Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


OSX El Capitan Infection

  • Please log in to reply
2 replies to this topic

#1 Naichi


  • Members
  • 55 posts
  • Gender:Female
  • Local time:04:35 PM

Posted 16 July 2016 - 05:33 PM

Ever since I updated to OSX El Capitan I keep getting this popup. 
"Avast Filesystem shield has blocked a threat and moved it to the Chest"
Infection: Win32:Malware-gen
Process: /System/Library/PrivateFrameworks/CloudKitDameon.framework.Support/cloudd
File: /Library/Caches/CloudKit/com.apple.bird/X6B29J8D22.com.savysoda.documents/.../MMCS/tmpm-0x000000000e
It seems like something keeps generating a temporary file that Avast immediately blocks.
Please help! 
I am on Mac OSX, if that isn't already clear, and I have already tried to run an Avast scan and a MalwareBytes scan. Both did not catch anything. Thank you if you can help me identify the issue as it is somewhat annoying to keep getting that popup.

BC AdBot (Login to Remove)


#2 Ant_Teh_Nee


  • Members
  • 47 posts
  • Gender:Male
  • Local time:07:35 PM

Posted 28 July 2016 - 08:33 PM

I'm unfamiliar with Mac OS, so I cannot help you. Try posting this to the Mac OS fourm or the Virus, Trojan, Spyware, and Malware Removal Logs, you're more likely to get some help there.


Good Luck!

Edited by Ant_Teh_Nee, 28 July 2016 - 08:33 PM.

#3 Trikein


  • Members
  • 1,321 posts
  • Gender:Male
  • Location:Rhode Island, US
  • Local time:06:35 PM

Posted 28 July 2016 - 09:01 PM

Do you get the popup when doing something or when idle? I think Win32:Malware-gen is the name Avast gives any GENeric malware it detects through heuristics but have not identified.  I did some googling and it may be a false negative from script on a webpage that Avast is blocking. I would STILL wait for others who specialize in OSX to comment. Where there is smoke, there is usually fire, even if its not the "fire" the AV is saying.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users