SamOsiris wrote:
These are the only ones that didn't start with "com.apple."
129 0 0xffffff7f80777000 0x7000 0x7000 com.sophos.nke.swi (9.4.0) <4 1>
130 0 0xffffff7f80770000 0x5000 0x5000 com.sophos.kext.sav (9.4.0) <5 4 1>
As already explained you have Sophos software installed so there is really no reason to suspect these are anything but normal.
SamOsiris wrote:
What does erasing the OS mean?
Deleting everything on the computer & reinstalling everything. Yes it is drastic but sometimes you have to start over. In this case I do not think you need to do that…
SamOsiris wrote:
As for why I'm investigating the possibility of a keylogger - I had a Safari window open by itself underneath the one I was using without my knowing it, and it left about seven or eight items in my History, so I know the window was transitioning between webpages. Since then I've started exploring the possibility of any kind of malware:
reallifecam pop-up
Adware file? - com.microsoft.office.licensing.helper.plist
Accidentally clicked on an OkeyShare link
Keyloggers do not open windows underneath Safari. You may be misunderstanding what they do - they log what you type so others can glean information about you. If they could open windows underneath Safari & type things they would be caught all the time. That is also a pointless act for a 'keylogger' - if it has access to the system it can easily download webpages without your knowledge & do many things that are far worse & far more profitable.
What you describe sounds like what terrible adverts do on terrible websites. Javascript can open new browser windows and can set them to minimise & open more windows etc. History is exactly that - things that have opened in the browser even via popups, so even if you close them they may still get in your history.
I'd strongly suggest you stay away from searching for 'possible Mac malware' unless you know what you are doing. Many less reputable sites will try to sell you antivirus scanning junk & various 'clean up' or performance tools under the guise that malware has hacked you. These sites make money from gullible users, often via simple javascript tricks that make your browser look 'locked' (the same page opens over & over). There are many of these cases described on this site too. Search engines also filter the adverts you see based on your search history, so the more malware you search for the more anti malware junk apps you will see advertised (read up on 'filter bubbles' https://en.wikipedia.org/wiki/Filter_bubble)
In Safari's preferences > Security tab, enable 'block pop-up windows' if it is not already active (some tricks can get around how Safari blocks popups - it's a cat & mouse game).
You can also disable javascript for Safari but most of the internet now relies on it so you will find many sites don't load correctly without it.
Basically you can either:
- Manage it site by site (via a javascript blocking extension)
- Enable javascript and put up with some sites making horrible popups (don't go back to those sites).
- Disable it totally & turn it on only when you have no other choice, or use another browser for the javascript sites.
You may also consider content blockers (ad blockers). They can stop adverts loading, some adverts can contain these malicious scripts that open many popups. NOTE: not all adverts are malicious and malicious scripts don't all come from ad networks, it is just one popular method at the moment.
Personally I don't see anything abnormal here, the internet can be a wild place, backup & apply updates to protect yourself, avoid installing apps unless you absolutely trust the source.