JS/Miner

I had the same issue. After poking around the file itself, it seems that your antivirus and the mine detect the javascript of coinhive, a script embedded in webpages using the power of your computer to mine Monero crypto money (a cousin of Bitcoin) for the owner of the website.
I would suggest installing an ad-blocker on your web browser to rid yourself of these king of scripts and ads.
[Edit : bad spelling, veri bad speeling :/ ]

See if you can find the file(s) using one of these programs. If you go Finder/View/Show Path Bar, it will show you where it is located. Once located, delete it.

EasyFind – Spotlight Replacement

Find Any File

I have just had the same issue, flagged up by my Intego Virusbarrier. It is the first time I have ever had malware discovered on my Mac. Most of the websites I have visited today are well-known names that I have visited many times before without problems; and I have made no downloads.

The malware file was shown as: Home ▸ Library ▸ Caches ▸ com.apple.Safari ▸ WebKitCache ▸ Version 11 ▸ Records ▸ A96A6E93C6D1D95967F4D4D86A725C47D7F5BF95 ▸ Resource ▸ 8BF1E1E0EFB2836AA4A4A06B2B3445DA51449878-blob.

Virus barrier was unable to repair the file and I was initially unable to locate it. I ran a full scan and this time it showed up as: Home ▸ Library ▸ Caches ▸ com.apple.Safari ▸ WebKitCache ▸ Version 11 ▸ Blobs ▸ 5DA700392AA09717087380102B0823FF27E3C359

I transferred the file to Quarantine and when Intego could not repair the file, I deleted it. I ran a further full scan which showed my Mac as clear of all malware.

I have since located and searched the Library caches and the malware file is not present in the location indicated.

Has the malware really been removed and is the Mac now safe again?

Thanks for both replies. They are helpful and, to an extent, reassuring. I have run further scans on both Mac and Time Machine Back-Up Disk and no malware has been identified. My Mac also seems to be operating at normal speed.

I too have read that there is a Mac Version of the malware which tries to use the power of PC or Mac to mine cyber coins. I am a little disturbed that it might have come from a website that I visit often since it might imply that one of these well-known sites have been targetted.

Thank you again. Again further comments would be very welcome.

I am puzzled how a trojan arrived on my Mac when I made no downloads and, as far as I recall, gave no permission for anything to be loaded into my Mac. Yet I read that trojans can only gain access to a Mac if given permission.

I also read that there are no viruses that enter a Mac uninvited.

Thank you. These comments are very helpful. JavaScript is enabled on my Mac. I was going to switch it off but I have now read elsewhere that this will adversely affect the performance of many web sites. If that is true, maybe I have to leave JavasScript enabled but trust my malware checker to identify it should it settle in my Mac. It seems I am damned if I do and damned if I don't!

Actually in order to block this kind of nefarious scripts and all the dubious tracking scripts people tend to use navigator extension to prevent unneeded scripts from running.

The simple choice is an adblocker (at least to of them have add this script to the list of thing blocked), but more powerful combos exist.

Thank you. I will ponder the various adblockers available. I hope they do not conflict with Intego. There seem to be many adblockers that work with Mac but no consensus as to the best.

I read that using Safari Preference Website Reader is a help in reducing the javascript risk so I am using it for now.

I also note that Safari 'Develop' provides an option to clear caches. I am not sure if it clears all Safari caches but I clicked the button and Safari seems to work just the same. 'Develop' also gives various options to monitor javascript but, as an active Mac novice, it is over my head.

Appears to be a Windows thing. So, are you running Windows? If so, check their website for removal instructions.

If you deleted the file and it is actually Windows malware, your computer should be okay.