Xcode - Virus BitCoinMiner-AS [Trj]

Hi,

It may be a false positive, from avast:

https://forum.avast.com/index.php?topic=216164.msg1449648#msg1449648

Definitely a False Positive. VirusTotal indicates only Avast! and AVG (owned by Avast) detect it. See Comments there.

Did you read my post above yours? I recommend you follow the advice in my earlier post.

Simple put, Apple attempts to provide all the malware detection and removal you need in Mac OS X. Malwarebytes has come to be accepted as the only malware detector you should consider. For those pestered by browser attacks consider Malwarebytes.

Discusses Mac OS X operating system wide malware detection and removal

See Linc Davis, thomas_r., and etresoft comprehensive write ups on

https://discussions.apple.com/thread/5728993

etresoft steps back and states that the frequency of malware is increasing on the Mac. thomas_r. reveals his involvement in Malwarebytes as Director of Mac Offerings

https://discussions.apple.com/thread/7343915

https://discussions.apple.com/thread/7940701?answerId=31698261022#31698261022

"Malwarebytes Anti-Malware for Mac Removes adware and malware Revives your Mac"

https://www.malwarebytes.org/antimalware/mac/

"visibility & protection to the core"

https://objective-see.com/

Web browser malware removal:

see Esquared, Linc Davis

https://discussions.apple.com/thread/6689392

Fixing Safari malware attacks. See thunderzzz approach.

https://discussions.apple.com/thread/7307569

The best techniques for securing your Mac from the professionals.

http://www.macworld.com/article/2048160/how-the-nsa-snoop-proofs-its-macs.html

phishing

"fake" panic warnings

https://discussions.apple.com/docs/DOC-8771

As I posted yesterday:

"Avast (and AVG) eventually removed those signatures [which were false positives] and apologized a few times in their forum."

The MRT.app is part of the system, so Avast would not have been able to remove it.

You will probably need to reinstall BandWidthX in order for it to function again.

See if Malwarebytes helps.

Malwarebytes Anti-Malware for Mac 10.10 and later

Avast (and AVG) eventually removed those signatures and apologized a few times in their forum.

You should uninstall avast. Apple provides all the malware detection software you will ever need. Should you be concerned about viruses, you should be keeping up with the latest macOS releases.

R

Avast detected it in the same location for me as well. And in Skype. I deleted both and Skype stopped working and needs to be reinstalled. Luckily, I haven't noticed any other issues since deleting this one in the library/correct services...

My Avast 13-4 virus definition version 18022706 also detected and quarantined :

• /System/Library/CoreServices/MRT.app/Contents/Frameworks/libswiftDispatch.dylib
• /Applications/BandWidthX.app/Contents/Frameworks/libswiftDispatch.dylib

I'm not 100% sure but it may come from a software called BandWidthX (Copyright © 2016 Kris Lau. All rights reserved.)

Hope this help

I did! Thanks for sharing all that information. I've had Avast for a while now, but honestly never used it until I received the notification of a blocked infection. That's what prompted the scan where I found it.

I don't plan on using it anymore. My only concern is whether or not deleting that library/core services file is now problematic.

rccharles wrote:

Apple provides all the malware detection software you will ever need.

Current protection is adequate today for most users, but those methods are somewhat limited and far too easy to be disabled by the user. I wish I was more confident that Apple will be able to keep up with malware developers in the future. Even EtreSoft is starting to come to this same conclusion recently.

MadMacs0 wrote:

I wish I was more confident that Apple will be able to keep up with malware developers in the future. Even EtreSoft is starting to come to this same conclusion recently.

I'm confident that Apple could keep up with malware developers now and in the future. I don't think Apple care much at all about macOS in general anymore. Malware and adware problems on macOS get just a small fraction of the small fraction of attention that Apple gives to the Mac.

I have the same problem, this virus appeared today!, but in my case is in /Sytem/Library/CoreServices/MRT.app/Contents/Framework/libswiftDispatch.dylib