Found a ton of Malware and Adware on my MacBook Pro- When I try to delete it, it just comes back into the folders I found it in, someone please help!

EtreCheck version: 5.5.4 (5106)

Report generated: 2020-04-12 21:53:27

Download EtreCheck from https://etrecheck.com

Runtime: 1:34

Performance: Excellent

Sandbox: Enabled

Full drive access: Disabled

Problem: Other problem

Description: 

Hacked

Major Issues:

    Anything that appears on this list needs immediate attention. 

 No Time Machine backup - Time Machine backup not found.

Minor Issues:

    These issues do not need immediate attention but they may indicate future problems or opportunities for improvement. 

32-bit Apps - This machine has 32-bits apps will not work on macOS 10.15 "Catalina".

Limited drive access - More information may be available with Full Drive Access.

Kernel extensions present - This machine has kernel extensions that may not work in the future.

Hardware Information:

    MacBook Pro (15-inch, 2018-2019)

 MacBook Pro Model: MacBookPro15,1

    2.2 GHz Intel Core i7 (i7-8750H) CPU: 6-core

    16 GB RAM - Not upgradeable

        BANK 0/ChannelA-DIMM0 - 8 GB DDR4 2400 

        BANK 2/ChannelB-DIMM0 - 8 GB DDR4 2400 

Battery: Health = Normal - Cycle count = 235

Video Information:

  Intel UHD Graphics 630 - VRAM: 1536 MB

  Color LCD (built-in) 3360 x 2100

  Radeon Pro 555X - VRAM: 4096 MB

Drives:

disk0 - APPLE SSD AP0256M 251.00 GB (Solid State - TRIM: Yes)

    Internal PCI-Express 8.0 GT/s x4 NVM Express

        disk0s1 - EFI [EFI] 315 MB

        disk0s2 [APFS Container] 250.69 GB

            disk1 [APFS Virtual drive] 250.69 GB (Shared by 4 volumes)

                disk1s1 - Macintosh HD (APFS) (Shared - 26.96 GB used)

                disk1s2 - Preboot (APFS) [APFS Preboot] (Shared)

                disk1s3 - Recovery (APFS) [Recovery] (Shared)

                disk1s4 - VM (APFS) [APFS VM] (Shared - 1.07 GB used)

Mounted Volumes:

    disk1s1 - Macintosh HD

        250.69 GB (Shared - 26.96 GB used, 222.10 GB available, 221.98 GB free)

        APFS

        Mount point: /

        Encrypted

 disk1s4 - VM [APFS VM]

        250.69 GB (Shared - 1.07 GB used, 221.98 GB free)

        APFS

        Mount point: /private/var/vm

        Encrypted

Network:

    Interface en0: Wi-Fi

        802.11 a/b/g/n/ac

    Interface en6: Bluetooth PAN

    Interface bridge0: Thunderbolt Bridge

System Software:

    macOS High Sierra 10.13.6 (17G12034) 

    Time since boot: Less than an hour

Notifications:

    Notifications not available without Full Drive Access.

Security:

    Gatekeeper: Enabled

    System Integrity Protection: Enabled

    Antivirus software: Apple

32-bit Applications:

    3 32-bit apps

Kernel Extensions:

    /Library/Application Support/Malwarebytes/MBAM/Kext

        MB_MBAM_Protection.kext (Malwarebytes Corporation, 4.3 - SDK 10.11)

System Launch Agents:

    [Not Loaded] 14 Apple tasks

    [Loaded] 170 Apple tasks

    [Running] 110 Apple tasks

System Launch Daemons:

    [Not Loaded] 39 Apple tasks

    [Loaded] 172 Apple tasks

    [Running] 124 Apple tasks

Launch Daemons:

    [Loaded] com.apple.installer.osmessagetracing.plist (Apple - installed 2020-03-18)

User Internet Plug-ins:

    User Internet Plug-ins need Full Drive Access

Audio Plug-ins:

    AppleTimeSyncAudioClock: 1.0 (Apple - installed 2020-04-12)

    BluetoothAudioPlugIn: 6.0.7 (Apple - installed 2020-04-12)

    AirPlay: 2.0 (Apple - installed 2020-04-12)

    AppleAVBAudio: 683.1 (Apple - installed 2020-04-12)

    BridgeAudioSP: 4.69.2 (Apple - installed 2020-04-12)

    iSightAudio: 7.7.3 (Apple - installed 2020-04-12)

User Audio Plug-ins:

    User Audio Plug-ins need Full Drive Access

User iTunes Plug-ins:

    User iTunes Plug-ins need Full Drive Access

Time Machine:

    Time Machine Not Configured!

Performance:

    System Load: 2.26 (1 min ago) 2.69 (5 min ago) 1.33 (15 min ago)

    Nominal I/O speed: 13.92 MB/s

    File system: 20.21 seconds

    Write speed: 1327 MB/s

    Read speed: 2855 MB/s

CPU Usage Snapshot:

    Type Overall

    System: 4 %

    User: 7 %

    Idle: 90 %

Top Processes Snapshot by CPU:

    Process (count) CPU (Source - Location)

    Other processes 78.76 % (?)

    Console 34.55 % (Apple)

    EtreCheck 5.91 % (App Store)

    trustd 5.18 % (Apple)

    CoreServicesUIAgent 0.19 % (Apple)

Top Processes Snapshot by Memory:

    Process (count) RAM usage (Source - Location)

    EtreCheck 488 MB (App Store)

    Console 197 MB (Apple)

    osinstallersetupd 192 MB (Apple)

    App Store 109 MB (Apple)

    InstallAssistant_springboard 98 MB (App Store)

Top Processes Snapshot by Network Use:

    Process Input / Output (Source - Location)

    Other processes 18 MB / 3 MB (?)

    IMRemoteURLConnectionAgent 18 KB / 703 B (Apple)

    SystemUIServer 0 B / 64 B (Apple)

    spindump_agent 0 B / 0 B (Apple)

    backgroundtaskmanagementagent 0 B / 0 B (Apple)

Virtual Memory Information:

    Physical RAM: 16 GB

    Free RAM: 7.35 GB

    Used RAM: 5.41 GB

    Cached files: 3.24 GB

    Available RAM: 10.59 GB

    Swap Used: 0 B

Software Installs (past 30 days):

    Install Date Name (Version)

    2020-04-12 SU_TITLE (10.13.6.1.1.1532145923)

    2020-04-12 Malwarebytes for Mac

    2020-04-12 iTunes Device Support Update ( )

    2020-04-12 Safari (13.1)

    2020-04-12 iTunes (12.8.2)

    2020-04-12 CompatibilityNotificationData (1.0.5)

    2020-04-12 macOS Installer Notification (2.0)

    2020-04-12 Gatekeeper Configuration Data (181)

    2020-04-12 XProtectPlistConfigData (2118)

    2020-04-12 MRTConfigData (1.58)

    2020-04-12 Security Update 2020-002 (10.13.6)

    2020-04-12 macOS Catalina (15.4.01)

    2020-04-12 EtreCheck (5.5.4)

Diagnostics Information (past 7-30 days):

    Directory /Library/Logs/DiagnosticReports is not accessible.

    Enable Full Drive Access to see more information.

End of report

AND also this picture popped up and yet I did NOTHING after resetting my Mac to default except use etrecheck. Here is the folder from my Privacy settings.

AND also this picture popped up and yet I did NOTHING after resetting my Mac to default except use etrecheck. Here is the folder from my Privacy settings.

It's missing full disk encryption and many other options. I can put some items of the coding on here as well but I have no idea what to do, can someone please offer some advice on what to do in order to fix this? I can't find anyone around my area who fixes Mac's, so it would be much appreciated!! 

Thanks everyone.

I will lay It out for you in simple terms from about 2 weeks ago to now in a timeline. I downloaded and bought a 3 year subscription for my VPN service NordVPN. I had an update 2 weeks ago and I updated it, but afterwards I received a pop stating they need to install a Nord.VPNHelperTool and of course I did it. I believe this also happened on another program that I bought which was CleanMyMacX. Then about 7-10 days later I noticed my Mac was taking forever to turn on, was freezing every once in awhile. So I started looking into things and I saw a lot of coding which was stating things like voice recordings plists and then I also found another Machintosh Drive in another folder where all the coding was written, which included photos of all my applications which I finally found out he made a switch and was basically keeping all the information on those applications in a folder, usually things I use most.

So after that I ran etrecheck from App Store (this was the 1st time) and it said I was at high risk and said I have adware and malware on my machine. It also said my data was corrupted and that I needed to take action immediately and gave me some tips, it also said a lot about my Drives because I don't do any partitioning at all and there was a lot going on, especially since the Mac OS System Storage- where all Apple coding is, was full to almost the max, which was not normal. So I wiped my Machintosh HD, but it would let me doing anything to remove, first aid or anything to the OS system. Now I just discovered this virus made another Machintosh HD when I was trying to download new updates. Every time I try to update my computer, theres an error and it won't let me.

The second time, the one your asking about, was after I deleted all my personal files to try and start from scratch, but that didn't work since it was in the Mac OS system storage (idk the exact name I just remember the Mac OS Storage. And when I said hacked I mean't to say constant malware and adware being added daily to the point where it will key log me sooner than later. They hd folders of coding that said put messaging and store them in this location or voice recordings and store them in this location etc. I was trying to get etrecheck in full disk access but thats not even ON MY PRIVACY SETTINGS ANYMORE!

Yes everything is encrypted, but I had to make sure when I rebooted my Mac to put those settings into place again. I was told on some things I read I could shut down my Mac, using power buttoned shift, control option, release the keys and then press the power button OR use the Internet Recovery Partition and start over since I have an external Hardrive but I have NO IDEA how to do that.

The someone suggested to partition the drive using the internet recovery and install the new Mac OS software on the new partition by doing it on the computer and use finder, Machintosh HD, copy any files I wanna keep, under devices locate my Machintosh HD (new) and install the latest version of software on it..

I also don't get that I bought CleanMyMAc for Malware and basically an all in one machine and it never once found anything wrong with my computer.

What do you think I can do to repair it, because this is the second time its happened in 4 years and I am always safe using the internet with a VPN, CleanmyMacX, App cleaner, and now it just started happening. Idk what to do because I just bought a brand new iMac 2 months ago and thats also infected but I barley used it since we are moving and packing.

Lastly that you for your help and reply, I wish there were a lot more of you out there then people who say "your crazy you can get a virus unless they have your computer in their hands" so thank thank thank !!!

When you say request your device to be replaced with a new one do you mean I have to get a new iPhone and new iPads, iMac and MacBook Pro or are you saying I just need to get a new router, then for the sake of explaining, reset my phone tablets and other devices?

what about having all of my smart lights? I have google Chromecast, 3 active smart lightbulbs, 2 active smart extension cords a Wemo smart plug for tv voice control, PS4 TVs etc all connected to the internet.

Lastly I am moving to another state in 2 weeks. What would your recommendations be for this since I’m leaving the state. I have a place to go, my girlfriends but I’ve been there before so basically I just can’t use any of my personal stuff to connect to her internet.

why would the CIA so this or is that just a name of a group that’s hacking people? Thanks for your advice, but this seems super complex so I may have a few more questions afterwards but thank you for everything!

Etresoft thank you for your reply.

so when I tried to update my Mac to the new Catalina update i got an error and then my screen turned gray then went back to the pages I was currently on. At first I wiped my computer, but when I went back to reinstall the software i went into disk utility first and the Mac OS Base System was almost 3/4s full, is that normal?

To answer your question, yes I have an External hard drive as my time machine. I also did have almost a full hard drive because I have a lot of Videos for learning magic as I am a magician. I would say just in videos on the Mac I had probably 200-300 videos all in the range of being an hour or longer, some only 30 minutes but also had documents and PDFs as long as 300 pages(25 atleast of those). As of now my computer has a question mark in a box so I cant use it at all right now until I bring it into a Mac store I believe unless you know how to install it without going into a Apple store. Do you think I need to reset my phone and iPads as well or do you think this is just something on my computer and not a wide problem throughout the network everyone uses? Thanks again for your help!

what I mean by wiping it is selecting the Machintosh HD drive and erased it and then I tried deleting other disks that were under it like disks1 or something similar to that name- there were about 7 of those and when I tried to erase it the erase button was greyed out. I’m not sure how to delete the drive unless it was trying to delete everything on the disk utility- I tried to even erase some of the OS base system but that was also greyed out. I will try and reset it with what you gave me above. I really appreciate everyone’s opinions on this because it’s been really stressful so thank you !

Etresoft what if I just want to start fresh,

like going to a store which I know won’t happen for awhile, but is there anyway to do that without a recovery option? Also IF the malware is in my external HD will it always be in there?