My macbook pro creates a virus file on startup.

Hello officialraymond,

That directory is part of Apple's new logging system in Sierra. This is one of the reasons people here on Apple Support Communities suggest avoiding popular 3rd party antivirus software. Most of such software is written by Windows developers who fundamentally don't understand Apple software and don't keep up with the latest developments.

Because this file is part of the logging system, it could very well be logging avast's attempt to detect and remove this file. Each attempt is logged and then avast detects that log as a new infection. This repeats forever.

These logging directories are not active directories. There is no way that anything could be executed from these locations. On a Mac, there are only a handful of such active directories where malware can exist. Those are the only directories that a good Mac security product should ever bother looking at. It just so happens, that the only security products that anyone here on Apple Support Communities are likely to recommend are those products that only look at those few important directories.

macOS includes anti-virus capabilities through several layers of malware protection. You don't need anything else. If you don't believe me and still want something else, then I can recommend MalwareBytes for Mac (https://www.malwarebytes.com). MalwareBytes is effective, highly recommended, and it will ignore that logging directory as it should.

I would really like to see how much damage running all of those AV apps has done on your Mac. Please follow the suggestion below.

I suggest you use the program created by Etresoft, a frequent contributor. It will provide a snapshot of your system which we can analyze to possibly determine the cause of your problem. Please use copy and paste as screen shots can be hard to read. On the screen with Options, please open Options and check the bottom 2 boxes before running. Click “Share Report” button in the toolbar, select “Copy to Clipboard” and then paste into a reply. This will show what is running on your computer. No personal information is shown.

Etrecheck – System Information

No anti-virus or so-called "cleaning" apps are necessary or recommended for Mac OS. They do more harm than good. In your case they seem to reporting a false positive. The folder belongs to Mac OS.

https://www.mac4n6.com/blog/2016/11/13/new-macos-sierra-1012-forensic-artifacts- introducing-unified-logging

I suggest you uninstall all those junk apps as per their developer's instructions.

Did you understand what macjack meant when he said a "false positive" ??

That system directory now contains a string. That string is identical to a really old Windows Virus. It is detected because it has the same bit pattern in it.

That string is In a system directory that is inaccessible to ordinary software. Mac software is "sandboxed", and only has permission to write to its own resources, never directly to system directories.

That it matches an old Windows Virus is a complete coincidence. Your so-called Anti-Virus software has detected something that is NOT a virus, but has the same pattern.

macjack is right about the cause & about avoiding Avast. I've also never used anything, visited numerous dubious sites, and never got any issue or virus.

it's probably a fragment of code referenced by log entries. It could even be from some extension or add-on (included in Opera, and on by default, I think) that tries to block advertising or malware.

You say Avast and Avg detect a virus but you couldn't detect it with Kaspersky.

Do you seriously have three different AV apps on your Mac?

If so is it is a wonder that it is still running. I have known Mac with only a single AV app to be dragged to its knees. With three installed it is a wonder it even starts.

I have the same issue as well but today i was looking through the file and i found something about a vulnerable router and other things that led me to suspect that it is infecting my entire router. I don't know a lot about computers, but my router has been going slow ever since this new sierra update.

Unless you are looking for something specific, reading the details of internal system logs is the path to madness.

If your Internet is slow, do an internet speed test.

If your computer is slow, run an etrechek and post its report.

You can't even begin to imagine how far off base you are.

Avast is most likely a Trojan

No, it's just another useless AV app.

McAfee is windows

No, they have a Mac version, too. And is just as useless as any other typical AV software.

Bitdefender is probably a virus

No, it's just another useless AV app.

It also has Malwarebytes I'll check if Malwarebytes is actually a trojan.

Wrong again. MalwareBytes for Mac actually works, and is highly recommended by virtually every user here. Besides, who is "it"?

The way you so wildly and incorrectly toss terms around, I'd have to believe you don't even know what a virus or Trojan is.

But I don't use avast I use the offical AVG

AVG is no better. Uninstall it.

.

Heres my JS:Cryptonight Trojan problem all solved

Even though all of them are clean, it has Microsoft things and if AVG is made for Microsoft then it means that the antivirus is making a mistake.

Avast is most likely a Trojan

McAfee is windows

Bitdefender is probably a virus

It also has Malwarebytes I'll check if Malwarebytes is actually a trojan and I'm not just blaming everything on AVG.

This means AVG isn’t the best for Mac.


Ad-Aware Clean

AegisLab Clean

AhnLab-V3 Clean

Alibaba Clean

ALYac Clean

Antiy-AVL Clean

Arcabit Clean

Avast Clean

Avast Mobile Security Clean

AVG Clean

Avira Clean

AVware Clean

Baidu Clean

BitDefender Clean

Bkav Clean

CAT-QuickHeal Clean

ClamAV Clean

CMC Clean

Comodo Clean

Cyren Clean

DrWeb Clean

Emsisoft Clean

eScan Clean

ESET-NOD32 Clean

F-Prot Clean

F-Secure Clean

Fortinet Clean

GData Clean

Ikarus Clean

Jiangmin Clean

K7AntiVirus Clean

K7GW Clean

Kaspersky Clean

Kingsoft Clean

Malwarebytes Clean

MAX Clean

McAfee Clean

McAfee-GW-Edition Clean

Microsoft Clean

NANO-Antivirus Clean

nProtect Clean

Panda Clean

Qihoo-360 Clean

Rising Clean

Sophos AV Clean

SUPERAntiSpyware Clean

Symantec Clean

Tencent Clean

TheHacker Clean

TrendMicro-HouseCall Clean

VBA32 Clean

VIPRE Clean

ViRobot Clean

Webroot Clean

WhiteArmor Clean

Yandex Clean

Zillya Clean

ZoneAlarm Clean

Zoner Clean