Can any malware, trojans or keyloggers infect Recovery HD?

There have been no reports here that indicated infection of the Recovery Partition. So it is at least quite rare.

It also would take a more sophisticated programmer to get in there, rather than the thugs usually responsible for Virus attacks.

It uses a couple of RAM disks for its temporary storage, and those will be gone after Restart. In addition, your main Volume is not usually Mounted, so it can't directly modify files on your main drive (although I suppose it could clobber blocks of data).

Internet Recovery is NOT full blown MacOS with paging, file caching, multitasking, or extended Graphics support. Some things WILL take longer. Internet Recovery is intended to be used when your situation is DIRE.

It takes really long to start up because that version of Safari and its support software has to be downloaded to you before it can be started up. In my opinion, the minor problems you are having are as expected.

The perceived slowness is NOT likely to be due to malware of any description.

I do not understand what display or displays you are using to observe those slightly different numbers.

311.7 less 310.8 is a difference of 0.9 Mbytes = 900 Kbytes). That could easily be attributable to counting a single small file or not counting it. I would not lose any sleep over that.

Today I just went to "Get help online" in Recovery HD and went to some malicious websites.

'Recovery is hacked' is extremely unlikely.

What is far more likely is that the DNS number supplied by your Router have been hacked. When your things are working properly again, you should check those DNS number are either:

• exactly what your ISP suggests

• exactly what the upstream Router provides

• google DNS 8.8.8.8 and 8.8.4.4

• Open DNS 208.67.220.220 and 208.67.222.222

I was attempting to show you what screen to look at. I did not explicitly suggest you use MY DNS numbers, which may not be right for your geographical location. It appears there is an OpenDNS server at the Address you cited.

What is showing for actual DNS numbers in your troubled Mac?

Also, that isolated local IP Address is the local Address of my local Server, which does authentication and file sharing for me. Most users should have no local IP Addresses at all in this pane. If the address of your Router is the only address shown, that is a problem that needs to be fixed.

Unless you are an OS X coder, I don't believe any user can definitively answer that question. And a professional probably would not be able to either as it would depend on the expertise of the people who wrote such malware.

There have been no reports of malware affecting MacOS Base System, Recovery, or any of the other items you have inquired about. There are numerous safeguards in place to protect against such attacks.

If you are having unexplained symptoms, you will get the best results by laying out your SYMPTOMS rather that your 'unusual' theories, to allow the full ability of the many experts who frequent the forums to suggest potential solutions to your issues.

Asking your exceptionally narrow questions gets you exceptionally narrow answers, and these responses are unlikely to provide any actionable information whatsoever.

There recovery partition is the partition on the Boot Drive that contains the Recovery software. It is normally named "Recovery HD" because it is a bootable drive -- that is limited to doing those about six Utility functions and nothing more.

system Preferences > Network > Wi-Fi | Ethernet > (advanced) > DNS

.

Can you boot into your normal macOS partition?

Are you running Mac OS X 10.7.5 or a newer operating system? (That is what it says in your bio)

Is your normal boot drive working?

No, does Macintosh HD boot normally?