found something suspicious in my doc's

... need someone to bounce them off of to reassure myself that i'm not gonna hear. " oh that's normal". AGAIN!! it looks like someone loaded my O.S. remotely.

May 13 11:15:04 Edwards-iMac installd[393]: PackageKit: Executing script "./postinstall" in /private/tmp/PKInstallSandbox.Xz1uz2/Scripts/org.clover.efifolder.GbAJWt

May 13 11:15:04 Edwards-iMac installd[393]: ./postinstall: ===============================================

May 13 11:15:04 Edwards-iMac installd[393]: ./postinstall: EFIFolder Post-Install Script

May 13 11:15:04 Edwards-iMac installd[393]: ./postinstall: