Apps keep installing on my Mac, including one called "Ellipse Choice"

I am sorry to say that the report still indicates a heavy dose of probable malware.

For example, this:

  Launchd: /Library/LaunchDaemons/com.2212670367886837812.95AC7F8D936F4053483E2A3DC47C1054527D2F95F8D45E05795F198C112E03D8.plist
    Executable: /Library/Application Support/com.10026744331829180826/16862509899280762053 '/Library/Application Support/com.10026744331829180826/10019262877558550467' eiedlffphcpchnjcebifkghhcgkpdnod 'Profile 1,Default' '/Library/Application Support/com.10026744331829180826/13504654386487616108' 69F5E014-B14B-5C8F-B763-CD39B56AFA1C

See this huge apparently random sequence of numbers?

Compare this with something like this one:

  Launchd: /Library/LaunchAgents/com.paragon-software.NTFS.fsnotifyagent.plist
    Executable: /Library/PreferencePanes/NTFSforMacOSX.prefPane/Contents/Resources/fsnotifyagent.app/Contents/MacOS/fsnotifyagent
    Details: Exact match found in the legitimate list - probably OK

See the file format: this is called reverse URL format - it looks like what a URL like a web address, but in reverse order:

com.paragon-software.something

This clearly identifies the source of the software as being Paragon.

The first one obviously does not look anything like this.

I suggest that you remove all of these randomly numbered agents and daemons.

Here is how to do it:

1) Restart in Safe Mode - this is to ensure to none of these bad boys are running

2) In Finder, press Command-Shift-G and paste

/Library/LaunchDaemons

and then drag all of these to the trash - and possibly others like those, if present. Note that they were installed TODAY!

  [Running] com.2212670367886837812.2714007EE6E309AE8FD3233920E3BA0AA4E0D3B2DFD9B5D6DAD1661582E23629.plist (Not signed - installed 2022-08-11)
  [Running] com.2212670367886837812.4DEF32274A568BBD1E256E459DFD4F2392B854EA6309820F21E0A6C8412937FF.plist (Not signed - installed 2022-08-11)
  [Running] com.2212670367886837812.5C4BC45EFD91C14F1E72107F5414CA970043C598942F75D97537331C4E5DCE9D.plist (Not signed - installed 2022-08-11)
  [Running] com.2212670367886837812.5DCBD99EFB4B79B55E254EB7A228CD1EB93EAA2ED337499F1C8A289B43EBB10A.plist (Not signed - installed 2022-08-11)
  [Running] com.2212670367886837812.72C1F8ABFA155D62F3A06A325F2B64D839FC3C3D3921543992D483381B780684.plist (Not signed - installed 2022-08-11)
  [Running] com.2212670367886837812.95AC7F8D936F4053483E2A3DC47C1054527D2F95F8D45E05795F198C112E03D8.plist (Not signed - installed 2022-08-11)
  [Running] com.2212670367886837812.BBEA6310460DBC91B4CCFD3C1B98C5F08A6C6906D5A1A31435B41002B49E515B.plist (Not signed - installed 2022-08-11)
  [Running] com.2212670367886837812.CC597A7666CE68956D76CDB6E443893E5928C394AE19B75ED1C3AE2C64C7529F.plist (Not signed - installed 2022-08-11)
  [Running] com.2212670367886837812.D31E07AF85EB27096E7CB9D375CE9B768A877FDE03C2FC4A391E94E2876B7AC1.plist (Not signed - installed 2022-08-11)
  [Running] com.2212670367886837812.DD960C5B98E251B1539F578AB06DDC179A5C85F0232AECAA5BB5A72F1F1BE048.plist (Not signed - installed 2022-08-11)

3) Repeat step 2 with

~/Library/LaunchAgents

and delete all those things that have long lists of numbers, like org.2479.... or com.123456...

4) Restart your mac normally.

5) Keep an eye on things and see if the problems went away; in a day or two, run Etrecheck again and post a new report to make sure.

Are you sure these are really applications? Select that EllipseChoice and press Command-I to open the Info window, and post a screenshot.

Also, Please run Etrecheck and post its full report here.

Use the “additional text” button and paste the report into the text box.

The report will help us in determining what may be causing this. It is possible that you have some form of adware.

Yes, and they have nothing to do with the issue that the OP is facing; I forgot to mention that earlier, thank for pointing that out. These are merely text files that are header files, as you say; even if they were C or C++ source files (.c or .cc or .cpp) they’d still not be executable code. I don’t know what led the OP to search for this but the results of that search are completely unrelated to the problem at hand.

Malware - Malware detected.

Run Etrecheck again and see if it is able to delete it.

If not, try running MalwareBytes manually.

I think either of the above should work but if not, let us know and we may guide you to remove the reported malware manually.

I am glad that most of the bad guys are gone.

The only thing I see now is this:

~/Library/LaunchAgents/com.ConnectionCache.service.plist

Executable: ~/Library/Application Support/.2717498762591348536/Services/com.ConnectionCache.service/ConnectionCache.service -s 6600

Details: Executable file is hidden - possibly malware

The launch agent seems almost “normal”, but it launches something that is hidden as has a suspicious name. In macOS, as an in all Unix systems, files or folders whose name starts with a period are hidden. This is useful for a lot of things but there is no plausible reason to make a hidden folder under Application Support - this is fishy.

In Finder, press Command-Shift-G and paste

~/Library/LaunchAgents/com.ConnectionCache.service.plist

drag it to the trash.

Then, to delete the other one:

In Finder, press Command-Shift-G and paste

~/Library/Application Support

and then, since the folder is hidden: press Command-Shift-period

to have the Finder show hidden files. They will appear in grey. There are probably some hidden files that are ok and you should not touch, but drag to the trash thr one from the report, and any similar one, starting with a period and with s random sequence of numbers.

Judging from the file extension in above picture, .h files have multiple uses, and C/C++ Header is one of them.

https://file.org/extension/h

Tend to agree with the evaluation though, the OP specifically refers to the files in question so B for effort