Same issue here with a few different apps. Weird that it didn't start until I reboot my MacBook Pro, then BAM! Non-stop pinging of the "Infection Blocked". Slowly filling up virus chest lol. If this truly is a false positive, then would doing what user @sw1ssb4nd1t be a temporary and/or safe fix?
@Lars two A/V products so far: AVG and Avast
More folks affected: https://twitter.com/search?q=libswiftDispatch.dylib&src=typd
Well, I have to correct my former statements. Even with restoring the files from avast, it only lasted for a few minutes. Just now, avast reported the files again. Looking forward to see Apple's reaction, as this is obviously not just 1password related. They might have a busy day today
Everyone else in this thread should take note of @sw1ssb4nd1t’s suggestion regarding the option to restore the files in Avast's Virus Chest. Note: this is not an AgileBits recommendation, because frankly, we haven't had a chance to install Avast and test this specifically. But that appears to solve the issue -- if you trust that the flagged libraries AREN'T actually coin-mining viruses.
Looks like Avast shut down their update service?
I'm getting the same issue. Avast quarantines MacOS.BitcCoinMiner-AS. Path begins with /applications/1password. Can't open the 1password app. Everything is up to date (at least the most up to date version of El Capitan).
@cashman12 just found the same issue with skype and avast found an infection there as well which is why i bothered opening skype
@knitterb - Thanks for the clarification, but to say that's two products isn't completely accurate: https://blog.avast.com/avast-and-avg-become-one
@Lars Ha! I'd not known about the acquisition until now. Thanks!!!
Ive tried to restore the file but it doesn't work.
Failed to extract chest item.
/System/Library/CoreServices/MRT.app/Contents/Frameworks/libswiftDispatch.dylib: File exists
I found this site because of AVAST flagging 'libswiftDispatch.dylib' as a Bitcoin Miner in these 3 locations on my MBP running High Sierra v 10.13.3:
At first I thought it was an offshoot of Avast creating website navigation errors due to Website Certificates being reported as Invalid. This happened to my VM last week and disabling Avast on the MAC corrected the problem. This reappeared last night on the VM and on the MAC for the first time.
I concur with the other posters who are reluctant to blindly accept this as a "coincidence."
Hope it is resolved soon.
@PJBKERNOW You could probably restore it with some Terminal commands. You might try to rename /System/Library/CoreServices/MRT.app/Contents/Frameworks/libswiftDispatch.dylib and then extract the chest item.
Hi everyone, I'm getting the same issue with Avast. I switched my macbook on and immediately got several "infection blocked!" messages.
I tried to restore as suggested but got the same error msg as @PJBKERNOW
Any other suggestions greatly appreciated. I have not tech know how so don't even understand what's going on. I only have Chrome opened at the moment. I don't know what initiated the messages as I switched my macbook on?
Another 1Password user with the same problem. I first thought it was just me. Relieved to see that everyone else is having the same issue.
The iOS versions don't seem to be affected.
I'm running a full scan with Avast and I see other programs are affected, too.
I'm having the same issue. Avast quarantined 1password, Xcode files and uBar.
Ive been getting the same alerts, only for something called the MRT.app I think. Im using Avast (never even heard of 1password before today) and what seems to have stopped the alerts for now was going to my preferences under Avast, then turning off the file shield, then turning it back on again. Ill let you know if anything changes, but its working for me.
@Lars This is the latest error file I am getting. Just updated Mac OS to the latest beta version the pop-ups vanished however my Skype and mindnode stopped working, removed and reinstalled mindnode and got the virus alert straight away with this file being moved to the virus chest.
Welcome to the forum, @Digital_Di! You sure picked an interesting day to join us. ;)
What likely initiated these messages is that Avast (or AVG) antivirus on your Mac updated its virus definitions and is now flagging libswiftDispatch.dylib as a coin-mining virus and quarantining it. That's why you're getting those pings and why 1Password won't be working for you at present. Unfortunately, I don't have any good suggestions for this, since the library that Avast/AVG is flagging is part of Apple's Swift language itself -- which means 1Password is most definitely not the only application that's showing up as "infected"; any application that uses this library -- and we've already had reports of ForkLift, Skype and other major applications -- are also affected.
The question is: is Avast right? That's one we can't answer definitively at this point (but we're looking into). Uninstalling Avast or AVG would likely stop the issue, but if you take that step and it turns out that Swift was really infected with this coin mining virus, it would be the wrong thing to have done. That's why we (AgileBits) can't really recommend you take such action at this time.
@FandomRiderX1 Just tried turning file shield off then on and it seems to work. No warning pop-ups since. Thanks
Lars - you are right in that it is not just 1Password. My Avast scan is currently running and I see that FCPX (Final Cut Pro) is also flagged.
Thank you @Lars for the information. I've switched off notifications for now so I can at least work without pop ups every few seconds!
I have the same problem. I don't even have 1password, just upgraded Avast and the advert is popping eternally.. I'm currently doing a scan to see if it can solve it.
The file that Avast is complaining about, libswiftDispatch.dylib comes from Apple's Software Development Kit and is automatically included among the Frameworks that are included in applications that use Swift, Apple's new-ish programming language.
It is exceedingly unlikely that such a file would have malicious content. After all, in the very unlikely event that Apple wanted to include malicious operations in the OS, they would be in a position to hide it much better. Furthermore, no other AV (as far as I know at this point) flagged that file as having malicious content.
Thank you to everyone who reported this. We were quite confident that this was a false alarm when I first saw the reports, but I wanted to investigate more fully before saying so.
It appears that Avast have not recently updated their definition for MacOS:BitCoinMiner-AS, and so whatever has triggered this false report at this time is likely to either be an update by Apple to libswiftDispatch.so or a change in Avast itself. My guess is the former, as otherwise we'd be hearing about this for thousands of apps instead of just those that have had recent updates (and so are built with newer versions of the Software Development Kit.)
@jpgoldberg so you're saying that avast may be mistaking something that Apple has put together for a trojan virus?
I've been monitoring a thread on the Avast forums. It looks like they are aware of this issue and are working on a fix.https://forum.avast.com/index.php?topic=216164.msg1449648#msg1449648
AVG has updated their virus definitions and I'm no longer experiencing this issue. I imagine Avast isn't far behind, if not already updated.