Need to see if your shared folder is taking up space on your dropbox 👨💻? Find out how to check here.
Forum Discussion
Solved
Antivirus detected malware in the Dropbox cache folder
I don't know if this is the right category. Also, I tried searching here for a solution first, but the posts were all locked.
I just started using Dropbox. I don't have many files in it. Since May 10, my virus software has found Gen:Variant.Kazy 512414 in my \.dropbox.cache. The file is ~834b6cda.tmp. The only thing I added on 5/10 is a pdf file from a trusted source. Could this be the problem? This has happened on 5/10, 5/15, 5/21 and 3 times today.
I read that the cache is automatically deleted every three days so it wouldn't be something that's staying in the cache. How should I deal with this because this has been a very easy and convenient way to share files between my i-things and my pc. Thanks.
(also, i tried using the malware and cache as tags, but it would not allow it)
Hey there Loni H. - sorry to jump in on this, my colleague Sanchez is out of office currently on a vacation leave. However, I'll be happy to help in the meantime.
In regards to what you mentioned now, kindly note that the Dropbox desktop client uses the ".dropbox.cache" folder as a staging area to download your files in small chunks during the syncing process.
Sometimes antivirus programs will pick up some of these partial files as false positives and continuously quarantine them. The problem here is that Dropbox keeps downloading the file in an attempt to sync the file down to your computer. To tackle this behavior you can either add the Dropbox cache folder to an ignore list so that Dropbox can correctly sync that file or/and as Sanchez has mentioned before me, temporarily disable your antivirus. Once synced and "Up to date", you should no longer see these warnings or quarantine messages.
Hopefully this will get you going Loni. Let me know if you need anything else in the meantime. Thank you!
11 Replies
Replies have been turned off for this discussion
- Sanchez
Dropbox Community Moderator
- Walter
Hey there Loni H. - sorry to jump in on this, my colleague Sanchez is out of office currently on a vacation leave. However, I'll be happy to help in the meantime.
In regards to what you mentioned now, kindly note that the Dropbox desktop client uses the ".dropbox.cache" folder as a staging area to download your files in small chunks during the syncing process.
Sometimes antivirus programs will pick up some of these partial files as false positives and continuously quarantine them. The problem here is that Dropbox keeps downloading the file in an attempt to sync the file down to your computer. To tackle this behavior you can either add the Dropbox cache folder to an ignore list so that Dropbox can correctly sync that file or/and as Sanchez has mentioned before me, temporarily disable your antivirus. Once synced and "Up to date", you should no longer see these warnings or quarantine messages.
Hopefully this will get you going Loni. Let me know if you need anything else in the meantime. Thank you!
Hello Sanchez
I can't deleta cache on my MacBookPro 2018, as following instructions "Go to Folder" doesn't bring me to cache folder
Can you help me with this matter ?
Thank you
Vlado
- Walter
Hey there VladoCedov - sorry to hear that!
Can you confirm that you're following these instructions on a computer that has had our desktop app installed and linked to an account at some point?
If so and you happen to be on a Business account, take a look here first:
If you have two accounts linked to the same desktop, the name of your Dropbox folder will be appended with your team name in parentheses or "(Personal)," depending on the type of account. For example, if you were clearing your cache on a Dropbox Business account called "Company" you'd see:
~/Dropbox (Company)/.dropbox.cache (this a mere example - you should replace the "Company" with your own Company's (or Team's for that matter) name.
I hope this helps Vlado and keep me posted on your progress.
Hello Walter, thank you for getting back to me.
At the end I managed to delete those files with my Kaspersky antivirus, but just after I quit Dropbox. Haven't had issues today, will see on next scan. I was following instructions for cache, they are really not that hard to follow, but they don't bring me to cache folder, as it looks like one doesn't exist ?
Did you have similar issue ? Is it because of Mojave OS ?
Best regards,
Vlado
- Walter
Thanks for the swift response and additional info Vlado - much appreciated.
I don't think that this has to do with your OS yet we'd need much more information about your current setup to be sure and also, I'm not sure is if this is related to a recent issue there was on Kaspersky's end (as per this thread) yet I'd also suggest contacting them to make sure about it.
Having said that, have you tried disabling Kaspersky and try looking for the cache folder afterwards? (I guess that's the exact opposite of what you did :laughing:)
Just note that our client (i.e. the desktop app) uses the ".dropbox.cache" folder as a staging area to download your files in small chunks. Sometimes antivirus programs will pick up these partial files as false positives and continuously quarantine them. The problem is that Dropbox keeps downloading the file in an attempt to sync the file down to your device. I would recommend adding the Dropbox cache folder to an ignore list so that Dropbox can correctly sync that file and/or temporarily disabling your antivirus. Once synced, you should no longer see these warnings or quarantine messages.
Let me know what you find Vlado!
Had the same problem. Popping up on all my machines.
Finally an answer that makes sense.
THANKS Walter!!!!Hello, I'm having the same issue. My windows defender keeps marking a file as extremely dangerous virus. which is coming from the cache folder.
One of your solutions is to tell the Anti-Virus to ignore the dropbox folder; I would do this.. HOWEVER; does Dropbox have their own anti-virus solution on their servers.. because potentially this will allow any potential viruses to freely enter our computer without being detected.
- Walter
If you're sure it's not malware you should be safe to do this HiroMarketing.
In regards to your query now, note that our file infrastructure is comprised of the following components:
1. Block servers
Block servers process files from the Dropbox applications by splitting each file into blocks, encrypting each block using a strong cipher and synchronising only blocks that have been modified between revisions. When a change is made, new or modified blocks are processed and transferred to the storage servers.
2. Metadata servers
Basic information about user data (including file names and types), called metadata, is kept in its own discrete storage service separate from file blocks. Metadata acts as an index for data in users’ accounts, and is sharded and replicated as needed to meet performance and high availability requirements.
3. Storage servers
The actual contents of users’ files are stored in encrypted blocks with this service. Each individual encrypted file block is retrieved based on its hash value, and an additional layer of encryption is provided for all file blocks at rest using a strong cipher.
4. Notification service
This is a separate service dedicated to monitoring if changes have been made to Dropbox accounts. No file data or metadata is stored or transferred here. Instead, clients establish a long poll connection to this service and wait for a change, which then signals a change to the relevant clients.
In any case, if you'd like account specific assistance with this, please let me know here and I'll send you an email to your Dropbox associated address to have a further look into this with all of my tools at my disposal.
Thanks!
