.rehabman.voodoo.driver.PS2Trackpad (1.8.25 - SDK 10.8) [Lookup]

 

        /System/Library/Extensions

    [not loaded]    com.elgato.driver.DontMatchAfaTech (1.1) [Lookup]

    [not loaded]    com.elgato.driver.DontMatchCinergy450 (1.1) [Lookup]

    [not loaded]    com.elgato.driver.DontMatchCinergyXS (1.1) [Lookup]

    [not loaded]    com.elgato.driver.DontMatchEmpia (1.1) [Lookup]

    [not loaded]    com.elgato.driver.DontMatchVoyager (1.1) [Lookup]

    [not loaded]    com.insanelymac.RealtekRTL8111 (2.2.1 - SDK 10.11) [Lookup]

    [not loaded]    com.nvidia.NVDAStartupWeb (10.15.20 - OS X 10.7) [Lookup]

    [not loaded]    com.nvidia.web.GeForceTeslaWeb (10.15.20) [Lookup]

    [loaded]    com.nvidia.web.GeForceWeb (10.15.20) [Lookup]

    [not loaded]    com.nvidia.web.NVDAGF100HalWeb (10.15.20) [Lookup]

    [loaded]    com.nvidia.web.NVDAGK100HalWeb (10.15.20) [Lookup]

    [not loaded]    com.nvidia.web.NVDAGM100HalWeb (10.15.20) [Lookup]

    [not loaded]    com.nvidia.web.NVDANV50HalTeslaWeb (10.15.20) [Lookup]

    [not loaded]    com.nvidia.web.NVDAResmanTeslaWeb (10.15.20) [Lookup]

    [loaded]    com.nvidia.web.NVDAResmanWeb (10.15.20) [Lookup]

    [loaded]    net.osrom.kext.Disabler (1.0.1) [Lookup]

    [loaded]    org.voodoo.driver.VoodooHDA (2.8.8 - SDK 10.8) [Lookup]

 

System Launch Agents: ⓘ

    [failed]    com.apple.mdworker.sizing.plist (Apple, Inc. - installed 2017-01-13)

    [not loaded]    5 Apple tasks

    [loaded]    188 Apple tasks

    [running]    86 Apple tasks

 

System Launch Daemons: ⓘ

    [failed]    com.apple.bluetoothaudiod.plist (? fcec4c65 0 - installed 2016-12-23)

    [not loaded]    50 Apple tasks

    [loaded]    160 Apple tasks

    [running]    96 Apple tasks

    [killed]    2 Apple tasks

    2 processes killed due to insufficient RAM

 

Launch Agents: ⓘ

    [running]    at.obdev.LittleSnitchUIAgent.plist (Objective Development Software GmbH - installed 2017-06-20) [Lookup]

    [not loaded]    com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2017-08-19) [Lookup]

    [not loaded]    com.adobe.AdobeCreativeCloud.plist (Adobe Systems, Inc. - installed 2017-08-19) [Lookup]

    [running]    com.bjango.istatmenusagent.plist (Bjango Pty Ltd - installed 2017-08-06) [Lookup]

    [running]    com.bjango.istatmenusnotifications.plist (Bjango Pty Ltd - installed 2017-08-06) [Lookup]

    [running]    com.bjango.istatmenusstatus.plist (Bjango Pty Ltd - installed 2017-08-06) [Lookup]

    [not loaded]    com.divx.dms.agent.plist (? bf9bdaf7 ce0766cf - installed 2017-10-20) [Lookup]

    [not loaded]    com.divx.uninstall.converter.plist (Shell Script 9e90dee7 - installed 2017-08-07)

    [not loaded]    com.divx.uninstall.player.plist (Shell Script 664f994d - installed 2017-08-07)

    [not loaded]    com.divx.uninstall.preferences.plist (Shell Script 1cd1d81c - installed 2017-08-07)

    [not loaded]    com.divx.update.agent.plist (DivX, LLC - installed 2017-10-20) [Lookup]

    [failed]    com.eset.esets_gui.plist (ESET, spol. s r.o. - installed 2017-10-13) [Lookup]

    [not loaded]    com.maintain.LogOut.plist (Shell Script 1d95663e - installed 2017-08-06)

    [not loaded]    com.maintain.PurgeInactiveMemory.plist (Apple, Inc. - installed 2017-08-06)

    [not loaded]    com.maintain.Restart.plist (Shell Script 5421a7fd - installed 2017-08-06)

    [not loaded]    com.maintain.ShutDown.plist (Shell Script 9b7e817c - installed 2017-08-06)

    [not loaded]    com.maintain.Sleep.plist (Shell Script 94f768ba - installed 2017-08-06)

    [not loaded]    com.maintain.SystemEvents.plist (Apple, Inc. - installed 2017-08-06)

    [running]    com.malwarebytes.mbam.frontend.agent.plist (Malwarebytes Corporation - installed 2017-10-14) [Lookup]

    [failed]    com.nvidia.nvagent.plist (NVIDIA Corporation - installed 2017-06-19) [Lookup]

    [not loaded]    com.oracle.java.Java-Updater.plist (? 57a58793 72ac4dde - installed 2017-08-01) [Lookup]

    [not loaded]    com.paragon-software.ntfs.notification-agent.plist (Paragon Software GmbH - installed 2017-06-01) [Lookup]

 

Launch Daemons: ⓘ

    [running]    at.obdev.littlesnitchd.plist (? d0208090 c56ffbf9 - installed 2017-06-20) [Lookup]

    [running]    com.adobe.adobeupdatedaemon.plist (Adobe Systems, Inc. - installed 2017-08-19) [Lookup]

    [running]    com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2017-09-30) [Lookup]

    [loaded]    com.adobe.fpsaud.plist (? 2afb3af7 178755d7 - installed 2017-06-23) [Lookup]

    [running]    com.bjango.istatmenusdaemon.plist (Bjango Pty Ltd - installed 2017-08-06) [Lookup]

    [loaded]    com.bresink.system.privilegedhelper-ts5.plist (? 2ab87c3a 536aa922 - installed 2017-08-06) [Lookup]

    [loaded]    com.cocoatech.pathfinder.SMFHelper7.plist (Dragan Milic - installed 2017-10-13) [Lookup]

    [running]    com.eset.esets_daemon.plist (ESET, spol. s r.o. - installed 2017-10-13) [Lookup]

    [not loaded]    com.maintain.CocktailScheduler.plist (Shell Script 300b8a41 - installed 2017-08-06)

    [not loaded]    com.maintain.HideSpotlightMenuBarIcon.plist (Apple, Inc. - installed 2017-08-06)

    [running]    com.malwarebytes.mbam.rtprotection.daemon.plist (Malwarebytes Corporation - installed 2017-10-14) [Lookup]

    [running]    com.malwarebytes.mbam.settings.daemon.plist (Malwarebytes Corporation - installed 2017-10-14) [Lookup]

    [running]    com.micromat.techtoolpro9.BackgroundTool.plist (Micromat, Inc. - installed 2017-04-08) [Lookup]

    [running]    com.nvidia.nvroothelper.plist (NVIDIA Corporation - installed 2017-06-19) [Lookup]

    [loaded]    com.oracle.java.Helper-Tool.plist (Shell Script e3fefdd2 - installed 2017-07-22) [Lookup]

    [loaded]    com.paragon-software.installer.plist (Paragon Software GmbH - installed 2017-06-01) [Lookup]

    [loaded]    com.paragon-software.ntfs.loader.plist (Apple, Inc. - installed 2017-05-24)

    [running]    com.paragon-software.ntfsd.plist (Paragon Software GmbH - installed 2017-05-24) [Lookup]

    [loaded]    com.paragon-software.snapshot.plist (Paragon Software GmbH - installed 2016-09-27) [Lookup]

    [loaded]    com.paragon-software.vdmounter.plist (Apple, Inc. - installed 2017-05-16)

    [loaded]    com.paragon.ExtFS.launch.plist (Apple, Inc. - installed 2017-01-13)

    [loaded]    com.rogueamoeba.instanton-agent.plist (Rogue Amoeba Software, LLC - installed 2016-10-04) [Lookup]

    [failed]    com.spotflux.Spotflux.tun.plist (Apple, Inc. - installed 2017-03-04)

    [failed]    hackintosh.zone.voodooloader.plist (Apple, Inc. - installed 2017-01-13)

    [not loaded]    org.pqrs.Karabiner.load.plist (Shell Script 44439558 - installed 2016-10-31) [Lookup]

    [failed]    org.rehabman.voodoo.driver.Daemon.plist (? 7bf177c7 34070fe - installed 2016-12-08) [Lookup]

    [not loaded]    org.virtualbox.startup.plist (? 0 ? - installed (null)) [Lookup]

 

User Launch Agents: ⓘ

    [not loaded]    com.google.keystone.agent.plist (Google, Inc. - installed 2017-09-16) [Lookup]

 

User Login Items: ⓘ

    Magnet    Application - Hidden

        (/Applications/Magnet.app)

    OnBoot UnMount by [redacted] [redacted]    Application - Hidden

        (/Applications/OnBoot UnMount by [redacted] [redacted].app)

    SpeechSynthesisServer    Application

        (/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks /SpeechSynthesis.framework/Versions/A/SpeechSynthesisServer.app)

    USBOverdriveHelper    Application

        (/Library/PreferencePanes/USB Overdrive.prefPane/Contents/Resources/USBOverdriveHelper.app)

    Android File Transfer Agent    Application

        (~/Library/Application Support/Google/Android File Transfer/Android File Transfer Agent.app)

    ESET Cyber Security Pro    Application

        (/Applications/ESET Cyber Security Pro.app)

 

Internet Plug-ins: ⓘ

    FlashPlayer-10.6: 26.0.0.131 (installed 2017-07-21) [Lookup]

    DivX Web Player: 3.8.5.2 (installed 2017-08-07) [Lookup]

    QuickTime Plugin: 7.7.3 (installed 2017-08-06)

    Flash Player: 26.0.0.131 (installed 2017-07-21) Cannot contact Adobe

    PepperFlashPlayer: 26.0.0.131 (installed 2017-06-21) [Lookup]

    Silverlight: 5.1.50901.0 (installed 2017-06-01) [Lookup]

    JavaAppletPlugin: Java 8 Update 144 build 01 (installed 2017-10-15) Check version

 

3rd Party Preference Panes: ⓘ

    Flash Player (installed 2017-06-23) [Lookup]

    Java (installed 2017-08-01) [Lookup]

    Native Instruments USB Audio (installed 2017-03-20) [Lookup]

    NVIDIA Driver Manager (installed 2017-06-19) [Lookup]

    USB Overdrive (installed 2017-10-14) [Lookup]

    VoodooHDA (installed 2015-09-09) [Lookup]

 

Time Machine: ⓘ

    Mobile backups: OFF

    Auto backup: NO - Auto backup turned off

    Volumes being backed up:

        games: Disk size: 716.05 GB Disk used: 716.05 GB

    Destinations:

        Time Machine [Local]

        Total size: 594.50 GB

        Total number of backups: 1

        Oldest backup: 01/03/2017, 15:41

        Last backup: 01/03/2017, 15:41

        Size of backup disk: Too small

            Backup size 594.50 GB < (Disk used 716.05 GB X 3)

 

Top Processes by CPU: ⓘ

        50%       firefox

        28%       VirtualDJ

         7%       WindowServer

         6%       kernel_task

         3%       RTProtectionDaemon

 

Top Processes by Memory: ⓘ

    1.90 GB       Adobe Photoshop CC 2017

    1.32 GB       firefox

    1.31 GB       VirtualDJ

    1.24 GB       kernel_task

    366 MB        Path Finder

 

Top Processes by Network Use: ⓘ

    Input         Output        Process name

    20 B          462 MB        VirtualDJ

    8 MB          410 KB        firefox

    4 MB          4 MB          mDNSResponder

    828 KB        284 KB        Franz

    864 B         912 B         ntpd

 

Top Processes by Energy Use: ⓘ

     29.74    VirtualDJ

     24.04    firefox

     11.32    WindowServer

      2.82    CEPHtmlEngine Helper

      2.70    coreaudiod

 

Virtual Memory Information: ⓘ

    4.31 GB       Available RAM

    52 MB         Free RAM

    11.69 GB      Used RAM

    4.26 GB       Cached files

    9 MB          Swap Used

 

Software installs (last 30 days): ⓘ

    MacPwn High Sierra:  (installed 2017-10-07)

    ESET Cyber Security Pro:  (installed 2017-10-13)

    Malwarebytes for Mac:  (installed 2017-10-14)

    USB Overdrive:  (installed 2017-10-14)

    DivX Pro:  (installed 2017-10-20)

 

    Install information may not be complete.

 

Diagnostics Events (last 3 days for minor events): ⓘ

    2017-10-21 04:47:14    WindowServer High CPU use [Open] [Details]

    2017-10-21 04:07:46    VTDecoderXPCService Crash [Open]

    2017-10-21 04:01:28    VirtualDJ 8.app High CPU use [Open] [Details]

    2017-10-21 03:57:14    Android File Transfer Agent.app Crash [Open]

    2017-10-21 02:29:07    Firefox.app High CPU use [Open] [Details]

    2017-10-21 00:00:14    iSkysoft iMedia Converter Deluxe.app Crash [Open]

        Cause:        BUG IN CLIENT OF LIBPLATFORM: os_unfair_lock is corrupt

    2017-10-20 23:02:56    DivX Player.app Crash [Open]

    2017-10-20 03:24:05    Kodi.app High CPU use [Open] [Details]

    2017-10-19 22:41:04    Path Finder.app High CPU use [Open] [Details]

    2017-10-19 01:40:05    iStat Menus Status.app Crash [Open]

 

 

 

Where is the hacked foot prints?

最后更新：2017-10-21 12:41:48

  上一篇： Orientation bug ios11

  下一篇： iMac apps (messages, facetime, etc.) not signin...